[Pkg-openssl-changes] r798 - in openssl/branches/1.1.0/debian: . patches po source
Kurt Roeckx
kroeckx at moszumanska.debian.org
Sat May 28 19:34:28 UTC 2016
Author: kroeckx
Date: 2016-05-28 19:34:28 +0000 (Sat, 28 May 2016)
New Revision: 798
Added:
openssl/branches/1.1.0/debian/d2i-tests.tar
openssl/branches/1.1.0/debian/libcrypto1.1-udeb.dirs
openssl/branches/1.1.0/debian/libssl1.1-udeb.dirs
openssl/branches/1.1.0/debian/libssl1.1.dirs
openssl/branches/1.1.0/debian/libssl1.1.files
openssl/branches/1.1.0/debian/libssl1.1.postinst
openssl/branches/1.1.0/debian/libssl1.1.symbols
openssl/branches/1.1.0/debian/libssl1.1.templates
openssl/branches/1.1.0/debian/patches/openssl_snapshot.patch
Removed:
openssl/branches/1.1.0/debian/libcrypto1.0.2-udeb.dirs
openssl/branches/1.1.0/debian/libssl1.0.2-udeb.dirs
openssl/branches/1.1.0/debian/libssl1.0.2.dirs
openssl/branches/1.1.0/debian/libssl1.0.2.files
openssl/branches/1.1.0/debian/libssl1.0.2.postinst
openssl/branches/1.1.0/debian/libssl1.0.2.symbols
openssl/branches/1.1.0/debian/libssl1.0.2.templates
openssl/branches/1.1.0/debian/patches/block_digicert_malaysia.patch
openssl/branches/1.1.0/debian/patches/block_diginotar.patch
openssl/branches/1.1.0/debian/patches/ca.patch
openssl/branches/1.1.0/debian/patches/disable_freelist.patch
openssl/branches/1.1.0/debian/patches/disable_sslv3_test.patch
openssl/branches/1.1.0/debian/patches/libdoc-manpgs-pod-spell.patch
openssl/branches/1.1.0/debian/patches/man-dir.patch
openssl/branches/1.1.0/debian/patches/shared-lib-ext.patch
openssl/branches/1.1.0/debian/patches/soname.patch
openssl/branches/1.1.0/debian/patches/valgrind.patch
openssl/branches/1.1.0/debian/patches/version-script.patch
Modified:
openssl/branches/1.1.0/debian/changelog
openssl/branches/1.1.0/debian/control
openssl/branches/1.1.0/debian/openssl.docs
openssl/branches/1.1.0/debian/patches/c_rehash-compat.patch
openssl/branches/1.1.0/debian/patches/debian-targets.patch
openssl/branches/1.1.0/debian/patches/engines-path.patch
openssl/branches/1.1.0/debian/patches/man-section.patch
openssl/branches/1.1.0/debian/patches/no-rpath.patch
openssl/branches/1.1.0/debian/patches/no-symbolic.patch
openssl/branches/1.1.0/debian/patches/series
openssl/branches/1.1.0/debian/po/POTFILES.in
openssl/branches/1.1.0/debian/rules
openssl/branches/1.1.0/debian/source/include-binaries
Log:
Initial version of 1.1.0 upstream version
Modified: openssl/branches/1.1.0/debian/changelog
===================================================================
--- openssl/branches/1.1.0/debian/changelog 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/changelog 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,10 +1,33 @@
-openssl (1.0.2h-2) unstable; urgency=medium
+openssl (1.1.0~pre5-1) experimental; urgency=medium
- * Re-add libdoc-manpgs-pod-spell.patch to series files (Closes: #813191)
+ * New upstream version with soname change. Upload to experimental.
+ - Rename binary packages
+ - Remove patches:
+ - block_diginotar.patch: All cross certificates expired in 2013
+ - block_digicert_malaysia.patch: intermediate certificates expired in
+ 2015
+ - man-dir.patch: Fixed upstream
+ - valgrind.patch: Upstream no longer adds the uninitialized data to the
+ RNG
+ - shared-lib-ext.patch: No longer needed
+ - version-script.patch: Upstream does symbol versioning itself now
+ - disable_freelist.patch: No longer needed
+ - soname.patch: Was to change to the 1.0.2 soname that upstream never had
+ - disable_sslv3_test.patch: Fixed upstream
+ - libdoc-manpgs-pod-spell.patch: Fixed upstream (Closes: #813191)
+ - Rewrite debian-targets.patch to work with the new configuration system.
+ - Update other patches to apply
+ - Update list of install docs
+ - Use DESTDIR instead of INSTALL_PREFIX
+ - Clean up more files
+ - Remove the configure option enable-tlsext no-ssl2 since they're no
+ longer supported.
+ * Add upstream snapshot:
+ - Add d2i-tests.tar to get new binary test files.
* Don't build i686 optimized version anymore on i386, it's now the default.
(Closes: #823774)
- -- Kurt Roeckx <kurt at roeckx.be> Sun, 08 May 2016 13:16:29 +0200
+ -- Kurt Roeckx <kurt at roeckx.be> Sat, 28 May 2016 20:58:31 +0200
openssl (1.0.2h-1) unstable; urgency=high
Modified: openssl/branches/1.1.0/debian/control
===================================================================
--- openssl/branches/1.1.0/debian/control 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/control 2016-05-28 19:34:28 UTC (rev 798)
@@ -27,7 +27,7 @@
* testing SSL/TLS clients and servers;
* handling S/MIME signed or encrypted mail.
-Package: libssl1.0.2
+Package: libssl1.1
Section: libs
Priority: important
Architecture: any
@@ -41,7 +41,7 @@
.
It provides the libssl and libcrypto shared libraries.
-Package: libcrypto1.0.2-udeb
+Package: libcrypto1.1-udeb
XC-Package-Type: udeb
Section: debian-installer
Priority: optional
@@ -55,7 +55,7 @@
It contains a version of the libcrypto shared library for use with the
Debian Installer. Do not install it on a normal system.
-Package: libssl1.0.2-udeb
+Package: libssl1.1-udeb
XC-Package-Type: udeb
Section: debian-installer
Priority: optional
@@ -72,7 +72,7 @@
Architecture: any
Multi-Arch: same
Recommends: libssl-doc
-Depends: libssl1.0.2 (= ${binary:Version}), zlib1g-dev, ${misc:Depends}
+Depends: libssl1.1 (= ${binary:Version}), zlib1g-dev, ${misc:Depends}
Description: Secure Sockets Layer toolkit - development files
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
@@ -95,12 +95,12 @@
.
It contains manpages and demo files for libssl and libcrypto.
-Package: libssl1.0.2-dbg
+Package: libssl1.1-dbg
Section: debug
Priority: extra
Architecture: any
Multi-Arch: same
-Depends: libssl1.0.2 (= ${binary:Version}), ${misc:Depends}
+Depends: libssl1.1 (= ${binary:Version}), ${misc:Depends}
Description: Secure Sockets Layer toolkit - debug information
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Added: openssl/branches/1.1.0/debian/d2i-tests.tar
===================================================================
(Binary files differ)
Property changes on: openssl/branches/1.1.0/debian/d2i-tests.tar
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
Deleted: openssl/branches/1.1.0/debian/libcrypto1.0.2-udeb.dirs
===================================================================
--- openssl/branches/1.1.0/debian/libcrypto1.0.2-udeb.dirs 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/libcrypto1.0.2-udeb.dirs 2016-05-28 19:34:28 UTC (rev 798)
@@ -1 +0,0 @@
-usr/lib
Copied: openssl/branches/1.1.0/debian/libcrypto1.1-udeb.dirs (from rev 797, openssl/branches/1.1.0/debian/libcrypto1.0.2-udeb.dirs)
===================================================================
--- openssl/branches/1.1.0/debian/libcrypto1.1-udeb.dirs (rev 0)
+++ openssl/branches/1.1.0/debian/libcrypto1.1-udeb.dirs 2016-05-28 19:34:28 UTC (rev 798)
@@ -0,0 +1 @@
+usr/lib
Deleted: openssl/branches/1.1.0/debian/libssl1.0.2-udeb.dirs
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.0.2-udeb.dirs 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/libssl1.0.2-udeb.dirs 2016-05-28 19:34:28 UTC (rev 798)
@@ -1 +0,0 @@
-usr/lib
Deleted: openssl/branches/1.1.0/debian/libssl1.0.2.dirs
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.0.2.dirs 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/libssl1.0.2.dirs 2016-05-28 19:34:28 UTC (rev 798)
@@ -1 +0,0 @@
-usr/share/doc/libssl1.0.2
Deleted: openssl/branches/1.1.0/debian/libssl1.0.2.files
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.0.2.files 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/libssl1.0.2.files 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,3 +0,0 @@
-usr/lib/*/*.so.*.*.*
-usr/lib/*/*/*.so.*.*.*
-usr/lib/*/openssl-1.0.2/engines
Deleted: openssl/branches/1.1.0/debian/libssl1.0.2.postinst
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.0.2.postinst 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/libssl1.0.2.postinst 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,207 +0,0 @@
-#!/bin/sh
-
-. /usr/share/debconf/confmodule
-
-set -e
-
-package_name()
-{
- echo $(basename $0 .postinst)
-}
-
-# element() is a helper function for file-rc:
-element() {
- local element list IFS
-
- element="$1"
-
- [ "$2" = "in" ] && shift
- list="$2"
- [ "$list" = "-" ] && return 1
- [ "$list" = "*" ] && return 0
-
- IFS=","
- set -- $list
- case $element in
- "$1"|"$2"|"$3"|"$4"|"$5"|"$6"|"$7"|"$8"|"$9")
- return 0
- esac
- return 1
-}
-
-# filerc (runlevel, service) returns /etc/init.d/service, if service is
-# running in $runlevel:
-filerc() {
- local runlevel basename
- runlevel=$1
- basename=$2
- while read LINE
- do
- case $LINE in
- \#*|"") continue
- esac
-
- set -- $LINE
- SORT_NO="$1"; STOP="$2"; START="$3"; CMD="$4"
- [ "$CMD" = "/etc/init.d/$basename" ] || continue
-
- if element "$runlevel" in "$START" || element "S" in "$START"
- then
- echo "/etc/init.d/$basename"
- return 0
- fi
- done < /etc/runlevel.conf
- echo ""
-}
-
-if [ "$1" = "configure" ]
-then
- if [ ! -z "$2" ]; then
- if dpkg --compare-versions "$2" lt 1.0.1g-2; then
- echo -n "Checking for services that may need to be restarted..."
- check="amanda-server anon-proxy apache2 apache-ssl"
- check="$check apf-firewall asterisk bacula-director-common"
- check="$check bacula-fd bacula-sd bind9 bip boinc-client"
- check="$check boxbackup-client boxbackup-server bozo cfengine2"
- check="$check cfengine3 citadel-server clamav-daemon clamav-freshclam"
- check="$check clamcour collectd-core conserver-server courier-imap-ssl"
- check="$check courier-mta-ssl courier-pop-ssl cyrus21-imapd"
- check="$check cyrus21-pop3d cyrus-common cyrus-imspd dovecot-core"
- check="$check ejabberd exim4 fetchmail freeradius ftpd-ssl gatling"
- check="$check globus-gatekeeper inn inn2 libapache-mod-ssl lighttpd lldpd"
- check="$check lwresd monit myproxy-server nagios-nrpe-server nginx-common"
- check="$check ntp openntpd openssh-server openvpn partimage-server"
- check="$check postfix postgresql-7.4 postgresql-8.0 postgresql-8.1"
- check="$check postgresql-8.2 postgresql-9.1 postgresql-9.2 postgresql-9.3"
- check="$check proftpd proftpd-ldap proftpd-basic"
- check="$check proftpd-mysql proftpd-pgsql racoon sendmail slapd"
- check="$check spamassassin ssh-nonfree stunnel4 syslog-ng tor unbound"
- check="$check vsftpd"
- # Only get the ones that are installed, and configured
- check=$(dpkg -s $check 2> /dev/null | egrep '^Package:|^Status:' | awk '{if ($1 ~ /^Package:/) { package=$2 } else if ($0 ~ /^Status: .* installed$/) { print package }}')
- # init script rewrites
- check=$(echo $check | sed "
- # The name of proftpd-{ldap,mysql,pgsql,basic} init script is
- # same as "proftpd".
- s/proftpd-.*/proftpd/g;
- # dovecot-core ships its init script, but the
- # script name is dovecot for dovecot-{imapd,pop3d}.
- s/dovecot-core/dovecot/g;
- # openssh-server's init script it called ssh
- s/openssh-server/ssh/g;
- # bacula-director-common's init is bacula-director
- s/bacula-director-common/bacula-director/g;
- # citadel server
- s/citadel-server/citadel/g;
- # collectd
- s/collectd-core/collectd/g;
- # cyrus
- s/cyrus-common/cyrus-imapd/g;
- # nginx
- s/nginx-common/nginx/g;
- ")
- echo "done."
- fi
- if dpkg --compare-versions "$2" lt 1.0.1g-3; then
- echo -n "Checking for services that may need to be restarted..."
- check2="chef chef-expander chef-server-api"
- check2="$check2 chef-solr pound postgresql-common"
- check2="$check2 prosody puppet puppetmaster snmpd"
-
- # Only get the ones that are installed, and configured
- check2=$(dpkg -s $check2 2> /dev/null | egrep '^Package:|^Status:' | awk '{if ($1 ~ /^Package:/) { package=$2 } else if ($0 ~ /^Status: .* installed$/) { print package }}')
- # init script rewrites
- check2=$(echo $check2 | sed -r "
- s/chef\s/chef-client/g;
- s/chef-server-api/chef-server/g;
- s/postgresql-common/postgresql/g;
- ")
- echo "done."
- if [ -n "$check2" ]; then
- check="$check $check2"
- fi
- fi
-
- if [ -n "$check" ]; then
- db_version 2.0
- echo "Checking init scripts..."
- for service in $check; do
- if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
- idl=$(ls /etc/init.d/${service} 2> /dev/null | head -n 1)
- if [ -n "$idl" ] && [ -x $idl ]; then
- services="$service $services"
- else
- echo "WARNING: init script for $service not found."
- fi
- else
- if [ -f /usr/share/file-rc/rc ] || [ -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then
-
- idl=$(filerc $rl $service)
- else
- idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
- fi
- if [ -n "$idl" ] && [ -x $idl ]; then
- services="$service $services"
- fi
- fi
- done
- if [ -n "$services" ]; then
- db_input critical libraries/restart-without-asking || true
- db_go || true
- db_get libraries/restart-without-asking
- if [ "x$RET" != xtrue ]; then
- db_reset libssl1.0.2/restart-services
- db_set libssl1.0.2/restart-services "$services"
- db_input critical libssl1.0.2/restart-services || true
- db_go || true
- db_get libssl1.0.2/restart-services
-
- if [ "x$RET" != "x" ]
- then
- services=$RET
- answer=yes
- else
- answer=no
- fi
- else
- answer=yes
- fi
- echo
- if [ "$answer" = yes ] && [ "$services" != "" ]; then
- echo "Restarting services possibly affected by the upgrade:"
- failed=""
- rl=$(runlevel | sed 's/.*\ //')
- for service in $services; do
- if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
- idl="invoke-rc.d ${service}"
- elif [ -f /usr/share/file-rc/rc ] || [ -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then
- idl=$(filerc $rl $service)
- else
- idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
- fi
-
- if ! $idl restart; then
- failed="$service $failed"
- fi
- done
- echo
- if [ -n "$failed" ]; then
- db_subst libssl1.0.2/restart-failed services "$failed"
- db_input critical libssl1.0.2/restart-failed || true
- db_go || true
- else
- echo "Services restarted successfully."
- fi
- echo
- fi
- else
- echo "Nothing to restart."
- fi
- # Shut down the frontend, to make sure none of the
- # restarted services keep a connection open to it
- db_stop
- fi # end upgrading and $2 lt 0.9.8c-2
- fi # Upgrading
-fi
-
-#DEBHELPER#
Deleted: openssl/branches/1.1.0/debian/libssl1.0.2.symbols
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.0.2.symbols 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/libssl1.0.2.symbols 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,6 +0,0 @@
-libcrypto.so.1.0.2 libssl1.0.2 #MINVER#
- *@OPENSSL_1.0.2d 1.0.2d
- *@OPENSSL_1.0.2g 1.0.2g
-libssl.so.1.0.2 libssl1.0.2 #MINVER#
- *@OPENSSL_1.0.2d 1.0.2d
- *@OPENSSL_1.0.2g 1.0.2g
Deleted: openssl/branches/1.1.0/debian/libssl1.0.2.templates
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.0.2.templates 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/libssl1.0.2.templates 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,30 +0,0 @@
-Template: libssl1.0.2/restart-services
-Type: string
-_Description: Services to restart to make them use the new libraries:
- This release of OpenSSL fixes some security issues. Services will not
- use these fixes until they are restarted. Please note that restarting
- the SSH server (sshd) should not affect any existing connections.
- .
- Please check the list of detected services that need to be restarted
- and correct it, if needed. The services names must be identical to the
- initialization script names in /etc/init.d and separated by
- spaces. No services will be restarted if the list is empty.
- .
- Any service that later fails unexpectedly after this upgrade should
- be restarted. It is recommended to reboot this host to avoid any
- SSL-related trouble.
-
-Template: libssl1.0.2/restart-failed
-Type: error
-#flag:translate!:3
-#flag:comment:2
-# This paragraph is followed by a (non translatable) paragraph containing
-# a list of services that could not be restarted
-_Description: Failure restarting some services for OpenSSL upgrade
- The following services could not be restarted for the OpenSSL library upgrade:
- .
- ${services}
- .
- You will need to start these manually by running
- '/etc/init.d/<service> start'.
-
Copied: openssl/branches/1.1.0/debian/libssl1.1-udeb.dirs (from rev 797, openssl/branches/1.1.0/debian/libssl1.0.2-udeb.dirs)
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.1-udeb.dirs (rev 0)
+++ openssl/branches/1.1.0/debian/libssl1.1-udeb.dirs 2016-05-28 19:34:28 UTC (rev 798)
@@ -0,0 +1 @@
+usr/lib
Copied: openssl/branches/1.1.0/debian/libssl1.1.dirs (from rev 797, openssl/branches/1.1.0/debian/libssl1.0.2.dirs)
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.1.dirs (rev 0)
+++ openssl/branches/1.1.0/debian/libssl1.1.dirs 2016-05-28 19:34:28 UTC (rev 798)
@@ -0,0 +1 @@
+usr/share/doc/libssl1.1
Copied: openssl/branches/1.1.0/debian/libssl1.1.files (from rev 797, openssl/branches/1.1.0/debian/libssl1.0.2.files)
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.1.files (rev 0)
+++ openssl/branches/1.1.0/debian/libssl1.1.files 2016-05-28 19:34:28 UTC (rev 798)
@@ -0,0 +1,3 @@
+usr/lib/*/*.so.*.*
+usr/lib/*/*/*.so.*.*
+usr/lib/*/openssl-1.1/engines
Copied: openssl/branches/1.1.0/debian/libssl1.1.postinst (from rev 797, openssl/branches/1.1.0/debian/libssl1.0.2.postinst)
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.1.postinst (rev 0)
+++ openssl/branches/1.1.0/debian/libssl1.1.postinst 2016-05-28 19:34:28 UTC (rev 798)
@@ -0,0 +1,207 @@
+#!/bin/sh
+
+. /usr/share/debconf/confmodule
+
+set -e
+
+package_name()
+{
+ echo $(basename $0 .postinst)
+}
+
+# element() is a helper function for file-rc:
+element() {
+ local element list IFS
+
+ element="$1"
+
+ [ "$2" = "in" ] && shift
+ list="$2"
+ [ "$list" = "-" ] && return 1
+ [ "$list" = "*" ] && return 0
+
+ IFS=","
+ set -- $list
+ case $element in
+ "$1"|"$2"|"$3"|"$4"|"$5"|"$6"|"$7"|"$8"|"$9")
+ return 0
+ esac
+ return 1
+}
+
+# filerc (runlevel, service) returns /etc/init.d/service, if service is
+# running in $runlevel:
+filerc() {
+ local runlevel basename
+ runlevel=$1
+ basename=$2
+ while read LINE
+ do
+ case $LINE in
+ \#*|"") continue
+ esac
+
+ set -- $LINE
+ SORT_NO="$1"; STOP="$2"; START="$3"; CMD="$4"
+ [ "$CMD" = "/etc/init.d/$basename" ] || continue
+
+ if element "$runlevel" in "$START" || element "S" in "$START"
+ then
+ echo "/etc/init.d/$basename"
+ return 0
+ fi
+ done < /etc/runlevel.conf
+ echo ""
+}
+
+if [ "$1" = "configure" ]
+then
+ if [ ! -z "$2" ]; then
+ if dpkg --compare-versions "$2" lt 1.0.1g-2; then
+ echo -n "Checking for services that may need to be restarted..."
+ check="amanda-server anon-proxy apache2 apache-ssl"
+ check="$check apf-firewall asterisk bacula-director-common"
+ check="$check bacula-fd bacula-sd bind9 bip boinc-client"
+ check="$check boxbackup-client boxbackup-server bozo cfengine2"
+ check="$check cfengine3 citadel-server clamav-daemon clamav-freshclam"
+ check="$check clamcour collectd-core conserver-server courier-imap-ssl"
+ check="$check courier-mta-ssl courier-pop-ssl cyrus21-imapd"
+ check="$check cyrus21-pop3d cyrus-common cyrus-imspd dovecot-core"
+ check="$check ejabberd exim4 fetchmail freeradius ftpd-ssl gatling"
+ check="$check globus-gatekeeper inn inn2 libapache-mod-ssl lighttpd lldpd"
+ check="$check lwresd monit myproxy-server nagios-nrpe-server nginx-common"
+ check="$check ntp openntpd openssh-server openvpn partimage-server"
+ check="$check postfix postgresql-7.4 postgresql-8.0 postgresql-8.1"
+ check="$check postgresql-8.2 postgresql-9.1 postgresql-9.2 postgresql-9.3"
+ check="$check proftpd proftpd-ldap proftpd-basic"
+ check="$check proftpd-mysql proftpd-pgsql racoon sendmail slapd"
+ check="$check spamassassin ssh-nonfree stunnel4 syslog-ng tor unbound"
+ check="$check vsftpd"
+ # Only get the ones that are installed, and configured
+ check=$(dpkg -s $check 2> /dev/null | egrep '^Package:|^Status:' | awk '{if ($1 ~ /^Package:/) { package=$2 } else if ($0 ~ /^Status: .* installed$/) { print package }}')
+ # init script rewrites
+ check=$(echo $check | sed "
+ # The name of proftpd-{ldap,mysql,pgsql,basic} init script is
+ # same as "proftpd".
+ s/proftpd-.*/proftpd/g;
+ # dovecot-core ships its init script, but the
+ # script name is dovecot for dovecot-{imapd,pop3d}.
+ s/dovecot-core/dovecot/g;
+ # openssh-server's init script it called ssh
+ s/openssh-server/ssh/g;
+ # bacula-director-common's init is bacula-director
+ s/bacula-director-common/bacula-director/g;
+ # citadel server
+ s/citadel-server/citadel/g;
+ # collectd
+ s/collectd-core/collectd/g;
+ # cyrus
+ s/cyrus-common/cyrus-imapd/g;
+ # nginx
+ s/nginx-common/nginx/g;
+ ")
+ echo "done."
+ fi
+ if dpkg --compare-versions "$2" lt 1.0.1g-3; then
+ echo -n "Checking for services that may need to be restarted..."
+ check2="chef chef-expander chef-server-api"
+ check2="$check2 chef-solr pound postgresql-common"
+ check2="$check2 prosody puppet puppetmaster snmpd"
+
+ # Only get the ones that are installed, and configured
+ check2=$(dpkg -s $check2 2> /dev/null | egrep '^Package:|^Status:' | awk '{if ($1 ~ /^Package:/) { package=$2 } else if ($0 ~ /^Status: .* installed$/) { print package }}')
+ # init script rewrites
+ check2=$(echo $check2 | sed -r "
+ s/chef\s/chef-client/g;
+ s/chef-server-api/chef-server/g;
+ s/postgresql-common/postgresql/g;
+ ")
+ echo "done."
+ if [ -n "$check2" ]; then
+ check="$check $check2"
+ fi
+ fi
+
+ if [ -n "$check" ]; then
+ db_version 2.0
+ echo "Checking init scripts..."
+ for service in $check; do
+ if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+ idl=$(ls /etc/init.d/${service} 2> /dev/null | head -n 1)
+ if [ -n "$idl" ] && [ -x $idl ]; then
+ services="$service $services"
+ else
+ echo "WARNING: init script for $service not found."
+ fi
+ else
+ if [ -f /usr/share/file-rc/rc ] || [ -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then
+
+ idl=$(filerc $rl $service)
+ else
+ idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
+ fi
+ if [ -n "$idl" ] && [ -x $idl ]; then
+ services="$service $services"
+ fi
+ fi
+ done
+ if [ -n "$services" ]; then
+ db_input critical libraries/restart-without-asking || true
+ db_go || true
+ db_get libraries/restart-without-asking
+ if [ "x$RET" != xtrue ]; then
+ db_reset libssl1.1/restart-services
+ db_set libssl1.1/restart-services "$services"
+ db_input critical libssl1.1/restart-services || true
+ db_go || true
+ db_get libssl1.1/restart-services
+
+ if [ "x$RET" != "x" ]
+ then
+ services=$RET
+ answer=yes
+ else
+ answer=no
+ fi
+ else
+ answer=yes
+ fi
+ echo
+ if [ "$answer" = yes ] && [ "$services" != "" ]; then
+ echo "Restarting services possibly affected by the upgrade:"
+ failed=""
+ rl=$(runlevel | sed 's/.*\ //')
+ for service in $services; do
+ if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+ idl="invoke-rc.d ${service}"
+ elif [ -f /usr/share/file-rc/rc ] || [ -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then
+ idl=$(filerc $rl $service)
+ else
+ idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
+ fi
+
+ if ! $idl restart; then
+ failed="$service $failed"
+ fi
+ done
+ echo
+ if [ -n "$failed" ]; then
+ db_subst libssl1.1/restart-failed services "$failed"
+ db_input critical libssl1.1/restart-failed || true
+ db_go || true
+ else
+ echo "Services restarted successfully."
+ fi
+ echo
+ fi
+ else
+ echo "Nothing to restart."
+ fi
+ # Shut down the frontend, to make sure none of the
+ # restarted services keep a connection open to it
+ db_stop
+ fi # end upgrading and $2 lt 0.9.8c-2
+ fi # Upgrading
+fi
+
+#DEBHELPER#
Copied: openssl/branches/1.1.0/debian/libssl1.1.symbols (from rev 797, openssl/branches/1.1.0/debian/libssl1.0.2.symbols)
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.1.symbols (rev 0)
+++ openssl/branches/1.1.0/debian/libssl1.1.symbols 2016-05-28 19:34:28 UTC (rev 798)
@@ -0,0 +1,4 @@
+libcrypto.so.1.1 libssl1.1 #MINVER#
+ *@OPENSSL_1_1_0 1.1.0~pre5
+libssl.so.1.1 libssl1.1 #MINVER#
+ *@OPENSSL_1_1_0 1.1.0~pre5
Copied: openssl/branches/1.1.0/debian/libssl1.1.templates (from rev 797, openssl/branches/1.1.0/debian/libssl1.0.2.templates)
===================================================================
--- openssl/branches/1.1.0/debian/libssl1.1.templates (rev 0)
+++ openssl/branches/1.1.0/debian/libssl1.1.templates 2016-05-28 19:34:28 UTC (rev 798)
@@ -0,0 +1,30 @@
+Template: libssl1.1/restart-services
+Type: string
+_Description: Services to restart to make them use the new libraries:
+ This release of OpenSSL fixes some security issues. Services will not
+ use these fixes until they are restarted. Please note that restarting
+ the SSH server (sshd) should not affect any existing connections.
+ .
+ Please check the list of detected services that need to be restarted
+ and correct it, if needed. The services names must be identical to the
+ initialization script names in /etc/init.d and separated by
+ spaces. No services will be restarted if the list is empty.
+ .
+ Any service that later fails unexpectedly after this upgrade should
+ be restarted. It is recommended to reboot this host to avoid any
+ SSL-related trouble.
+
+Template: libssl1.1/restart-failed
+Type: error
+#flag:translate!:3
+#flag:comment:2
+# This paragraph is followed by a (non translatable) paragraph containing
+# a list of services that could not be restarted
+_Description: Failure restarting some services for OpenSSL upgrade
+ The following services could not be restarted for the OpenSSL library upgrade:
+ .
+ ${services}
+ .
+ You will need to start these manually by running
+ '/etc/init.d/<service> start'.
+
Modified: openssl/branches/1.1.0/debian/openssl.docs
===================================================================
--- openssl/branches/1.1.0/debian/openssl.docs 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/openssl.docs 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,6 +1,7 @@
doc/fingerprints.txt
doc/HOWTO
-doc/openssl.txt
-doc/README
-doc/standards.txt
+README
+README.ECC
+README.ENGINE
+NEWS
FAQ
Deleted: openssl/branches/1.1.0/debian/patches/block_digicert_malaysia.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/block_digicert_malaysia.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/block_digicert_malaysia.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,26 +0,0 @@
-From: Raphael Geissert <geissert at debian.org>
-Description: make X509_verify_cert indicate that any certificate whose
- name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked.
-Forwarded: not-needed
-Origin: vendor
-Last-Update: 2011-11-05
-
-Index: openssl-1.0.2~beta1/crypto/x509/x509_vfy.c
-===================================================================
---- openssl-1.0.2~beta1.orig/crypto/x509/x509_vfy.c 2014-02-25 00:16:12.488028844 +0100
-+++ openssl-1.0.2~beta1/crypto/x509/x509_vfy.c 2014-02-25 00:16:12.484028929 +0100
-@@ -964,10 +964,11 @@
- for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
- {
- x = sk_X509_value(ctx->chain, i);
-- /* Mark DigiNotar certificates as revoked, no matter
-- * where in the chain they are.
-+ /* Mark certificates containing the following names as
-+ * revoked, no matter where in the chain they are.
- */
-- if (x->name && strstr(x->name, "DigiNotar"))
-+ if (x->name && (strstr(x->name, "DigiNotar") ||
-+ strstr(x->name, "Digicert Sdn. Bhd.")))
- {
- ctx->error = X509_V_ERR_CERT_REVOKED;
- ctx->error_depth = i;
Deleted: openssl/branches/1.1.0/debian/patches/block_diginotar.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/block_diginotar.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/block_diginotar.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,64 +0,0 @@
-From: Raphael Geissert <geissert at debian.org>
-Description: make X509_verify_cert indicate that any certificate whose
- name contains "DigiNotar" is revoked.
-Forwarded: not-needed
-Origin: vendor
-Last-Update: 2011-09-08
-Bug: http://bugs.debian.org/639744
-Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
-Reviewed-by: Dr Stephen N Henson <shenson at drh-consultancy.co.uk>
-
-This is not meant as final patch.
-
-Index: openssl-1.0.2g/crypto/x509/x509_vfy.c
-===================================================================
---- openssl-1.0.2g.orig/crypto/x509/x509_vfy.c
-+++ openssl-1.0.2g/crypto/x509/x509_vfy.c
-@@ -119,6 +119,7 @@ static int check_trust(X509_STORE_CTX *c
- static int check_revocation(X509_STORE_CTX *ctx);
- static int check_cert(X509_STORE_CTX *ctx);
- static int check_policy(X509_STORE_CTX *ctx);
-+static int check_ca_blacklist(X509_STORE_CTX *ctx);
-
- static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
- unsigned int *preasons, X509_CRL *crl, X509 *x);
-@@ -489,6 +490,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx
- if (!ok)
- goto err;
-
-+ ok = check_ca_blacklist(ctx);
-+ if(!ok) goto err;
-+
- #ifndef OPENSSL_NO_RFC3779
- /* RFC 3779 path validation, now that CRL check has been done */
- ok = v3_asid_validate_path(ctx);
-@@ -996,6 +1000,29 @@ static int check_crl_time(X509_STORE_CTX
- return 1;
- }
-
-+static int check_ca_blacklist(X509_STORE_CTX *ctx)
-+ {
-+ X509 *x;
-+ int i;
-+ /* Check all certificates against the blacklist */
-+ for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
-+ {
-+ x = sk_X509_value(ctx->chain, i);
-+ /* Mark DigiNotar certificates as revoked, no matter
-+ * where in the chain they are.
-+ */
-+ if (x->name && strstr(x->name, "DigiNotar"))
-+ {
-+ ctx->error = X509_V_ERR_CERT_REVOKED;
-+ ctx->error_depth = i;
-+ ctx->current_cert = x;
-+ if (!ctx->verify_cb(0,ctx))
-+ return 0;
-+ }
-+ }
-+ return 1;
-+ }
-+
- static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
- X509 **pissuer, int *pscore, unsigned int *preasons,
- STACK_OF(X509_CRL) *crls)
Modified: openssl/branches/1.1.0/debian/patches/c_rehash-compat.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/c_rehash-compat.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/c_rehash-compat.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -7,12 +7,12 @@
tools/c_rehash.in | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
-Index: openssl-1.0.2b/tools/c_rehash.in
+Index: openssl-1.1.0~pre5/tools/c_rehash.in
===================================================================
---- openssl-1.0.2b.orig/tools/c_rehash.in
-+++ openssl-1.0.2b/tools/c_rehash.in
-@@ -8,8 +8,6 @@ my $prefix;
-
+--- openssl-1.1.0~pre5.orig/tools/c_rehash.in
++++ openssl-1.1.0~pre5/tools/c_rehash.in
+@@ -11,8 +11,6 @@ my $prefix = {- quotify1($config{prefix}
+ my $errorcount = 0;
my $openssl = $ENV{OPENSSL} || "openssl";
my $pwd;
-my $x509hash = "-subject_hash";
@@ -20,7 +20,7 @@
my $verbose = 0;
my $symlink_exists=eval {symlink("",""); 1};
my $removelinks = 1;
-@@ -18,10 +16,7 @@ my $removelinks = 1;
+@@ -21,10 +19,7 @@ my $removelinks = 1;
while ( $ARGV[0] =~ /^-/ ) {
my $flag = shift @ARGV;
last if ( $flag eq '--');
@@ -32,17 +32,17 @@
help();
} elsif ( $flag eq '-n' ) {
$removelinks = 0;
-@@ -113,7 +108,9 @@ sub hash_dir {
+@@ -122,7 +117,9 @@ sub hash_dir {
next;
}
- link_hash_cert($fname) if($cert);
-+ link_hash_cert_old($fname) if($cert);
- link_hash_crl($fname) if($crl);
-+ link_hash_crl_old($fname) if($crl);
+ link_hash_cert($fname) if ($cert);
++ link_hash_cert_old($fname) if ($cert);
+ link_hash_crl($fname) if ($crl);
++ link_hash_crl_old($fname) if ($crl);
}
}
-@@ -146,6 +143,7 @@ sub check_file {
+@@ -155,6 +152,7 @@ sub check_file {
sub link_hash_cert {
my $fname = $_[0];
@@ -50,7 +50,7 @@
$fname =~ s/'/'\\''/g;
my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
chomp $hash;
-@@ -177,10 +175,20 @@ sub link_hash_cert {
+@@ -192,10 +190,20 @@ sub link_hash_cert {
$hashlist{$hash} = $fprint;
}
Deleted: openssl/branches/1.1.0/debian/patches/ca.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/ca.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/ca.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,20 +0,0 @@
-Index: openssl-0.9.8m/apps/CA.pl.in
-===================================================================
---- openssl-0.9.8m.orig/apps/CA.pl.in 2006-04-28 00:28:51.000000000 +0000
-+++ openssl-0.9.8m/apps/CA.pl.in 2010-02-27 00:36:51.000000000 +0000
-@@ -65,6 +65,7 @@
- foreach (@ARGV) {
- if ( /^(-\?|-h|-help)$/ ) {
- print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-+ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
- exit 0;
- } elsif (/^-newcert$/) {
- # create a certificate
-@@ -165,6 +166,7 @@
- } else {
- print STDERR "Unknown arg $_\n";
- print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-+ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
- exit 1;
- }
- }
Modified: openssl/branches/1.1.0/debian/patches/debian-targets.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/debian-targets.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/debian-targets.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,72 +1,34 @@
-Index: openssl-1.0.2g/Configure
+Index: openssl-1.1.0~pre5/Configurations/20-debian.conf
===================================================================
---- openssl-1.0.2g.orig/Configure
-+++ openssl-1.0.2g/Configure
-@@ -131,6 +131,10 @@ my $clang_devteam_warn = "-Wno-unused-pa
- # Warn that "make depend" should be run?
- my $warn_make_depend = 0;
-
-+# There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS
-+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . "-Wa,--noexecstack -Wall";
+--- /dev/null
++++ openssl-1.1.0~pre5/Configurations/20-debian.conf
+@@ -0,0 +1,29 @@
++my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . "-Wa,--noexecstack -Wall";
+$debian_cflags =~ s/\n/ /g;
++my $debian_ldflags = `dpkg-buildflags --get LDFLAGS`;
++$debian_ldflags =~ s/\n/ /g;
+
- my $strict_warnings = 0;
-
- my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
-@@ -367,6 +371,56 @@ my %table=(
- "osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
- "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
-
-+# Debian GNU/* (various architectures)
-+"debian-alpha","gcc:${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-alpha-ev4","gcc:${debian_cflags} -mcpu=ev4::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-alpha-ev5","gcc:${debian_cflags} -mcpu=ev5::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-arm64","gcc:-DL_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${aarch64_asm}:linux64:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-armel","gcc:-DL_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-armhf","gcc:-DL_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-amd64", "gcc:-m64 -DL_ENDIAN ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::",
-+"debian-avr32", "gcc:-DB_ENDIAN ${debian_cflags} -fomit-frame-pointer::-D_REENTRANT::-ldl:BN_LLONG_BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-kfreebsd-i386","gcc:-DL_ENDIAN ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-hppa","gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-hurd-i386","gcc:-DL_ENDIAN -O3 -Wa,--noexecstack -g -mtune=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ia64","gcc:${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386","gcc:-DL_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i486","gcc:-DL_ENDIAN ${debian_cflags} -march=i486::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i586","gcc:-DL_ENDIAN ${debian_cflags} -march=i586::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i686/cmov","gcc:-DL_ENDIAN ${debian_cflags} -march=i686::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-m68k","gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips", "gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mipsel", "gcc:-DL_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mipsn32", "gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mipsn32el", "gcc:-DL_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips64", "gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips64el", "gcc:-DL_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-i386", "gcc:-DL_ENDIAN ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-m68k", "gcc:-DB_ENDIAN ${debian_cflags}::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-sparc", "gcc:-DB_ENDIAN ${debian_cflags} -mv8::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-nios2", "gcc:-DB_ENDIAN ${debian_cflags}::(unknown)::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-alpha","gcc:${debian_cflags}::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-i386", "gcc:-DL_ENDIAN ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-mips","gcc:-DL_ENDIAN ${debian_cflags}::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-or1k", "gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-powerpc","gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-powerpcspe","gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ppc64","gcc:-m64 -DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ppc64el","gcc:-m64 -DL_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64le:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-s390","gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-s390x","gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh3", "gcc:-DL_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh4", "gcc:-DL_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh3eb", "gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh4eb", "gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-m32r","gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc","gcc:-DB_ENDIAN ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc-v8","gcc:-DB_ENDIAN ${debian_cflags} -mcpu=v8 -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc-v9","gcc:-DB_ENDIAN ${debian_cflags} -mcpu=v9 -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc64","gcc:-m64 -DB_ENDIAN ${debian_cflags} -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-x32","gcc:-mx32 -DL_ENDIAN ${debian_cflags} -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",
++%targets = (
++ "debian" => {
++ cflags => $debian_cflags,
++ lflags => add($debian_ldflags, "-pthread"),
++ },
++ "debian-alpha" => {
++ inherit_from => [ "linux-alpha-gcc", "debian" ],
++ },
++ "debian-alpha-ev4" => {
++ inherit_from => [ "debian-alpha" ],
++ cflags => add("-mcpu=ev4"),
++ },
++ "debian-alpha-ev5" => {
++ inherit_from => [ "debian-alpha" ],
++ cflags => add("-mcpu=ev5"),
++ },
++ "debian-arm64" => {
++ inherit_from => [ "linux-aarch64", "debian" ],
++ },
++ "debian-amd64" => {
++ inherit_from => [ "linux-x86_64", "debian" ],
++ },
++);
+
- ####
- #### Variety of LINUX:-)
- ####
Deleted: openssl/branches/1.1.0/debian/patches/disable_freelist.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/disable_freelist.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/disable_freelist.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,32 +0,0 @@
-From: Kurt Roeckx <kurt at roeckx.be>
-Subject: Disable the freelist
-
-We don't define OPENSSL_NO_BUF_FREELISTS globally sinc it changes structures and
-would break the ABI. Instead we just do it in the .c files that try to do
-something with it.
-
-Index: openssl-1.0.2/ssl/s3_both.c
-===================================================================
---- openssl-1.0.2.orig/ssl/s3_both.c
-+++ openssl-1.0.2/ssl/s3_both.c
-@@ -573,6 +573,7 @@ int ssl_verify_alarm_type(long type)
- return (al);
- }
-
-+#define OPENSSL_NO_BUF_FREELISTS
- #ifndef OPENSSL_NO_BUF_FREELISTS
- /*-
- * On some platforms, malloc() performance is bad enough that you can't just
-Index: openssl-1.0.2/ssl/ssl_lib.c
-===================================================================
---- openssl-1.0.2.orig/ssl/ssl_lib.c
-+++ openssl-1.0.2/ssl/ssl_lib.c
-@@ -162,6 +162,8 @@
-
- const char *SSL_version_str = OPENSSL_VERSION_TEXT;
-
-+#define OPENSSL_NO_BUF_FREELISTS
-+
- SSL3_ENC_METHOD ssl3_undef_enc_method = {
- /*
- * evil casts, but these functions are only called if there's a library
Deleted: openssl/branches/1.1.0/debian/patches/disable_sslv3_test.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/disable_sslv3_test.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/disable_sslv3_test.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,23 +0,0 @@
-From: Kurt Roeckx <kurt at roeckx.be>
-Date: Sun, 06 Sep 2015 16:04:11 +0200
-Subject: Disable SSLv3 test in test suite
-
-When testing SSLv3 the test program returns 0 for skip. The test for weak DH
-expects a failure, but gets success.
-
-It should probably be changed to return something other than 0 for a skipped
-test.
-
-Index: openssl-1.0.2d/test/testssl
-===================================================================
---- openssl-1.0.2d.orig/test/testssl
-+++ openssl-1.0.2d/test/testssl
-@@ -160,7 +160,7 @@ test_cipher() {
- }
-
- echo "Testing ciphersuites"
--for protocol in TLSv1.2 SSLv3; do
-+for protocol in TLSv1.2; do
- echo "Testing ciphersuites for $protocol"
- for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
- test_cipher $cipher $protocol
Modified: openssl/branches/1.1.0/debian/patches/engines-path.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/engines-path.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/engines-path.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,87 +1,53 @@
-Index: openssl-1.0.2~beta3/Makefile.org
+Index: openssl-1.1.0~pre5/Configurations/unix-Makefile.tmpl
===================================================================
---- openssl-1.0.2~beta3.orig/Makefile.org
-+++ openssl-1.0.2~beta3/Makefile.org
-@@ -541,7 +541,7 @@ install: all install_docs install_sw
- install_sw:
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
-- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
-+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
- $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
-Index: openssl-1.0.2~beta3/engines/Makefile
-===================================================================
---- openssl-1.0.2~beta3.orig/engines/Makefile
-+++ openssl-1.0.2~beta3/engines/Makefile
-@@ -107,13 +107,13 @@ install:
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- @if [ -n "$(SHARED_LIBS)" ]; then \
- set -e; \
-- $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \
-+ $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines; \
- for l in $(LIBNAMES); do \
- ( echo installing $$l; \
- pfx=lib; \
- if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
- sfx=".so"; \
-- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
-+ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines/$$pfx$$l$$sfx.new; \
- else \
- case "$(CFLAGS)" in \
- *DSO_BEOS*) sfx=".so";; \
-@@ -122,10 +122,10 @@ install:
- *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
- *) sfx=".bad";; \
- esac; \
-- cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
-+ cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines/$$pfx$$l$$sfx.new; \
- fi; \
-- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
-- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
-+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines/$$pfx$$l$$sfx.new; \
-+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines/$$pfx$$l$$sfx ); \
- done; \
- fi
- @target=install; $(RECURSIVE_MAKE)
-Index: openssl-1.0.2~beta3/Configure
-===================================================================
---- openssl-1.0.2~beta3.orig/Configure
-+++ openssl-1.0.2~beta3/Configure
-@@ -1893,7 +1893,7 @@ while (<IN>)
- }
- elsif (/^#define\s+ENGINESDIR/)
- {
-- my $foo = "$prefix/$libdir/engines";
-+ my $foo = "$prefix/$libdir/openssl-1.0.2/engines";
- $foo =~ s/\\/\\\\/g;
- print OUT "#define ENGINESDIR \"$foo\"\n";
- }
-Index: openssl-1.0.2~beta3/engines/ccgost/Makefile
-===================================================================
---- openssl-1.0.2~beta3.orig/engines/ccgost/Makefile
-+++ openssl-1.0.2~beta3/engines/ccgost/Makefile
-@@ -47,7 +47,7 @@ install:
- pfx=lib; \
- if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
- sfx=".so"; \
-- cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
-+ cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines/$${pfx}$(LIBNAME)$$sfx.new; \
- else \
- case "$(CFLAGS)" in \
- *DSO_BEOS*) sfx=".so";; \
-@@ -56,10 +56,10 @@ install:
- *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
- *) sfx=".bad";; \
- esac; \
-- cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
-+ cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+--- openssl-1.1.0~pre5.orig/Configurations/unix-Makefile.tmpl
++++ openssl-1.1.0~pre5/Configurations/unix-Makefile.tmpl
+@@ -138,7 +138,7 @@ LIBDIR={- #
+ our $libdir = $config{libdir} || "lib$multilib";
+ $libdir -}
+ ENGINESDIR={- use File::Spec::Functions;
+- catdir($prefix,$libdir,"engines") -}
++ catdir($prefix,$libdir,"openssl-1.1/engines") -}
+
+ MANDIR=$(INSTALLTOP)/share/man
+ DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)
+@@ -404,7 +404,7 @@ uninstall_dev:
+
+ install_engines:
+ @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
+- @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/
++ @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/openssl-1.1/engines/
+ @echo "*** Installing engines"
+ @set -e; for e in dummy $(ENGINES); do \
+ if [ "$$e" = "dummy" ]; then continue; fi; \
+@@ -412,11 +412,11 @@ install_engines:
+ if [ "$$fn" = '{- dso("ossltest") -}' ]; then \
+ continue; \
fi; \
-- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
-- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \
-+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines/$${pfx}$(LIBNAME)$$sfx.new; \
-+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/openssl-1.0.2/engines/$${pfx}$(LIBNAME)$$sfx; \
- fi
+- echo "install $$e -> $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$$fn"; \
+- cp $$e $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$$fn.new; \
+- chmod 755 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$$fn.new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$$fn.new \
+- $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$$fn; \
++ echo "install $$e -> $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/openssl-1.1/engines/$$fn"; \
++ cp $$e $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/openssl-1.1/engines/$$fn.new; \
++ chmod 755 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/openssl-1.1/engines/$$fn.new; \
++ mv -f $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/openssl-1.1/engines/$$fn.new \
++ $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/openssl-1.1/engines/$$fn; \
+ done
- links:
+ uninstall_engines:
+@@ -427,10 +427,10 @@ uninstall_engines:
+ if [ "$$fn" = '{- dso("ossltest") -}' ]; then \
+ continue; \
+ fi; \
+- echo "$(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$$fn"; \
+- $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$$fn; \
++ echo "$(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/openssl-1.1/engines/$$fn"; \
++ $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/openssl-1.1/engines/$$fn; \
+ done
+- -$(RMDIR) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines
++ -$(RMDIR) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/openssl-1.1/engines
+
+ install_runtime:
+ @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
Deleted: openssl/branches/1.1.0/debian/patches/libdoc-manpgs-pod-spell.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/libdoc-manpgs-pod-spell.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/libdoc-manpgs-pod-spell.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,13 +0,0 @@
-Index: openssl-1.0.2~beta2/doc/crypto/EVP_PKEY_cmp.pod
-===================================================================
---- openssl-1.0.2~beta2.orig/doc/crypto/EVP_PKEY_cmp.pod
-+++ openssl-1.0.2~beta2/doc/crypto/EVP_PKEY_cmp.pod
-@@ -26,7 +26,7 @@ B<from> to key B<to>.
- The function EVP_PKEY_cmp_parameters() compares the parameters of keys
- B<a> and B<b>.
-
--The function EVP_PKEY_cmp() compares the public key components and paramters
-+The function EVP_PKEY_cmp() compares the public key components and parameters
- (if present) of keys B<a> and B<b>.
-
- =head1 NOTES
Deleted: openssl/branches/1.1.0/debian/patches/man-dir.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/man-dir.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/man-dir.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,13 +0,0 @@
-Index: openssl-1.0.0c/Makefile.org
-===================================================================
---- openssl-1.0.0c.orig/Makefile.org 2010-12-12 16:11:27.000000000 +0100
-+++ openssl-1.0.0c/Makefile.org 2010-12-12 16:11:37.000000000 +0100
-@@ -131,7 +131,7 @@
-
- MAKEFILE= Makefile
-
--MANDIR=$(OPENSSLDIR)/man
-+MANDIR=/usr/share/man
- MAN1=1
- MAN3=3
- MANSUFFIX=
Modified: openssl/branches/1.1.0/debian/patches/man-section.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/man-section.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/man-section.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,32 +1,23 @@
-Index: openssl-1.0.0c/Makefile.org
+Index: openssl-1.1.0/Configurations/unix-Makefile.tmpl
===================================================================
---- openssl-1.0.0c.orig/Makefile.org 2010-12-12 16:11:37.000000000 +0100
-+++ openssl-1.0.0c/Makefile.org 2010-12-12 16:13:28.000000000 +0100
-@@ -134,7 +134,8 @@
- MANDIR=/usr/share/man
- MAN1=1
- MAN3=3
+--- openssl-1.1.0.orig/Configurations/unix-Makefile.tmpl
++++ openssl-1.1.0/Configurations/unix-Makefile.tmpl
+@@ -147,7 +147,8 @@ HTMLDIR=$(DOCDIR)/html
+ # MANSUFFIX is for the benefit of anyone who may want to have a suffix
+ # appended after the manpage file section number. "ssl" is popular,
+ # resulting in files such as config.5ssl rather than config.5.
-MANSUFFIX=
+MANSUFFIX=ssl
+MANSECTION=SSL
HTMLSUFFIX=html
- HTMLDIR=$(OPENSSLDIR)/html
- SHELL=/bin/sh
-@@ -606,7 +607,7 @@
- echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- (cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$$pod2man \
-- --section=$$sec --center=OpenSSL \
-+ --section=$${sec}$(MANSECTION) --center=OpenSSL \
- --release=$(VERSION) `basename $$i`") \
- > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
-@@ -623,7 +624,7 @@
- echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- (cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$$pod2man \
-- --section=$$sec --center=OpenSSL \
-+ --section=$${sec}$(MANSECTION) --center=OpenSSL \
- --release=$(VERSION) `basename $$i`") \
- > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
- $(PERL) util/extract-names.pl < $$i | \
+
+
+@@ -597,7 +598,7 @@ install_man_docs:
+ @\
+ OUTSUFFIX='.$${SEC}$(MANSUFFIX)'; \
+ OUTTOP="$(DESTDIR)$(MANDIR)"; \
+- GENERATE='pod2man --name=$$NAME --section=$$SEC --center=OpenSSL --release=$(VERSION)'; \
++ GENERATE='pod2man --name=$$NAME --section="$$SEC""$(MANSECTION)" --center=OpenSSL --release=$(VERSION)'; \
+ $(PROCESS_PODS)
+
+ uninstall_man_docs:
Modified: openssl/branches/1.1.0/debian/patches/no-rpath.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/no-rpath.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/no-rpath.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,13 +1,13 @@
-Index: openssl-1.0.0c/Makefile.shared
+Index: openssl-1.1.0~pre5/Makefile.shared
===================================================================
---- openssl-1.0.0c.orig/Makefile.shared 2010-08-21 13:36:49.000000000 +0200
-+++ openssl-1.0.0c/Makefile.shared 2010-12-12 16:13:36.000000000 +0100
-@@ -153,7 +153,7 @@
+--- openssl-1.1.0~pre5.orig/Makefile.shared
++++ openssl-1.1.0~pre5/Makefile.shared
+@@ -175,7 +175,7 @@ DO_GNU_SO=\
+ ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+ $(DO_GNU_SO_COMMON)
+-DO_GNU_APP=LDFLAGS="$(CFLAGS) $(LDFLAGS) -Wl,-rpath,$(LIBRPATH)"
++DO_GNU_APP=LDFLAGS="$(CFLAGS) $(LDFLAGS)"
--DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
-+DO_GNU_APP=LDFLAGS="$(CFLAGS)"
-
#This is rather special. It's a special target with which one can link
#applications without bothering with any features that have anything to
Modified: openssl/branches/1.1.0/debian/patches/no-symbolic.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/no-symbolic.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/no-symbolic.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,13 +1,13 @@
-Index: openssl-1.0.0c/Makefile.shared
+Index: openssl-1.1.0~pre5/Makefile.shared
===================================================================
---- openssl-1.0.0c.orig/Makefile.shared 2010-12-12 16:13:36.000000000 +0100
-+++ openssl-1.0.0c/Makefile.shared 2010-12-12 16:13:44.000000000 +0100
-@@ -151,7 +151,7 @@
- SHLIB_SUFFIX=; \
- ALLSYMSFLAGS='-Wl,--whole-archive'; \
- NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+--- openssl-1.1.0~pre5.orig/Makefile.shared
++++ openssl-1.1.0~pre5/Makefile.shared
+@@ -163,7 +163,7 @@ LINK_SO_SHLIB_UNPACKED= \
+ DETECT_GNU_LD=($(CC) -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
+
+ DO_GNU_SO_COMMON=\
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-
- DO_GNU_APP=LDFLAGS="$(CFLAGS)"
-
+ DO_GNU_DSO=\
+ SHLIB=$(LIBNAME).so; \
+ SHLIB_SOVER=; \
Added: openssl/branches/1.1.0/debian/patches/openssl_snapshot.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/openssl_snapshot.patch (rev 0)
+++ openssl/branches/1.1.0/debian/patches/openssl_snapshot.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -0,0 +1,134188 @@
+diff --git a/.gitattributes b/.gitattributes
+new file mode 100644
+index 0000000..1504fc6
+--- /dev/null
++++ b/.gitattributes
+@@ -0,0 +1 @@
++*.der binary
+diff --git a/.gitignore b/.gitignore
+index a6f5bf7..2f99952 100644
+--- a/.gitignore
++++ b/.gitignore
+@@ -57,6 +57,14 @@ Makefile
+
+ # Executables
+ /apps/openssl
++/fuzz/asn1
++/fuzz/asn1parse
++/fuzz/bignum
++/fuzz/bndiv
++/fuzz/conf
++/fuzz/cms
++/fuzz/server
++/fuzz/x509
+ /test/sha256t
+ /test/sha512t
+ /test/gost2814789t
+@@ -71,6 +79,8 @@ Makefile
+ /test/fips_ecdsavs
+ /test/fips_rngvs
+ /test/fips_test_suite
++/test/ssltest_old
++/test/x509aux
+ *.so*
+ *.dylib*
+ *.dll*
+diff --git a/.travis.yml b/.travis.yml
+index f180a44..78cee30 100644
+--- a/.travis.yml
++++ b/.travis.yml
+@@ -23,11 +23,9 @@ compiler:
+ - gcc
+
+ env:
+- - CONFIG_OPTS=""
++ - CONFIG_OPTS="" DESTDIR="_install"
+ - CONFIG_OPTS="--debug no-shared enable-crypto-mdebug enable-rc5 enable-md2"
+ - CONFIG_OPTS="--strict-warnings no-shared" BUILDONLY="yes"
+- - CONFIG_OPTS="--classic no-shared" BUILDONLY="yes"
+- - CONFIG_OPTS="--classic" BUILDONLY="yes"
+ - CONFIG_OPTS="no-pic --strict-warnings" BUILDONLY="yes"
+ - CONFIG_OPTS="no-engine no-shared --strict-warnings" BUILDONLY="yes"
+
+@@ -60,34 +58,24 @@ matrix:
+ before_script:
+ - sh .travis-create-release.sh $TRAVIS_OS_NAME
+ - tar -xvzf _srcdist.tar.gz
+- - if echo "$CONFIG_OPTS" | grep -e "--classic" >/dev/null; then
+- srcdir=.;
+- cd _srcdist;
+- else
+- srcdir=../_srcdist;
+- mkdir _build;
+- cd _build;
+- fi
++ - mkdir _build;
++ - cd _build;
+ - if [ "$CC" == i686-w64-mingw32-gcc ]; then
+ export CROSS_COMPILE=${CC%%gcc}; unset CC;
+- $srcdir/Configure mingw $CONFIG_OPTS -Wno-pedantic-ms-format;
++ ../_srcdist/Configure mingw $CONFIG_OPTS -Wno-pedantic-ms-format;
+ elif [ "$CC" == x86_64-w64-mingw32-gcc ]; then
+ export CROSS_COMPILE=${CC%%gcc}; unset CC;
+- $srcdir/Configure mingw64 $CONFIG_OPTS -Wno-pedantic-ms-format;
++ ../_srcdist/Configure mingw64 $CONFIG_OPTS -Wno-pedantic-ms-format;
+ else
+ if which ccache >/dev/null && [ "$CC" != clang-3.6 ]; then
+ CC="ccache $CC";
+ fi;
+- $srcdir/config $CONFIG_OPTS;
++ ../_srcdist/config $CONFIG_OPTS;
+ fi
+ - cd ..
+
+ script:
+- - if echo "$CONFIG_OPTS" | grep -e "--classic" >/dev/null; then
+- cd _srcdist;
+- else
+- cd _build;
+- fi
++ - cd _build;
+ - make
+ - if [ -z "$BUILDONLY" ]; then
+ if [ -n "$CROSS_COMPILE" ]; then
+@@ -97,6 +85,10 @@ script:
+ else
+ make build_tests;
+ fi
++ - if [ -n "$DESTDIR" ]; then
++ mkdir "../$DESTDIR";
++ make install DESTDIR="../$DESTDIR";
++ fi
+ - cd ..
+
+ notifications:
+diff --git a/AUTHORS b/AUTHORS
+new file mode 100644
+index 0000000..48211a2
+--- /dev/null
++++ b/AUTHORS
+@@ -0,0 +1,21 @@
++ Andy Polyakov
++ Ben Laurie
++ Bodo Möller
++ Emilia Käsper
++ Eric Young
++ Geoff Thorpe
++ Holger Reif
++ Kurt Roeckx
++ Lutz Jänicke
++ Mark J. Cox
++ Matt Caswell
++ Nils Larsch
++ Paul C. Sutton
++ Ralf S. Engelschall
++ Rich Salz
++ Richard Levitte
++ Stephen Henson
++ Steve Marquess
++ Tim Hudson
++ Ulf Möller
++ Viktor Dukhovni
+diff --git a/CHANGES b/CHANGES
+index 477d185..541efc3 100644
+--- a/CHANGES
++++ b/CHANGES
+@@ -2,7 +2,55 @@
+ OpenSSL CHANGES
+ _______________
+
+- Changes between 1.0.2g and 1.1.0 [xx XXX xxxx]
++ Changes between 1.0.2h and 1.1.0 [xx XXX 2016]
++
++ *) The stack and lhash API's were renamed to start with OPENSSL_SK_
++ and OPENSSL_LH_, respectively. The old names are available
++ with API compatibility. They new names are now completely documented.
++ [Rich Salz]
++
++ *) Unify TYPE_up_ref(obj) methods signature.
++ SSL_CTX_up_ref(), SSL_up_ref(), X509_up_ref(), EVP_PKEY_up_ref(),
++ X509_CRL_up_ref(), X509_OBJECT_up_ref_count() methods are now returning an
++ int (instead of void) like all others TYPE_up_ref() methods.
++ So now these methods also check the return value of CRYPTO_atomic_add(),
++ and the validity of object reference counter.
++ [fdasilvayy at gmail.com]
++
++ *) With Windows Visual Studio builds, the .pdb files are installed
++ alongside the installed libraries and executables. For a static
++ library installation, ossl_static.pdb is the associate compiler
++ generated .pdb file to be used when linking programs.
++ [Richard Levitte]
++
++ *) Remove openssl.spec. Packaging files belong with the packagers.
++ [Richard Levitte]
++
++ *) Automatic Darwin/OSX configuration has had a refresh, it will now
++ recognise x86_64 architectures automatically. You can still decide
++ to build for a different bitness with the environment variable
++ KERNEL_BITS (can be 32 or 64), for example:
++
++ KERNEL_BITS=32 ./config
++
++ [Richard Levitte]
++
++ *) Change default algorithms in pkcs8 utility to use PKCS#5 v2.0,
++ 256 bit AES and HMAC with SHA256.
++ [Steve Henson]
++
++ *) Remove support for MIPS o32 ABI on IRIX (and IRIX only).
++ [Andy Polyakov]
++
++ *) Triple-DES ciphers have been moved from HIGH to MEDIUM.
++ [Rich Salz]
++
++ *) To enable users to have their own config files and build file templates,
++ Configure looks in the directory indicated by the environment variable
++ OPENSSL_LOCAL_CONFIG_DIR as well as the in-source Configurations/
++ directory. On VMS, OPENSSL_LOCAL_CONFIG_DIR is expected to be a logical
++ name and is used as is.
++ [Richard Levitte]
+
+ *) The following datatypes were made opaque: X509_OBJECT, X509_STORE_CTX,
+ X509_STORE, X509_LOOKUP, and X509_LOOKUP_METHOD. The unused type
+@@ -988,6 +1036,103 @@
+ validated when establishing a connection.
+ [Rob Percival <robpercival at google.com>]
+
++ Changes between 1.0.2g and 1.0.2h [3 May 2016]
++
++ *) Prevent padding oracle in AES-NI CBC MAC check
++
++ A MITM attacker can use a padding oracle attack to decrypt traffic
++ when the connection uses an AES CBC cipher and the server support
++ AES-NI.
++
++ This issue was introduced as part of the fix for Lucky 13 padding
++ attack (CVE-2013-0169). The padding check was rewritten to be in
++ constant time by making sure that always the same bytes are read and
++ compared against either the MAC or padding bytes. But it no longer
++ checked that there was enough data to have both the MAC and padding
++ bytes.
++
++ This issue was reported by Juraj Somorovsky using TLS-Attacker.
++ (CVE-2016-2107)
++ [Kurt Roeckx]
++
++ *) Fix EVP_EncodeUpdate overflow
++
++ An overflow can occur in the EVP_EncodeUpdate() function which is used for
++ Base64 encoding of binary data. If an attacker is able to supply very large
++ amounts of input data then a length check can overflow resulting in a heap
++ corruption.
++
++ Internally to OpenSSL the EVP_EncodeUpdate() function is primarily used by
++ the PEM_write_bio* family of functions. These are mainly used within the
++ OpenSSL command line applications, so any application which processes data
++ from an untrusted source and outputs it as a PEM file should be considered
++ vulnerable to this issue. User applications that call these APIs directly
++ with large amounts of untrusted data may also be vulnerable.
++
++ This issue was reported by Guido Vranken.
++ (CVE-2016-2105)
++ [Matt Caswell]
++
++ *) Fix EVP_EncryptUpdate overflow
++
++ An overflow can occur in the EVP_EncryptUpdate() function. If an attacker
++ is able to supply very large amounts of input data after a previous call to
++ EVP_EncryptUpdate() with a partial block then a length check can overflow
++ resulting in a heap corruption. Following an analysis of all OpenSSL
++ internal usage of the EVP_EncryptUpdate() function all usage is one of two
++ forms. The first form is where the EVP_EncryptUpdate() call is known to be
++ the first called function after an EVP_EncryptInit(), and therefore that
++ specific call must be safe. The second form is where the length passed to
++ EVP_EncryptUpdate() can be seen from the code to be some small value and
++ therefore there is no possibility of an overflow. Since all instances are
++ one of these two forms, it is believed that there can be no overflows in
++ internal code due to this problem. It should be noted that
++ EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths.
++ Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances
++ of these calls have also been analysed too and it is believed there are no
++ instances in internal usage where an overflow could occur.
++
++ This issue was reported by Guido Vranken.
++ (CVE-2016-2106)
++ [Matt Caswell]
++
++ *) Prevent ASN.1 BIO excessive memory allocation
++
++ When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()
++ a short invalid encoding can cause allocation of large amounts of memory
++ potentially consuming excessive resources or exhausting memory.
++
++ Any application parsing untrusted data through d2i BIO functions is
++ affected. The memory based functions such as d2i_X509() are *not* affected.
++ Since the memory based functions are used by the TLS library, TLS
++ applications are not affected.
++
++ This issue was reported by Brian Carpenter.
++ (CVE-2016-2109)
++ [Stephen Henson]
++
++ *) EBCDIC overread
++
++ ASN1 Strings that are over 1024 bytes can cause an overread in applications
++ using the X509_NAME_oneline() function on EBCDIC systems. This could result
++ in arbitrary stack data being returned in the buffer.
++
++ This issue was reported by Guido Vranken.
++ (CVE-2016-2176)
++ [Matt Caswell]
++
++ *) Modify behavior of ALPN to invoke callback after SNI/servername
++ callback, such that updates to the SSL_CTX affect ALPN.
++ [Todd Short]
++
++ *) Remove LOW from the DEFAULT cipher list. This removes singles DES from the
++ default.
++ [Kurt Roeckx]
++
++ *) Only remove the SSLv2 methods with the no-ssl2-method option. When the
++ methods are enabled and ssl2 is disabled the methods return NULL.
++ [Kurt Roeckx]
++
+ Changes between 1.0.2f and 1.0.2g [1 Mar 2016]
+
+ * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
+@@ -1226,7 +1371,7 @@
+
+ *) Alternate chains certificate forgery
+
+- During certificate verfification, OpenSSL will attempt to find an
++ During certificate verification, OpenSSL will attempt to find an
+ alternative certificate chain if the first attempt to build such a chain
+ fails. An error in the implementation of this logic can mean that an
+ attacker could cause certain checks on untrusted certificates to be
+@@ -1484,7 +1629,7 @@
+
+ *) Facilitate "universal" ARM builds targeting range of ARM ISAs, e.g.
+ ARMv5 through ARMv8, as opposite to "locking" it to single one.
+- So far those who have to target multiple plaforms would compromise
++ So far those who have to target multiple platforms would compromise
+ and argue that binary targeting say ARMv5 would still execute on
+ ARMv8. "Universal" build resolves this compromise by providing
+ near-optimal performance even on newer platforms.
+@@ -1544,7 +1689,7 @@
+ [Steve Henson]
+
+ *) Use algorithm specific chains in SSL_CTX_use_certificate_chain_file():
+- this fixes a limiation in previous versions of OpenSSL.
++ this fixes a limitation in previous versions of OpenSSL.
+ [Steve Henson]
+
+ *) Extended RSA OAEP support via EVP_PKEY API. Options to specify digest,
+@@ -1653,7 +1798,7 @@
+
+ *) Add support for certificate stores in CERT structure. This makes it
+ possible to have different stores per SSL structure or one store in
+- the parent SSL_CTX. Include distint stores for certificate chain
++ the parent SSL_CTX. Include distinct stores for certificate chain
+ verification and chain building. New ctrl SSL_CTRL_BUILD_CERT_CHAIN
+ to build and store a certificate chain in CERT structure: returing
+ an error if the chain cannot be built: this will allow applications
+@@ -1716,7 +1861,7 @@
+ [Steve Henson]
+
+ *) Integrate hostname, email address and IP address checking with certificate
+- verification. New verify options supporting checking in opensl utility.
++ verification. New verify options supporting checking in openssl utility.
+ [Steve Henson]
+
+ *) Fixes and wildcard matching support to hostname and email checking
+diff --git a/CONTRIBUTING b/CONTRIBUTING
+index 3b84ce31..1bfbc1b 100644
+--- a/CONTRIBUTING
++++ b/CONTRIBUTING
+@@ -1,42 +1,68 @@
+-HOW TO CONTRIBUTE TO OpenSSL
+-----------------------------
++HOW TO CONTRIBUTE TO PATCHES OpenSSL
++------------------------------------
+
+-Development is coordinated on the openssl-dev mailing list (see
+-http://www.openssl.org for information on subscribing). If you
+-would like to submit a patch, send it to rt at openssl.org with
+-the string "[PATCH]" in the subject. Please be sure to include a
+-textual explanation of what your patch does.
+-
+-You can also make GitHub pull requests. If you do this, please also send
+-mail to rt at openssl.org with a brief description and a link to the PR so
+-that we can more easily keep track of it.
++(Please visit https://openssl.org/community/getting-started.html for
++other ideas about how to contribute.)
+
++Development is coordinated on the openssl-dev mailing list (see the
++above link or http://mta.openssl.org for information on subscribing).
+ If you are unsure as to whether a feature will be useful for the general
+-OpenSSL community please discuss it on the openssl-dev mailing list first.
+-Someone may be already working on the same thing or there may be a good
+-reason as to why that feature isn't implemented.
+-
+-Patches should be as up to date as possible, preferably relative to the
+-current Git or the last snapshot. They should follow our coding style
+-(see https://www.openssl.org/policies/codingstyle.html) and compile without
+-warnings using the --strict-warnings flag. OpenSSL compiles on many varied
+-platforms: try to ensure you only use portable features.
++OpenSSL community you might want to discuss it on the openssl-dev mailing
++list first. Someone may be already working on the same thing or there
++may be a good reason as to why that feature isn't implemented.
+
+-When at all possible, patches should include tests. These can either be
+-added to an existing test, or completely new. Please see test/README for
+-information on the test framework.
++The best way to submit a patch is to make a pull request on GitHub.
++(It is not necessary to send mail to rt at openssl.org to open a ticket!)
++If you think the patch could use feedback from the community, please
++start a thread on openssl-dev.
+
+-Our preferred format for patch files is "git format-patch" output. For example
+-to provide a patch file containing the last commit in your local git repository
+-use the following command:
++You can also submit patches by sending it as mail to rt at opensslorg.
++Please include the word "PATCH" and an explanation of what the patch
++does in the subject line. If you do this, our preferred format is "git
++format-patch" output. For example to provide a patch file containing the
++last commit in your local git repository use the following command:
+
+-# git format-patch --stdout HEAD^ >mydiffs.patch
++ % git format-patch --stdout HEAD^ >mydiffs.patch
+
+ Another method of creating an acceptable patch file without using git is as
+ follows:
+
+-# cd openssl-work
+-# [your changes]
+-# ./Configure dist; make clean
+-# cd ..
+-# diff -ur openssl-orig openssl-work > mydiffs.patch
++ % cd openssl-work
++ ...make your changes...
++ % ./Configure dist; make clean
++ % cd ..
++ % diff -ur openssl-orig openssl-work >mydiffs.patch
++
++Note that pull requests are generally easier for the team, and community, to
++work with. Pull requests benefit from all of the standard GitHub features,
++including code review tools, simpler integration, and CI build support.
++
++No matter how a patch is submitted, the following items will help make
++the acceptance and review process faster:
++
++ 1. Anything other than trivial contributions will require a contributor
++ licensing agreement, giving us permission to use your code. See
++ https://openssl.org/policies/cla.html for details.
++
++ 2. All source files should start with the following text (with
++ appropriate comment characters at the start of each line and the
++ year(s) updated):
++
++ Copyright 20xx-20yy The OpenSSL Project Authors. All Rights Reserved.
++
++ Licensed under the OpenSSL license (the "License"). You may not use
++ this file except in compliance with the License. You can obtain a copy
++ in the file LICENSE in the source distribution or at
++ https://www.openssl.org/source/license.html
++
++ 3. Patches should be as current as possible. When using GitHub, please
++ expect to have to rebase and update often.
++
++ 3. Patches should follow our coding style (see
++ https://www.openssl.org/policies/codingstyle.html) and compile without
++ warnings using the --strict-warnings flag. OpenSSL compiles on many
++ varied platforms: try to ensure you only use portable features.
++
++ 4. When at all possible, patches should include tests. These can either be
++ added to an existing test, or completely new. Please see test/README
++ for information on the test framework.
+diff --git a/Configurations/00-base-templates.conf b/Configurations/00-base-templates.conf
+index c28e4e1..515cf00 100644
+--- a/Configurations/00-base-templates.conf
++++ b/Configurations/00-base-templates.conf
+@@ -185,7 +185,7 @@
+ bn_asm_src => "asm/sparcv8plus.S sparcv9-mont.S sparcv9a-mont.S vis3-mont.S sparct4-mont.S sparcv9-gf2m.S",
+ ec_asm_src => "ecp_nistz256.c ecp_nistz256-sparcv9.S",
+ des_asm_src => "des_enc-sparc.S fcrypt_b.c dest4-sparcv9.S",
+- aes_asm_src => "aes_core.c aes_cbc.c aes-sparcv9.S aest4-sparcv9.S",
++ aes_asm_src => "aes_core.c aes_cbc.c aes-sparcv9.S aest4-sparcv9.S aesfx-sparcv9.S",
+ md5_asm_src => "md5-sparcv9.S",
+ sha1_asm_src => "sha1-sparcv9.S sha256-sparcv9.S sha512-sparcv9.S",
+ cmll_asm_src => "camellia.c cmll_misc.c cmll_cbc.c cmllt4-sparcv9.S",
+@@ -203,9 +203,9 @@
+ alpha_asm => {
+ template => 1,
+ cpuid_asm_src => "alphacpuid.s",
+- bn_asm_src => "bn_asm.c alpha-mont.s",
+- sha1_asm_src => "sha1-alpha.s",
+- modes_asm_src => "ghash-alpha.s",
++ bn_asm_src => "bn_asm.c alpha-mont.S",
++ sha1_asm_src => "sha1-alpha.S",
++ modes_asm_src => "ghash-alpha.S",
+ perlasm_scheme => "void"
+ },
+ mips32_asm => {
+@@ -217,7 +217,8 @@
+ mips64_asm => {
+ inherit_from => [ "mips32_asm" ],
+ template => 1,
+- sha1_asm_src => add("sha512-mips.S")
++ sha1_asm_src => add("sha512-mips.S"),
++ poly1305_asm_src=> "poly1305-mips.S",
+ },
+ s390x_asm => {
+ template => 1,
+@@ -244,7 +245,7 @@
+ },
+ aarch64_asm => {
+ template => 1,
+- cpuid_asm_src => "armcap.c arm64cpuid.S mem_clr.c",
++ cpuid_asm_src => "armcap.c arm64cpuid.S",
+ ec_asm_src => "ecp_nistz256.c ecp_nistz256-armv8.S",
+ bn_asm_src => "bn_asm.c armv8-mont.S",
+ aes_asm_src => "aes_core.c aes_cbc.c aesv8-armx.S vpaes-armv8.S",
+diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
+index de591c9..86dd411 100644
+--- a/Configurations/10-main.conf
++++ b/Configurations/10-main.conf
+@@ -9,15 +9,39 @@ sub vc_win64a_info {
+ $vc_win64a_info = { as => "nasm",
+ asflags => "-f win64 -DNEAR -Ox -g",
+ asoutflag => "-o" };
+- } else {
++ } elsif ($disabled{asm}) {
+ $vc_win64a_info = { as => "ml64",
+ asflags => "/c /Cp /Cx /Zi",
+ asoutflag => "/Fo" };
++ } else {
++ die "NASM not found - please read INSTALL and NOTES.WIN for further details\n";
+ }
+ }
+ return $vc_win64a_info;
+ }
+
++my $vc_win32_info = {};
++sub vc_win32_info {
++ unless (%$vc_win32_info) {
++ my $ver=`nasm -v 2>NUL`;
++ my $vew=`nasmw -v 2>NUL`;
++ if ($ver ne "" || $vew ne "") {
++ $vc_win32_info = { as => $ver ge $vew ? "nasm" : "nasmw",
++ asflags => "-f win32",
++ asoutflag => "-o",
++ perlasm_scheme => "win32n" };
++ } elsif ($disabled{asm}) {
++ $vc_win32_info = { as => "ml",
++ asflags => "/nologo /Cp /coff /c /Cx /Zi",
++ asoutflag => "/Fo",
++ perlasm_scheme => "win32" };
++ } else {
++ die "NASM not found - please read INSTALL and NOTES.WIN for further details\n";
++ }
++ }
++ return $vc_win32_info;
++}
++
+ my $vc_wince_info = {};
+ sub vc_wince_info {
+ unless (%$vc_wince_info) {
+@@ -279,44 +303,16 @@ sub vms_info {
+ multilib => "/64",
+ },
+
+-#### IRIX 5.x configs
+-# -mips2 flag is added by ./config when appropriate.
+- "irix-gcc" => {
+- inherit_from => [ "BASE_unix", asm("mips32_asm") ],
+- cc => "gcc",
+- cflags => picker(default => "-DB_ENDIAN",
+- debug => "-g -O0",
+- release => "-O3"),
+- bn_ops => "BN_LLONG RC4_CHAR",
+- thread_scheme => "(unknown)",
+- perlasm_scheme => "o32",
+- dso_scheme => "dlfcn",
+- shared_target => "irix-shared",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+- "irix-cc" => {
+- inherit_from => [ "BASE_unix", asm("mips32_asm") ],
+- cc => "cc",
+- cflags => picker(default => "-use_readonly_const -DB_ENDIAN",
+- debug => "-g -O0",
+- release => "-O2"),
+- bn_ops => "BN_LLONG RC4_CHAR",
+- thread_scheme => "(unknown)",
+- perlasm_scheme => "o32",
+- dso_scheme => "dlfcn",
+- shared_target => "irix-shared",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+ #### IRIX 6.x configs
+-# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
+-# './Configure irix-cc -o32' manually.
++# Only N32 and N64 ABIs are supported.
+ "irix-mips3-gcc" => {
+ inherit_from => [ "BASE_unix", asm("mips64_asm") ],
+ cc => "gcc",
+ cflags => combine(picker(default => "-mabi=n32 -DB_ENDIAN -DBN_DIV3W",
+ debug => "-g -O0",
+ release => "-O3"),
+- threads("-D_SGI_MP_SOURCE -pthread")),
++ threads("-D_SGI_MP_SOURCE")),
++ ex_libs => add(threads("-lpthread")),
+ bn_ops => "RC4_CHAR SIXTY_FOUR_BIT",
+ thread_scheme => "pthreads",
+ perlasm_scheme => "n32",
+@@ -351,6 +347,7 @@ sub vms_info {
+ debug => "-g -O0",
+ release => "-O3"),
+ threads("-D_SGI_MP_SOURCE")),
++ ex_libs => add(threads("-lpthread")),
+ bn_ops => "RC4_CHAR SIXTY_FOUR_BIT_LONG",
+ thread_scheme => "pthreads",
+ perlasm_scheme => "64",
+@@ -571,23 +568,18 @@ sub vms_info {
+ bn_ops => "BN_LLONG",
+ },
+
+-#### DEC Alpha OSF/1/Tru64 targets.
+- "osf1-alpha-gcc" => {
++#### DEC Alpha Tru64 targets. Tru64 is marketing name for OSF/1 version 4
++#### and forward. In reality 'uname -s' still returns "OSF1". Originally
++#### there were even osf1-* configs targeting prior versions provided,
++#### but not anymore...
++ "tru64-alpha-gcc" => {
+ inherit_from => [ "BASE_unix", asm("alpha_asm") ],
+ cc => "gcc",
+- cflags => "-O3",
+- bn_ops => "SIXTY_FOUR_BIT_LONG",
+- thread_scheme => "(unknown)",
+- dso_scheme => "dlfcn",
+- shared_target => "alpha-osf1-shared",
+- shared_extension => ".so",
+- },
+- "osf1-alpha-cc" => {
+- inherit_from => [ "BASE_unix", asm("alpha_asm") ],
+- cc => "cc",
+- cflags => "-std1 -tune host -O4 -readonly_strings",
++ cflags => combine("-std=c9x -D_XOPEN_SOURCE=500 -D_OSF_SOURCE -O3",
++ threads("-pthread")),
++ ex_libs => "-lrt", # for mlock(2)
+ bn_ops => "SIXTY_FOUR_BIT_LONG",
+- thread_scheme => "(unknown)",
++ thread_scheme => "pthreads",
+ dso_scheme => "dlfcn",
+ shared_target => "alpha-osf1-shared",
+ shared_extension => ".so",
+@@ -595,8 +587,9 @@ sub vms_info {
+ "tru64-alpha-cc" => {
+ inherit_from => [ "BASE_unix", asm("alpha_asm") ],
+ cc => "cc",
+- cflags => combine("-std1 -tune host -fast -readonly_strings",
++ cflags => combine("-std1 -D_XOPEN_SOURCE=500 -D_OSF_SOURCE -tune host -fast -readonly_strings",
+ threads("-pthread")),
++ ex_libs => "-lrt", # for mlock(2)
+ bn_ops => "SIXTY_FOUR_BIT_LONG",
+ thread_scheme => "pthreads",
+ dso_scheme => "dlfcn",
+@@ -872,17 +865,14 @@ sub vms_info {
+ # Special note about unconditional -fPIC and -pie. The underlying
+ # reason is that Lollipop refuses to run non-PIE. But what about
+ # older systems and NDKs? -fPIC was never problem, so the only
+- # concern if -pie. Older toolchains, e.g. r4, appear to handle it
++ # concern is -pie. Older toolchains, e.g. r4, appear to handle it
+ # and binaries turn mostly functional. "Mostly" means that oldest
+ # Androids, such as Froyo, fail to handle executable, but newer
+ # systems are perfectly capable of executing binaries targeting
+ # Froyo. Keep in mind that in the nutshell Android builds are
+ # about JNI, i.e. shared libraries, not applications.
+- cflags => picker(default => "-mandroid -fPIC --sysroot=\$(CROSS_SYSROOT) -Wa,--noexecstack -Wall",
+- debug => "-O0 -g",
+- release => "-O3"),
+- lflags => "-pie",
+- shared_cflag => "",
++ cflags => add(picker(default => "-mandroid -fPIC --sysroot=\$(CROSS_SYSROOT) -Wa,--noexecstack")),
++ bin_cflags => "-pie",
+ },
+ "android-x86" => {
+ inherit_from => [ "android", asm("x86_asm") ],
+@@ -921,11 +911,8 @@ sub vms_info {
+
+ "android64" => {
+ inherit_from => [ "linux-generic64" ],
+- cflags => picker(default => "-mandroid -fPIC --sysroot=\$(CROSS_SYSROOT) -Wa,--noexecstack -Wall",
+- debug => "-O0 -g",
+- release => "-O3"),
+- lflags => "-pie",
+- shared_cflag => "",
++ cflags => add(picker(default => "-mandroid -fPIC --sysroot=\$(CROSS_SYSROOT) -Wa,--noexecstack")),
++ bin_cflags => "-pie",
+ },
+ "android64-aarch64" => {
+ inherit_from => [ "android64", asm("aarch64_asm") ],
+@@ -1260,8 +1247,8 @@ sub vms_info {
+ coutflag => "/Fo",
+ rc => "rc",
+ rcoutflag => "/fo",
+- lib_cflags => add("/Zi /Fdlib"),
+- dso_cflags => "/Zi",
++ lib_cflags => add("/Zi /Fdossl_static"),
++ dso_cflags => "/Zi /Fddso",
+ bin_cflags => "/Zi /Fdapp",
+ lflags => add("/debug"),
+ shared_ldflag => "/dll",
+@@ -1280,7 +1267,7 @@ sub vms_info {
+ release =>
+ sub {
+ ($disabled{shared} ? "" : "/MD")
+- ." /Ox /O2 /Ob2";
++ ." /O2";
+ })),
+ lib_cflags => add(sub { $disabled{shared} ? "/MT /Zl" : () }),
+ # Following might/should appears controversial, i.e. defining
+@@ -1344,11 +1331,9 @@ sub vms_info {
+ # configure with 'perl Configure VC-WIN32 -DUNICODE -D_UNICODE'
+ inherit_from => [ "VC-noCE-common", asm("x86_asm"),
+ sub { $disabled{shared} ? () : "uplink_common" } ],
+- as => sub { my $ver=`nasm -v 2>NUL`;
+- my $vew=`nasmw -v 2>NUL`;
+- return $ver ge $vew ? "nasm" : "nasmw" },
+- asflags => "-f win32",
+- asoutflag => "-o",
++ as => sub { vc_win32_info()->{as} },
++ asflags => sub { vc_win32_info()->{asflags} },
++ asoutflag => sub { vc_win32_info()->{asoutflag} },
+ ex_libs => add(sub {
+ my @ex_libs = ();
+ # WIN32 UNICODE build gets linked with unicows.lib for
+@@ -1359,7 +1344,7 @@ sub vms_info {
+ }),
+ sys_id => "WIN32",
+ bn_ops => "BN_LLONG EXPORT_VAR_AS_FN",
+- perlasm_scheme => "win32n",
++ perlasm_scheme => sub { vc_win32_info()->{perlasm_scheme} },
+ build_scheme => add("VC-W32", { separator => undef }),
+ },
+ "VC-CE" => {
+@@ -1529,17 +1514,6 @@ sub vms_info {
+ inherit_from => [ "Cygwin-x86" ]
+ },
+
+-#### DJGPP
+- "DJGPP" => {
+- inherit_from => [ asm("x86_asm") ],
+- cc => "gcc",
+- cflags => "-I/dev/env/WATT_ROOT/inc -DTERMIO -DL_ENDIAN -fomit-frame-pointer -O2 -Wall",
+- sys_id => "MSDOS",
+- ex_libs => add("-L/dev/env/WATT_ROOT/lib -lwatt"),
+- bn_ops => "BN_LLONG",
+- perlasm_scheme => "a.out",
+- },
+-
+ ##### MacOS X (a.k.a. Darwin) setup
+ "darwin-common" => {
+ inherit_from => [ "BASE_unix" ],
+@@ -1741,48 +1715,20 @@ sub vms_info {
+ shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ ranlib => "$ENV{'RANLIB'}",
+ },
+- "haiku-common" => {
+- template => 1,
+- cc => "cc",
+- cflags => add_before(picker(default => "-DL_ENDIAN -Wall",
+- debug => "-g -O0",
+- release => "-O2"),
+- threads("-D_REENTRANT")),
+- sys_id => "HAIKU",
+- lflags => "-lnetwork",
+- perlasm_scheme => "elf",
+- thread_scheme => "pthreads",
+- dso_scheme => "dlfcn",
+- shared_target => "haiku-shared",
+- shared_cflag => "-fPIC",
+- shared_ldflag => "-shared",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+- "haiku-x86" => {
+- inherit_from => [ "haiku-common", asm("x86_elf_asm") ],
+- cflags => add(picker(default => "",
+- release => "-fomit-frame-pointer")),
+- bn_ops => "BN_LLONG",
+- },
+- # Haiku builds with no-asm
+- "haiku-x86_64" => {
+- inherit_from => [ "haiku-common", asm("x86_64_asm") ],
+- cflags => add("-m64"),
+- bn_ops => "SIXTY_FOUR_BIT_LONG",
+- },
+-
+
+ ##### VMS
+ "vms-generic" => {
+ inherit_from => [ "BASE_VMS" ],
+ template => 1,
+ cc => "CC/DECC",
+- cflags => picker(default => "/STANDARD=RELAXED/NOLIST/PREFIX=ALL/NAMES=(AS_IS,SHORTENED)",
++ cflags => picker(default => "/STANDARD=RELAXED/NOLIST/PREFIX=ALL",
+ debug => "/NOOPTIMIZE/DEBUG",
+ release => "/OPTIMIZE/NODEBUG"),
+ lflags => picker(default => "/MAP",
+ debug => "/DEBUG/TRACEBACK",
+ release => "/NODEBUG/NOTRACEBACK"),
++ lib_cflags => add("/NAMES=(AS_IS,SHORTENED)"),
++ dso_cflags => add("/NAMES=(AS_IS,SHORTENED)"),
+ shared_target => "vms-shared",
+ dso_scheme => "vms",
+ thread_scheme => "pthreads",
+@@ -1790,18 +1736,6 @@ sub vms_info {
+ apps_aux_src => "vms_decc_init.c",
+ },
+
+- # VMS on VAX is *unsupported*
+- #"vms-asm" => {
+- # template => 1,
+- # bn_obj => "[.asm]vms.obj vms-helper.obj"
+- #},
+- #"vms-vax" => {
+- # inherit_from => [ "vms-generic", asm("vms-asm") ],
+- # as => "MACRO",
+- # debug_aflags => "/NOOPTIMIZE/DEBUG",
+- # release_aflags => "/OPTIMIZE/NODEBUG",
+- # bn_opts => "THIRTY_TWO_BIT RC4_CHAR RC4_CHUNK DES_PTR BF_PTR",
+- #},
+ "vms-alpha" => {
+ inherit_from => [ "vms-generic" ],
+ cflags => add(sub { my @warnings =
+diff --git a/Configurations/50-djgpp.conf b/Configurations/50-djgpp.conf
+new file mode 100644
+index 0000000..f532bd1
+--- /dev/null
++++ b/Configurations/50-djgpp.conf
+@@ -0,0 +1,15 @@
++# We can't make any commitment to support the DJGPP platform,
++# and rely entirely on the OpenSSL community to help is fine
++# tune and test.
++
++%targets = (
++ "DJGPP" => {
++ inherit_from => [ asm("x86_asm") ],
++ cc => "gcc",
++ cflags => "-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall",
++ sys_id => "MSDOS",
++ ex_libs => add("-L/dev/env/WATT_ROOT/lib -lwatt"),
++ bn_ops => "BN_LLONG",
++ perlasm_scheme => "a.out",
++ },
++);
+diff --git a/Configurations/50-haiku.conf b/Configurations/50-haiku.conf
+new file mode 100644
+index 0000000..f114666
+--- /dev/null
++++ b/Configurations/50-haiku.conf
+@@ -0,0 +1,29 @@
++%targets = (
++ "haiku-common" => {
++ template => 1,
++ cc => "cc",
++ cflags => add_before(picker(default => "-DL_ENDIAN -Wall -include \$(SRCDIR)/os-dep/haiku.h",
++ debug => "-g -O0",
++ release => "-O2"),
++ threads("-D_REENTRANT")),
++ sys_id => "HAIKU",
++ ex_libs => "-lnetwork",
++ perlasm_scheme => "elf",
++ thread_scheme => "pthreads",
++ dso_scheme => "dlfcn",
++ shared_target => "gnu-shared",
++ shared_cflag => "-fPIC",
++ shared_ldflag => "-shared",
++ shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++ },
++ "haiku-x86" => {
++ inherit_from => [ "haiku-common", asm("x86_elf_asm") ],
++ cflags => add(picker(release => "-fomit-frame-pointer")),
++ bn_ops => "BN_LLONG",
++ },
++ "haiku-x86_64" => {
++ inherit_from => [ "haiku-common" ],
++ cflags => add("-m64"),
++ bn_ops => "SIXTY_FOUR_BIT_LONG",
++ },
++);
+diff --git a/Configurations/50-masm.conf b/Configurations/50-masm.conf
+new file mode 100644
+index 0000000..60a5507
+--- /dev/null
++++ b/Configurations/50-masm.conf
+@@ -0,0 +1,17 @@
++# We can't make commitment to supporting Microsoft assembler,
++# because it would mean supporting all masm versions. This in
++# in turn is because masm is not really an interchangeable option,
++# while users tend to have reasons to stick with specific Visual
++# Studio versions. It's usually lesser hassle to make it work
++# with latest assembler, but tweaking for older versions had
++# proven to be daunting task. This is experimental target, for
++# production builds stick with [up-to-date version of] nasm.
++
++%targets = (
++ "VC-WIN64A-masm" => {
++ inherit_from => [ "VC-WIN64A" ],
++ as => "ml64",
++ asflags => "/c /Cp /Cx /Zi",
++ asoutflag => "/Fo",
++ },
++);
+diff --git a/Configurations/99-personal-ben.conf b/Configurations/99-personal-ben.conf
+deleted file mode 100644
+index 50b9315..0000000
+--- a/Configurations/99-personal-ben.conf
++++ /dev/null
+@@ -1,95 +0,0 @@
+-## -*- mode: perl; -*-
+-## Personal configuration targets
+-
+-%targets = (
+- "debug-ben" => {
+- cc => "gcc",
+- cflags => "$gcc_devteam_warn -DBN_DEBUG -DREF_DEBUG -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -O2 -pipe",
+- thread_scheme => "(unknown)",
+- },
+- "debug-ben-openbsd" => {
+- cc => "gcc",
+- cflags => "-DBN_DEBUG -DREF_DEBUG -DCONF_DEBUG -DBN_CTX_DEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe",
+- thread_scheme => "(unknown)",
+- },
+- "debug-ben-openbsd-debug" => {
+- cc => "gcc",
+- cflags => "-DBN_DEBUG -DREF_DEBUG -DCONF_DEBUG -DBN_CTX_DEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe",
+- thread_scheme => "(unknown)",
+- },
+- "debug-ben-debug" => {
+- cc => "gcc",
+- cflags => "$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DOPENSSL_NO_HW_PADLOCK -g3 -O2 -pipe",
+- thread_scheme => "(unknown)",
+- },
+- "debug-ben-debug-64" => {
+- inherit_from => [ "x86_64_asm" ],
+- cc => "gcc",
+- cflags => combine("$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O3 -pipe",
+- threads("${BSDthreads}")),
+- bn_ops => "SIXTY_FOUR_BIT_LONG",
+- thread_scheme => "pthreads",
+- perlasm_scheme => "elf",
+- dso_scheme => "dlfcn",
+- shared_target => "bsd-gcc-shared",
+- shared_cflag => "-fPIC",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+- "debug-ben-debug-64-clang" => {
+- inherit_from => [ "x86_64_asm" ],
+- cc => "clang",
+- cflags => combine("$gcc_devteam_warn -Wno-error=overlength-strings -Wno-error=extended-offsetof -Wno-error=language-extension-token -Wstrict-overflow -Qunused-arguments -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O3 -pipe",
+- threads("${BSDthreads}")),
+- bn_ops => "SIXTY_FOUR_BIT_LONG",
+- thread_scheme => "pthreads",
+- perlasm_scheme => "elf",
+- dso_scheme => "dlfcn",
+- shared_target => "bsd-gcc-shared",
+- shared_cflag => "-fPIC",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+- "debug-ben-debug-64-noopt" => {
+- inherit_from => [ "x86_64_asm" ],
+- cc => "gcc",
+- cflags => combine("$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -pipe",
+- threads("${BSDthreads}")),
+- bn_ops => "SIXTY_FOUR_BIT_LONG",
+- thread_scheme => "pthreads",
+- perlasm_scheme => "elf",
+- dso_scheme => "dlfcn",
+- shared_target => "bsd-gcc-shared",
+- shared_cflag => "-fPIC",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+- "debug-ben-macos" => {
+- cc => "cc",
+- cflags => "$gcc_devteam_warn -DOPENSSL_NO_ASM -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -DL_ENDIAN -g3 -pipe",
+- thread_scheme => "(unknown)",
+- },
+- "debug-ben-no-opt" => {
+- cc => "gcc",
+- cflags => " -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -Werror -DL_ENDIAN -Wall -g3",
+- thread_scheme => "(unknown)",
+- },
+- "debug-ben-strict" => {
+- cc => "gcc",
+- cflags => "-DBN_DEBUG -DREF_DEBUG -DCONF_DEBUG -DBN_CTX_DEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe",
+- thread_scheme => "(unknown)",
+- },
+- "debug-ben-darwin64" => {
+- inherit_from => [ "x86_64_asm" ],
+- cc => "cc",
+- cflags => combine("$gcc_devteam_warn -Wno-language-extension-token -Wno-extended-offsetof -arch x86_64 -O3 -DL_ENDIAN -DMD32_REG_T=int -Wall",
+- threads("-D_REENTRANT")),
+- sys_id => "MACOSX",
+- plib_lflags => "-Wl,-search_paths_first",
+- bn_ops => "SIXTY_FOUR_BIT_LONG",
+- thread_scheme => "pthreads",
+- perlasm_scheme => "macosx",
+- dso_scheme => "dlfcn",
+- shared_target => "darwin-shared",
+- shared_cflag => "-fPIC -fno-common",
+- shared_ldflag => "-arch x86_64 -dynamiclib",
+- shared_extension => ".\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+- },
+-);
+diff --git a/Configurations/99-personal-bodo.conf b/Configurations/99-personal-bodo.conf
+deleted file mode 100644
+index df9b49c..0000000
+--- a/Configurations/99-personal-bodo.conf
++++ /dev/null
+@@ -1,21 +0,0 @@
+-## -*- mode: perl; -*-
+-## Personal configuration targets
+-
+-%targets = (
+- "debug-bodo" => {
+- inherit_from => [ "x86_64_asm" ],
+- cc => "gcc",
+- cflags => combine("$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int",
+- threads("-D_REENTRANT")),
+- ex_libs => add(" ","-ldl"),
+- bn_ops => "SIXTY_FOUR_BIT_LONG",
+- thread_scheme => "pthreads",
+- perlasm_scheme => "elf",
+- dso_scheme => "dlfcn",
+- shared_target => "linux-shared",
+- shared_cflag => "-fPIC",
+- shared_ldflag => "-m64",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- multilib => "64",
+- },
+-);
+diff --git a/Configurations/99-personal-geoff.conf b/Configurations/99-personal-geoff.conf
+deleted file mode 100644
+index 5bddfae..0000000
+--- a/Configurations/99-personal-geoff.conf
++++ /dev/null
+@@ -1,29 +0,0 @@
+-## -*- mode: perl; -*-
+-## Personal configuration targets
+-
+-%targets = (
+- "debug-geoff32" => {
+- cc => "gcc",
+- cflags => combine("-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long",
+- threads("-D_REENTRANT")),
+- ex_libs => add(" ","-ldl"),
+- bn_ops => "BN_LLONG",
+- thread_scheme => "pthreads",
+- dso_scheme => "dlfcn",
+- shared_target => "linux-shared",
+- shared_cflag => "-fPIC",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+- "debug-geoff64" => {
+- cc => "gcc",
+- cflags => combine("-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long",
+- threads("-D_REENTRANT")),
+- ex_libs => add(" ","-ldl"),
+- bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
+- thread_scheme => "pthreads",
+- dso_scheme => "dlfcn",
+- shared_target => "linux-shared",
+- shared_cflag => "-fPIC",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+-);
+diff --git a/Configurations/99-personal-levitte.conf b/Configurations/99-personal-levitte.conf
+deleted file mode 100644
+index c67252b..0000000
+--- a/Configurations/99-personal-levitte.conf
++++ /dev/null
+@@ -1,21 +0,0 @@
+-## -*- mode: perl; -*-
+-## Personal configuration targets
+-
+-%targets = (
+- "levitte-linux-elf" => {
+- inherit_from => [ "linux-elf" ],
+- cflags => add(picker(debug => "-ggdb -g3")),
+- defines => add(picker(debug => "LEVITTE_DEBUG"),
+- { separator => undef }),
+- build_scheme => [ "unified", "unix" ],
+- build_file => "Makefile",
+- },
+- "levitte-linux-x86_64" => {
+- inherit_from => [ "linux-x86_64" ],
+- cflags => add(picker(debug => "-ggdb -g3")),
+- defines => add(picker(debug => "LEVITTE_DEBUG"),
+- { separator => undef }),
+- build_scheme => [ "unified", "unix" ],
+- build_file => "Makefile",
+- },
+-);
+diff --git a/Configurations/99-personal-rse.conf b/Configurations/99-personal-rse.conf
+deleted file mode 100644
+index 9999fcd..0000000
+--- a/Configurations/99-personal-rse.conf
++++ /dev/null
+@@ -1,12 +0,0 @@
+-## -*- mode: perl; -*-
+-## Personal configuration targets
+-
+-%targets = (
+- "debug-rse" => {
+- inherit_from => [ "x86_elf_asm" ],
+- cc => "cc",
+- cflags => "-DL_ENDIAN -pipe -O -g -ggdb3 -Wall",
+- thread_scheme => "(unknown)",
+- bn_ops => "BN_LLONG",
+- },
+-);
+diff --git a/Configurations/99-personal-steve.conf b/Configurations/99-personal-steve.conf
+deleted file mode 100644
+index 473fd24..0000000
+--- a/Configurations/99-personal-steve.conf
++++ /dev/null
+@@ -1,50 +0,0 @@
+-## -*- mode: perl; -*-
+-## Personal configuration targets
+-
+-%targets = (
+- "debug-steve64" => {
+- inherit_from => [ "x86_64_asm" ],
+- cc => "gcc",
+- cflags => combine("$gcc_devteam_warn -pthread -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -g",
+- threads("-D_REENTRANT")),
+- ex_libs => add(" ","-ldl"),
+- bn_ops => "SIXTY_FOUR_BIT_LONG",
+- thread_scheme => "pthreads",
+- perlasm_scheme => "elf",
+- dso_scheme => "dlfcn",
+- shared_target => "linux-shared",
+- shared_cflag => "-fPIC",
+- shared_ldflag => "-m64",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+- "debug-steve32" => {
+- inherit_from => [ "x86_elf_asm" ],
+- cc => "gcc",
+- cflags => combine("$gcc_devteam_warn -pthread -m32 -DL_ENDIAN -DCONF_DEBUG -g",
+- threads("-D_REENTRANT")),
+- lflags => "-rdynamic",
+- ex_libs => add(" ","-ldl"),
+- bn_ops => "BN_LLONG",
+- thread_scheme => "pthreads",
+- dso_scheme => "dlfcn",
+- shared_target => "linux-shared",
+- shared_cflag => "-fPIC",
+- shared_ldflag => "-m32",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+- "debug-steve-opt" => {
+- inherit_from => [ "x86_64_asm" ],
+- cc => "gcc",
+- cflags => combine("$gcc_devteam_warn -pthread -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -g",
+- threads("-D_REENTRANT")),
+- ex_libs => add(" ","-ldl"),
+- bn_ops => "SIXTY_FOUR_BIT_LONG",
+- thread_scheme => "pthreads",
+- perlasm_scheme => "elf",
+- dso_scheme => "dlfcn",
+- shared_target => "linux-shared",
+- shared_cflag => "-fPIC",
+- shared_ldflag => "-m64",
+- shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+- },
+-);
+diff --git a/Configurations/README b/Configurations/README
+index a5a006e..8451b44 100644
+--- a/Configurations/README
++++ b/Configurations/README
+@@ -99,8 +99,7 @@ In each table entry, the following keys are significant:
+ some options. In this case, the first
+ string in the list is the name of the build
+ scheme.
+- Currently recognised build schemes are
+- "unixmake" and "unified".
++ Currently recognised build scheme is "unified".
+ For the "unified" build scheme, this item
+ *must* be an array with the first being the
+ word "unified" and the second being a word
+@@ -380,6 +379,18 @@ item muct be the generator file. It is, however, entirely up to the
+ build file template to define exactly how those command lines should
+ be handled, how the output is captured and so on.
+
++Sometimes, the generator file itself depends on other files, for
++example if it is a perl script that depends on other perl modules.
++This can be expressed using DEPEND like this:
++
++ DEPEND[asm/something.pl]=../perlasm/Foo.pm
++
++There may also be cases where the exact file isn't easily specified,
++but an inclusion directory still needs to be specified. INCLUDE can
++be used in that case:
++
++ INCLUDE[asm/something.pl]=../perlasm
++
+ NOTE: GENERATE lines are limited to one command only per GENERATE.
+
+ As a last resort, it's possible to have raw build file lines, between
+@@ -499,6 +510,10 @@ They are all expected to return a string with the lines they produce.
+
+ generatesrc(src => "PATH/TO/tobegenerated",
+ generator => [ "generatingfile", ... ]
++ generator_incs => [ "INCL/PATH", ... ]
++ generator_deps => [ "dep1", ... ]
++ generator => [ "generatingfile", ... ]
++ incs => [ "INCL/PATH", ... ],
+ deps => [ "dep1", ... ],
+ intent => one of "libs", "dso", "bin" );
+
+@@ -508,9 +523,14 @@ They are all expected to return a string with the lines they produce.
+ expected to be the file to generate from.
+ generatesrc() is expected to analyse and figure out
+ exactly how to apply that file and how to capture
+- the result. 'deps' is a list of explicit
+- dependencies. 'intent' indicates what the generated
+- file is going to be used for.
++ the result. 'generator_incs' and 'generator_deps'
++ are include directories and files that the generator
++ file itself depends on. 'incs' and 'deps' are
++ include directories and files that are used if $(CC)
++ is used as an intermediary step when generating the
++ end product (the file indicated by 'src'). 'intent'
++ indicates what the generated file is going to be
++ used for.
+
+ src2obj - function that produces build file lines to build an
+ object file from source files and associated data.
+diff --git a/Configurations/README.design b/Configurations/README.design
+index 574982f..5777e72 100644
+--- a/Configurations/README.design
++++ b/Configurations/README.design
+@@ -91,6 +91,7 @@ depends on the library 'libssl' to function properly.
+
+ GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)"
+ DEPEND[buildinf.h]=../Makefile
++ DEPEND[../util/mkbuildinf.pl]=../util/Foo.pm
+
+ This is the build.info file in 'crypto', and it tells us a little more
+ about what's needed to produce 'libcrypto'. LIBS is used again to
+@@ -103,9 +104,9 @@ This build.info file informs us that 'libcrypto' is built from a few
+ source files, 'crypto/aes.c', 'crypto/evp.c' and 'crypto/cversion.c'.
+ It also shows us that building the object file inferred from
+ 'crypto/cversion.c' depends on 'crypto/buildinf.h'. Finally, it
+-also shows the possibility to include raw build-file statements in a
+-build.info file, in this case showing how 'buildinf.h' is built on
+-Unix-like operating systems.
++also shows the possibility to declare how some files are generated
++using some script, in this case a perl script, and how such scripts
++can be declared to depend on other files, in this case a perl module.
+
+ Two things are worth an extra note:
+
+@@ -153,13 +154,14 @@ information comes down to this:
+ INCLUDE[apps/openssl]=. include
+ DEPEND[apps/openssl]=libssl
+
+- ENGINES=engines/libossltest
+- SOURCE[engines/libossltest]=engines/e_ossltest.c
+- DEPEND[engines/libossltest]=libcrypto
+- INCLUDE[engines/libossltest]=include
++ ENGINES=engines/ossltest
++ SOURCE[engines/ossltest]=engines/e_ossltest.c
++ DEPEND[engines/ossltest]=libcrypto
++ INCLUDE[engines/ossltest]=include
+
+ GENERATE[crypto/buildinf.h]=util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)"
+ DEPEND[crypto/buildinf.h]=Makefile
++ DEPEND[util/mkbuildinf.pl]=util/Foo.pm
+
+
+ A few notes worth mentioning:
+@@ -170,13 +172,14 @@ PROGRAMS may be used to declare programs only.
+
+ ENGINES may be used to declare engines only.
+
+-The indexes for SOURCE, INCLUDE and ORDINALS must only be end product
+-files, such as libraries, programs or engines. The values of SOURCE
++The indexes for SOURCE and ORDINALS must only be end product files,
++such as libraries, programs or engines. The values of SOURCE
+ variables must only be source files (possibly generated)
+
+-DEPEND shows a relationship between different produced files, such
+-as a program depending on a library, or between an object file and
+-some extra source file.
++INCLUDE and DEPEND shows a relationship between different files
++(usually produced files) or between files and directories, such as a
++program depending on a library, or between an object file and some
++extra source file.
+
+ When Configure processes the build.info files, it will take it as
+ truth without question, and will therefore perform very few checks.
+@@ -202,6 +205,10 @@ indexes:
+ engines => a list of engines. These are directly inferred from
+ the ENGINES variable in build.info files.
+
++ generate => a hash table containing 'file' => [ 'generator' ... ]
++ pairs. These are directly inferred from the GENERATE
++ variables in build.info files.
++
+ includes => a hash table containing 'file' => [ 'include' ... ]
+ pairs. These are directly inferred from the INCLUDE
+ variables in build.info files.
+@@ -247,11 +254,15 @@ section above would be digested into a %unified_info table:
+ [
+ "libssl",
+ ],
++ "crypto/buildinf.h" =>
++ [
++ "Makefile",
++ ],
+ "crypto/cversion.o" =>
+ [
+ "crypto/buildinf.h",
+ ],
+- "engines/libossltest" =>
++ "engines/ossltest" =>
+ [
+ "libcrypto",
+ ],
+@@ -259,11 +270,25 @@ section above would be digested into a %unified_info table:
+ [
+ "libcrypto",
+ ],
++ "util/mkbuildinf.pl" =>
++ [
++ "util/Foo.pm",
++ ],
+ },
+ "engines" =>
+ [
+- "engines/libossltest",
++ "engines/ossltest",
+ ],
++ "generate" =>
++ {
++ "crypto/buildinf.h" =>
++ [
++ "util/mkbuildinf.pl",
++ "\"\$(CC)",
++ "\$(CFLAGS)\"",
++ "\"$(PLATFORM)\"",
++ ],
++ },
+ "includes" =>
+ {
+ "apps/openssl" =>
+@@ -271,7 +296,7 @@ section above would be digested into a %unified_info table:
+ ".",
+ "include",
+ ],
+- "engines/libossltest" =>
++ "engines/ossltest" =>
+ [
+ "include"
+ ],
+@@ -283,6 +308,10 @@ section above would be digested into a %unified_info table:
+ [
+ "include",
+ ],
++ "util/mkbuildinf.pl" =>
++ [
++ "util",
++ ],
+ }
+ "libraries" =>
+ [
+@@ -308,9 +337,6 @@ section above would be digested into a %unified_info table:
+ ],
+ "rawlines" =>
+ [
+- "crypto/buildinf.h : Makefile",
+- " perl util/mkbuildinf.h \"\$(CC) \$(CFLAGS)\" \"\$(PLATFORM)\" \\"
+- " > crypto/buildinf.h"
+ ],
+ "sources" =>
+ {
+@@ -338,7 +364,7 @@ section above would be digested into a %unified_info table:
+ [
+ "engines/e_ossltest.c",
+ ],
+- "engines/libossltest" =>
++ "engines/ossltest" =>
+ [
+ "engines/e_ossltest.o",
+ ],
+@@ -382,6 +408,34 @@ build static libraries from object files, to build shared libraries
+ from static libraries, to programs from object files and libraries,
+ etc.
+
++ generatesrc - function that produces build file lines to generate
++ a source file from some input.
++
++ It's called like this:
++
++ generatesrc(src => "PATH/TO/tobegenerated",
++ generator => [ "generatingfile", ... ]
++ generator_incs => [ "INCL/PATH", ... ]
++ generator_deps => [ "dep1", ... ]
++ incs => [ "INCL/PATH", ... ],
++ deps => [ "dep1", ... ],
++ intent => one of "libs", "dso", "bin" );
++
++ 'src' has the name of the file to be generated.
++ 'generator' is the command or part of command to
++ generate the file, of which the first item is
++ expected to be the file to generate from.
++ generatesrc() is expected to analyse and figure out
++ exactly how to apply that file and how to capture
++ the result. 'generator_incs' and 'generator_deps'
++ are include directories and files that the generator
++ file itself depends on. 'incs' and 'deps' are
++ include directories and files that are used if $(CC)
++ is used as an intermediary step when generating the
++ end product (the file indicated by 'src'). 'intent'
++ indicates what the generated file is going to be
++ used for.
++
+ src2obj - function that produces build file lines to build an
+ object file from source files and associated data.
+
+@@ -501,7 +555,7 @@ programs and all intermediate files, using the rule generating
+ functions defined in the build-file template.
+
+ As an example with the smaller build.info set we've seen as an
+-example, producing the rules to build 'libssl' would result in the
++example, producing the rules to build 'libcrypto' would result in the
+ following calls:
+
+ # Note: libobj2shlib will only be called if shared libraries are
+@@ -509,25 +563,43 @@ following calls:
+ # Note 2: libobj2shlib gets both the name of the static library
+ # and the names of all the object files that go into it. It's up
+ # to the implementation to decide which to use as input.
+- libobj2shlib(shlib => "libssl",
+- lib => "libssl",
+- objs => [ "ssl/tls.o" ],
+- deps => [ "libcrypto" ]
+- ordinals => [ "ssl", "util/libssl.num" ]);
+-
+- obj2lib(lib => "libssl"
+- objs => [ "ssl/tls.o" ]);
+-
+- # Note 3: common.tmpl peals off the ".o" extension, as the
+- # platform at hand may have a different one.
+- src2obj(obj => "ssl/tls"
+- srcs => [ "ssl/tls.c" ],
++ # Note 3: common.tmpl peals off the ".o" extension from all object
++ # files, as the platform at hand may have a different one.
++ libobj2shlib(shlib => "libcrypto",
++ lib => "libcrypto",
++ objs => [ "crypto/aes", "crypto/evp", "crypto/cversion" ],
++ deps => [ ]
++ ordinals => [ "crypto", "util/libcrypto.num" ]);
++
++ obj2lib(lib => "libcrypto"
++ objs => [ "crypto/aes", "crypto/evp", "crypto/cversion" ]);
++
++ src2obj(obj => "crypto/aes"
++ srcs => [ "crypto/aes.c" ],
+ deps => [ ],
+- incs => [ "include" ]);
++ incs => [ "include" ],
++ intent => "lib");
+
+- src2dep(obj => "ssl/tls"
+- srcs => [ "ssl/tls.c" ],
+- incs => [ "include" ]);
++ src2obj(obj => "crypto/evp"
++ srcs => [ "crypto/evp.c" ],
++ deps => [ ],
++ incs => [ "include" ],
++ intent => "lib");
++
++ src2obj(obj => "crypto/cversion"
++ srcs => [ "crypto/cversion.c" ],
++ deps => [ "crypto/buildinf.h" ],
++ incs => [ "include" ],
++ intent => "lib");
++
++ generatesrc(src => "crypto/buildinf.h",
++ generator => [ "util/mkbuildinf.pl", "\"$(CC)",
++ "$(CFLAGS)\"", "\"$(PLATFORM)\"" ],
++ generator_incs => [ "util" ],
++ generator_deps => [ "util/Foo.pm" ],
++ incs => [ ],
++ deps => [ ],
++ intent => "lib");
+
+ The returned strings from all those calls are then concatenated
+ together and written to the resulting build-file.
+diff --git a/Configurations/common.tmpl b/Configurations/common.tmpl
+index cdcaf53..e3f49e7 100644
+--- a/Configurations/common.tmpl
++++ b/Configurations/common.tmpl
+@@ -42,8 +42,13 @@
+ my $bin = shift;
+ my %opts = @_;
+ if ($unified_info{generate}->{$src}) {
++ die "$src is generated by Configure, should not appear in build file\n"
++ if ref $unified_info{generate}->{$src} eq "";
++ my $script = $unified_info{generate}->{$src}->[0];
+ $OUT .= generatesrc(src => $src,
+ generator => $unified_info{generate}->{$src},
++ generator_incs => $unified_info{includes}->{$script},
++ generator_deps => $unified_info{depends}->{$script},
+ deps => $unified_info{depends}->{$src},
+ incs => [ @{$unified_info{includes}->{$bin}},
+ @{$unified_info{includes}->{$obj}} ],
+diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl
+index 2e58b1a..3314a17 100644
+--- a/Configurations/descrip.mms.tmpl
++++ b/Configurations/descrip.mms.tmpl
+@@ -82,6 +82,10 @@ CONFIGURE_ARGS=({- join(", ",quotify_l(@{$config{perlargv}})) -})
+ SRCDIR={- $config{sourcedir} -}
+ BUILDDIR={- $config{builddir} -}
+
++# Allow both V and VERBOSE to indicate verbosity. This only applies
++# to testing.
++VERBOSE=$(V)
++
+ VERSION={- $config{version} -}
+ MAJOR={- $config{major} -}
+ MINOR={- $config{minor} -}
+@@ -109,6 +113,10 @@ DEPS={- our @deps = map { (my $x = $_) =~ s|\.o$|\$(DEP_EXT)|; $x; }
+ keys %{$unified_info{sources}};
+ join(", ", map { "-\n\t".$_ } @deps); -}
+ {- output_on() if $disabled{makedepend}; "" -}
++{- output_off() if $disabled{apps}; "" -}
++BIN_SCRIPTS=[.tools]c_rehash.pl
++MISC_SCRIPTS=[.apps]CA.pl, [.apps]tsget.pl
++{- output_on() if $disabled{apps}; "" -}
+
+ # DESTDIR is for package builders so that they can configure for, say,
+ # SYS$COMMON:[OPENSSL] and yet have everything installed in STAGING:[USER].
+@@ -137,6 +145,9 @@ CFLAGS_Q=$(CFLAGS)
+ DEPFLAG= /DEFINE=({- join(",", @{$config{depdefines}}) -})
+ LDFLAGS= {- $target{lflags} -}
+ EX_LIBS= {- $target{ex_libs} ? ",".$target{ex_libs} : "" -}{- $config{ex_libs} ? ",".$config{ex_libs} : "" -}
++LIB_CFLAGS={- $target{lib_cflags} || "" -}
++DSO_CFLAGS={- $target{dso_cflags} || "" -}
++BIN_CFLAGS={- $target{bin_cflags} || "" -}
+
+ PERL={- $config{perl} -}
+
+@@ -231,6 +242,7 @@ test tests : configdata.pm, -
+ DEFINE SRCTOP {- sourcedir() -}
+ DEFINE BLDTOP {- builddir() -}
+ DEFINE OPENSSL_ENGINES {- builddir("engines") -}
++ IF "$(VERBOSE)" .NES. "" THEN DEFINE VERBOSE "$(VERBOSE)"
+ $(PERL) {- sourcefile("test", "run_tests.pl") -} $(TESTS)
+ DEASSIGN OPENSSL_ENGINES
+ DEASSIGN BLDTOP
+@@ -339,8 +351,7 @@ install_runtime : check_INSTALLTOP
+ COPY/PROT=W:RE [.APPS]openssl.EXE ossl_installroot:[EXE.'arch']
+ @ ! Install scripts
+ - CREATE/DIR ossl_installroot:[EXE]
+- COPY/PROT=W:RE [.APPS]CA.pl ossl_installroot:[EXE]
+- COPY/PROT=W:RE [.TOOLS]c_rehash. ossl_installroot:[EXE]c_rehash.pl
++ COPY/PROT=W:RE $(BIN_SCRIPTS) ossl_installroot:[EXE]
+ @ ! {- output_on() if $disabled{apps}; "" -}
+ @ ! Install configuration file
+ - CREATE/DIR ossl_dataroot:[000000]
+@@ -362,6 +373,8 @@ install_config : [.VMS]openssl_startup.com [.VMS]openssl_shutdown.com -
+ CREATE/DIR/PROT=(S:RWED,O:RWE,G:RE,W:RE) OSSL_DATAROOT:[CERTS]
+ IF F$SEARCH("OSSL_DATAROOT:[000000]PRIVATE.DIR;1") .EQS. "" THEN -
+ CREATE/DIR/PROT=(S:RWED,O:RWE,G,W) OSSL_DATAROOT:[PRIVATE]
++ IF F$SEARCH("OSSL_DATAROOT:[000000]MISC.DIR;1") .EQS. "" THEN -
++ CREATE/DIR/PROT=(S:RWED,O:RWE,G,W) OSSL_DATAROOT:[MISC]
+ - CREATE/DIR ossl_installroot:[SYS$STARTUP]
+ COPY/PROT=W:RE -
+ [.VMS]openssl_startup.com,openssl_shutdown.com -
+@@ -369,14 +382,15 @@ install_config : [.VMS]openssl_startup.com [.VMS]openssl_shutdown.com -
+ COPY/PROT=W:RE -
+ {- sourcefile("VMS", "openssl_utils.com") -} -
+ ossl_installroot:[SYS$STARTUP]
++ COPY/PROT=W:RE $(MISC_SCRIPTS) OSSL_DATAROOT:[MISC]
+
+-[.VMS]openssl_startup.com : vmsconfig.pm
++[.VMS]openssl_startup.com : vmsconfig.pm {- sourcefile("VMS", "openssl_startup.com.in") -}
+ - CREATE/DIR [.VMS]
+ $(PERL) "-I." "-Mvmsconfig" {- sourcefile("util", "dofile.pl") -} -
+ {- sourcefile("VMS", "openssl_startup.com.in") -} -
+ > [.VMS]openssl_startup.com
+
+-[.VMS]openssl_shutdown.com : vmsconfig.pm
++[.VMS]openssl_shutdown.com : vmsconfig.pm {- sourcefile("VMS", "openssl_shutdown.com.in") -}
+ - CREATE/DIR [.VMS]
+ $(PERL) "-I." "-Mvmsconfig" {- sourcefile("util", "dofile.pl") -} -
+ {- sourcefile("VMS", "openssl_shutdown.com.in") -} -
+@@ -397,7 +411,10 @@ vmsconfig.pm : configdata.pm
+ WRITE CONFIG " OPENSSLDIR => '$(OPENSSLDIR)',"
+ WRITE CONFIG " pointersize => '","{- $target{pointersize} -}","',"
+ WRITE CONFIG " shared_libs => ["
+- {- join("\n ", map { "WRITE CONFIG \" '$_'," } map { $unified_info{sharednames}->{$_} || () } @{$unified_info{libraries}}) || "\@ !" -}
++ {- $disabled{shared}
++ ? "\@ !"
++ : join("\n ", map { "WRITE CONFIG \" '$_'," } map { $unified_info{sharednames}->{$_} || () } @{$unified_info{libraries}})
++ -}
+ WRITE CONFIG " ],"
+ WRITE CONFIG ");"
+ WRITE CONFIG "our %target = ();"
+@@ -407,6 +424,10 @@ vmsconfig.pm : configdata.pm
+ WRITE CONFIG "1;"
+ CLOSE CONFIG
+
++install_html_docs : check_INSTALLTOP
++ @ $(PERL) {- sourcefile("util", "process_docs.pl") -} -
++ --destdir=ossl_installroot:[HTML] --type=html
++
+ check_INSTALLTOP :
+ @ IF "$(INSTALLTOP)" .EQS. "" THEN -
+ WRITE SYS$ERROR "INSTALLTOP should not be empty"
+@@ -418,9 +439,7 @@ check_INSTALLTOP :
+ # Developer targets ##################################################
+
+ debug_logicals :
+- SH LOGICAL/PROC openssl,internal,ossl_installroot
+- IF "$(DESTDIR)" .EQS. "" THEN -
+- SH LOGICAL/PROC ossl_dataroot
++ SH LOGICAL/PROC openssl,internal,ossl_installroot,ossl_dataroot
+
+ # Building targets ###################################################
+
+@@ -441,12 +460,13 @@ configdata.pm : {- join(" ", sourcefile("Configurations", "descrip.mms.tmpl"), s
+ sub generatesrc {
+ my %args = @_;
+ my $generator = join(" ", @{$args{generator}});
+- my $deps = join(", -\n\t\t", @{$args{deps}});
++ my $generator_incs = join("", map { ' "-I'.$_.'"' } @{$args{generator_incs}});
++ my $deps = join(", -\n\t\t", @{$args{generator_deps}}, @{$args{deps}});
+
+ if ($args{src} !~ /\.[sS]$/) {
+ return <<"EOF";
+ $args{src} : $args{generator}->[0] $deps
+- \$(PERL) $generator > \$@
++ \$(PERL)$generator_incs $generator > \$@
+ EOF
+ } else {
+ die "No method to generate assembler source present.\n";
+@@ -471,6 +491,9 @@ EOF
+ my $srcs =
+ join(", ",
+ map { abs2rel(rel2abs($_), rel2abs($forward)) } @{$args{srcs}});
++ my $ecflags = { lib => '$(LIB_CFLAGS)',
++ dso => '$(DSO_CFLAGS)',
++ bin => '$(BIN_CFLAGS)' } -> {$args{intent}};
+ my $incs_on = "\@ !";
+ my $incs_off = "\@ !";
+ my $incs = "";
+@@ -501,7 +524,7 @@ $obj.OBJ : $deps
+ ${before}
+ SET DEFAULT $forward
+ $incs_on
+- \$(CC) \$(CFLAGS)${incs}${depbuild} /OBJECT=${objd}${objn}.OBJ /REPOSITORY=$backward $srcs
++ \$(CC) \$(CFLAGS)${ecflags}${incs}${depbuild} /OBJECT=${objd}${objn}.OBJ /REPOSITORY=$backward $srcs
+ $incs_off
+ SET DEFAULT $backward
+ ${after}
+diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
+index ed64e65..e20b632 100644
+--- a/Configurations/unix-Makefile.tmpl
++++ b/Configurations/unix-Makefile.tmpl
+@@ -84,7 +84,12 @@ DEPS={- join(" ", map { (my $x = $_) =~ s|\.o$|$depext|; $x; }
+ grep { $unified_info{sources}->{$_}->[0] =~ /\.c$/ }
+ keys %{$unified_info{sources}}); -}
+ {- output_on() if $disabled{makedepend}; "" -}
+-GENERATED={- join(" ", map { (my $x = $_) =~ s|\.S$|\.s|; $x } keys %{$unified_info{generate}}) -}
++GENERATED={- join(" ",
++ ( map { (my $x = $_) =~ s|\.S$|\.s|; $x }
++ grep { defined $unified_info{generate}->{$_} }
++ map { @{$unified_info{sources}->{$_}} }
++ grep { /\.o$/ } keys %{$unified_info{sources}} ),
++ ( grep { /\.h$/ } keys %{$unified_info{generate}} )) -}
+
+ {- output_off() if $disabled{apps}; "" -}
+ BIN_SCRIPTS=$(BLDDIR)/tools/c_rehash
+@@ -169,10 +174,9 @@ LIB_LDFLAGS={- $target{shared_ldflag}." ".$config{shared_ldflag}
+ # $prefix is not /usr.
+ . ($config{target} =~ m|^BSD-| && $prefix !~ m|^/usr/.*$|
+ ? " -Wl,-rpath,\$\$(LIBRPATH)" : "") -}
+-RCFLAGS={- $target{shared_rcflag} -}
+ DSO_CFLAGS={- $target{shared_cflag} || "" -}
+ DSO_LDFLAGS=$(LIB_LDFLAGS)
+-BIN_CFLAGS={- "" -}
++BIN_CFLAGS={- $target{bin_cflags} -}
+
+ PERL={- $config{perl} -}
+
+@@ -180,6 +184,8 @@ ARFLAGS= {- $target{arflags} -}
+ AR=$(CROSS_COMPILE){- $target{ar} || "ar" -} $(ARFLAGS) r
+ RANLIB= {- $target{ranlib} -}
+ NM= $(CROSS_COMPILE){- $target{nm} || "nm" -}
++RCFLAGS={- $target{shared_rcflag} -}
++RC= $(CROSS_COMPILE){- $target{rc} || "windres" -}
+ RM= rm -f
+ RMDIR= rmdir
+ TAR= {- $target{tar} || "tar" -}
+@@ -217,12 +223,14 @@ build_apps_nodep: $(PROGRAMS) $(SCRIPTS)
+ build_tests: configdata.pm build_tests_nodep depend
+ build_tests_nodep: $(TESTPROGS)
+
+-test tests: build_tests_nodep build_apps_nodep build_engines_nodep \
+- depend link-utils
++test: tests
++tests: build_tests_nodep build_apps_nodep build_engines_nodep \
++ depend link-utils
+ @ : {- output_off() if $disabled{tests}; "" -}
+ ( cd test; \
+ SRCTOP=../$(SRCDIR) \
+ BLDTOP=../$(BLDDIR) \
++ PERL="$(PERL)" \
+ EXE_EXT={- $exeext -} \
+ OPENSSL_ENGINES=../$(BLDDIR)/engines \
+ $(PERL) ../$(SRCDIR)/test/run_tests.pl $(TESTS) )
+@@ -231,7 +239,7 @@ test tests: build_tests_nodep build_apps_nodep build_engines_nodep \
+ @ : {- output_on() if !$disabled{tests}; "" -}
+
+ list-tests:
+- @TOP=$(SRCDIR) PERL=$(PERL) $(PERL) $(SRCDIR)/test/run_tests.pl list
++ @TOP="$(SRCDIR)" PERL="$(PERL)" $(PERL) $(SRCDIR)/test/run_tests.pl list
+
+ libclean:
+ @set -e; for s in $(SHLIB_INFO); do \
+@@ -258,7 +266,7 @@ clean: libclean
+ rm -f core
+ rm -f tags TAGS
+ rm -f openssl.pc libcrypto.pc libssl.pc
+- -rm -f `find . -type l`
++ -rm -f `find . -type l -a \! -path "./.git/*"`
+ rm -f $(TARFILE)
+
+ # This exists solely for those who still type 'make depend'
+@@ -526,6 +534,7 @@ PROCESS_PODS=\
+ SEC=`sed -ne 's/^=for *comment *openssl_manual_section: *\([0-9]\) *$$/\1/p' $$p`; \
+ [ -z "$$SEC" ] && SEC=$$defsec; \
+ fn=`basename $$p .pod`; \
++ Name=$$fn; \
+ NAME=`echo $$fn | tr [a-z] [A-Z]`; \
+ suf=`eval "echo $$OUTSUFFIX"`; \
+ top=`eval "echo $$OUTTOP"`; \
+@@ -605,7 +614,7 @@ install_html_docs:
+ OUTSUFFIX='.$(HTMLSUFFIX)'; \
+ OUTTOP="$(DESTDIR)$(HTMLDIR)"; \
+ GENERATE="pod2html --podroot=$(SRCDIR)/doc --htmldir=.. \
+- --podpath=apps:crypto:ssl \
++ --podpath=apps:crypto:ssl --title=\$$Name \
+ | sed -e 's|href=\"http://man.he.net/man|href=\"../man|g'"; \
+ $(PROCESS_PODS)
+
+@@ -621,7 +630,8 @@ uninstall_html_docs:
+
+ update: generate errors ordinals
+
+-generate: generate_apps generate_crypto_bn generate_crypto_objects
++generate: generate_apps generate_crypto_bn generate_crypto_objects \
++ generate_crypto_conf generate_crypto_asn1
+
+ # Test coverage is a good idea for the future
+ #coverage: $(PROGRAMS) $(TESTPROGRAMS)
+@@ -652,18 +662,26 @@ generate_crypto_bn:
+ ( cd $(SRCDIR); $(PERL) crypto/bn/bn_prime.pl > crypto/bn/bn_prime.h )
+
+ generate_crypto_objects:
+- ( cd $(SRCDIR); $(PERL) crypto/objects/obj_dat.pl \
+- include/openssl/obj_mac.h \
+- crypto/objects/obj_dat.h )
+ ( cd $(SRCDIR); $(PERL) crypto/objects/objects.pl \
+ crypto/objects/objects.txt \
+ crypto/objects/obj_mac.num \
+ include/openssl/obj_mac.h )
++ ( cd $(SRCDIR); $(PERL) crypto/objects/obj_dat.pl \
++ include/openssl/obj_mac.h \
++ crypto/objects/obj_dat.h )
+ ( cd $(SRCDIR); $(PERL) crypto/objects/objxref.pl \
+ crypto/objects/obj_mac.num \
+ crypto/objects/obj_xref.txt \
+ > crypto/objects/obj_xref.h )
+
++generate_crypto_conf:
++ ( cd $(SRCDIR); $(PERL) crypto/conf/keysets.pl \
++ > crypto/conf/conf_def.h )
++
++generate_crypto_asn1:
++ ( cd $(SRCDIR); $(PERL) crypto/asn1/charmap.pl \
++ > crypto/asn1/charmap.h )
++
+ errors:
+ ( cd $(SRCDIR); $(PERL) util/ck_errf.pl -strict */*.c */*/*.c )
+ ( cd $(SRCDIR); $(PERL) util/mkerr.pl -recurse -write )
+@@ -807,19 +825,20 @@ configdata.pm: $(SRCDIR)/Configurations/unix-Makefile.tmpl $(SRCDIR)/Configurati
+ sub generatesrc {
+ my %args = @_;
+ my $generator = join(" ", @{$args{generator}});
++ my $generator_incs = join("", map { " -I".$_ } @{$args{generator_incs}});
+ my $incs = join("", map { " -I".$_ } @{$args{incs}});
+- my $deps = join(" ", @{$args{deps}});
++ my $deps = join(" ", @{$args{generator_deps}}, @{$args{deps}});
+
+ if ($args{src} !~ /\.[sS]$/) {
+ return <<"EOF";
+ $args{src}: $args{generator}->[0] $deps
+- \$(PERL) $generator > \$@
++ \$(PERL)$generator_incs $generator > \$@
+ EOF
+ } else {
+ if ($args{generator}->[0] =~ /\.pl$/) {
+- $generator = 'CC="$(CC)" $(PERL) '.$generator;
++ $generator = 'CC="$(CC)" $(PERL)'.$generator_incs.' '.$generator;
+ } elsif ($args{generator}->[0] =~ /\.m4$/) {
+- $generator = 'm4 -B 8192 '.$generator.' >'
++ $generator = 'm4 -B 8192'.$generator_incs.' '.$generator.' >'
+ } elsif ($args{generator}->[0] =~ /\.S$/) {
+ $generator = undef;
+ } else {
+@@ -835,7 +854,9 @@ EOF
+ $target: $args{generator}->[0] $deps
+ ( trap "rm -f \$@.*" INT 0; \\
+ $generator \$@.S; \\
+- \$(CC) \$(CFLAGS) $incs -E -P \$@.S > \$@.i && mv -f \$@.i \$@ )
++ \$(CC) \$(CFLAGS) $incs -E \$@.S | \\
++ \$(PERL) -ne '/^#(line)?\\s*[0-9]+/ or print' > \$@.i && \\
++ mv -f \$@.i \$@ )
+ EOF
+ }
+ # Otherwise....
+@@ -846,7 +867,8 @@ EOF
+ }
+ return <<"EOF";
+ $args{src}: $args{generator}->[0] $deps
+- \$(CC) \$(CFLAGS) $incs -E -P \$< > \$@
++ \$(CC) \$(CFLAGS) $incs -E \$< | \\
++ \$(PERL) -ne '/^#(line)?\\s*[0-9]+/ or print' > \$@
+ EOF
+ }
+ }
+@@ -939,15 +961,15 @@ EOF
+ $target: $lib$libext $deps $ordinalsfile
+ \$(MAKE) -f \$(SRCDIR)/Makefile.shared -e \\
+ PLATFORM=\$(PLATFORM) \\
+- PERL=\$(PERL) SRCDIR='\$(SRCDIR)' DSTDIR="$libd" \\
++ PERL="\$(PERL)" SRCDIR='\$(SRCDIR)' DSTDIR="$libd" \\
+ INSTALLTOP='\$(INSTALLTOP)' LIBDIR='\$(LIBDIR)' \\
+ LIBDEPS='\$(PLIB_LDFLAGS) '"$linklibs"' \$(EX_LIBS)' \\
+ LIBNAME=$libname LIBVERSION=\$(SHLIB_MAJOR).\$(SHLIB_MINOR) \\
+ LIBCOMPATVERSIONS=';\$(SHLIB_VERSION_HISTORY)' \\
+ CC='\$(CC)' CFLAGS='\$(CFLAGS) \$(LIB_CFLAGS)' \\
+- CROSS_COMPILE='\$(CROSS_COMPILE)' LDFLAGS='\$(LDFLAGS)' \\
++ LDFLAGS='\$(LDFLAGS)' \\
+ SHARED_LDFLAGS='\$(LIB_LDFLAGS)' SHLIB_EXT=$shlibext \\
+- SHARED_RCFLAGS='\$(RCFLAGS)' \\
++ RC='\$(RC)' SHARED_RCFLAGS='\$(RCFLAGS)' \\
+ link_shlib.$shlib_target
+ EOF
+ . (windowsdll() ? <<"EOF" : "");
+@@ -975,7 +997,7 @@ EOF
+ $target: $objs $deps
+ \$(MAKE) -f \$(SRCDIR)/Makefile.shared -e \\
+ PLATFORM=\$(PLATFORM) \\
+- PERL=\$(PERL) SRCDIR='\$(SRCDIR)' DSTDIR="$libd" \\
++ PERL="\$(PERL)" SRCDIR='\$(SRCDIR)' DSTDIR="$libd" \\
+ LIBDEPS='\$(PLIB_LDFLAGS) '"$shlibdeps"' \$(EX_LIBS)' \\
+ LIBNAME=$libname LDFLAGS='\$(LDFLAGS)' \\
+ CC='\$(CC)' CFLAGS='\$(CFLAGS) \$(DSO_CFLAGS)' \\
+@@ -1012,7 +1034,7 @@ EOF
+ $bin$exeext: $objs $deps
+ \$(RM) $bin$exeext
+ \$(MAKE) -f \$(SRCDIR)/Makefile.shared -e \\
+- PERL=\$(PERL) SRCDIR=\$(SRCDIR) \\
++ PERL="\$(PERL)" SRCDIR=\$(SRCDIR) \\
+ APPNAME=$bin$exeext OBJECTS="$objs" \\
+ LIBDEPS='\$(PLIB_LDFLAGS) '"$linklibs"' \$(EX_LIBS)' \\
+ CC='\$(CC)' CFLAGS='\$(CFLAGS) \$(BIN_CFLAGS)' \\
+diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl
+index 0c043a0..9a8109f 100644
+--- a/Configurations/windows-makefile.tmpl
++++ b/Configurations/windows-makefile.tmpl
+@@ -19,10 +19,14 @@
+ ? "CommonProgramFiles(x86)" : "CommonProgramW6432";
+ our $win_installroot =
+ defined($ENV{$win_installenv})
+- ? '%'.$win_installenv.'%' : '%ProgramFiles%';
++ ? $win_installenv : 'ProgramFiles';
+ our $win_commonroot =
+ defined($ENV{$win_commonenv})
+- ? '%'.$win_commonenv.'%' : '%CommonProgramFiles%';
++ ? $win_commonenv : 'CommonProgramFiles';
++
++ # expand variables early
++ $win_installroot = $ENV{$win_installroot};
++ $win_commonroot = $ENV{$win_commonroot};
+
+ sub shlib {
+ return () if $disabled{shared};
+@@ -56,16 +60,29 @@ SHLIB_VERSION_NUMBER={- $config{shlib_version_number} -}
+
+ LIBS={- join(" ", map { $_.$libext } @{$unified_info{libraries}}) -}
+ SHLIBS={- join(" ", map { shlib($_) } @{$unified_info{libraries}}) -}
++SHLIBPDBS={- join(" ", map { local $shlibext = ".pdb"; shlib($_) } @{$unified_info{libraries}}) -}
+ ENGINES={- join(" ", map { dso($_) } @{$unified_info{engines}}) -}
++ENGINEPDBS={- join(" ", map { local $dsoext = ".pdb"; dso($_) } @{$unified_info{engines}}) -}
+ PROGRAMS={- join(" ", map { $_.$exeext } grep { !m|^test\\| } @{$unified_info{programs}}) -}
++PROGRAMPDBS={- join(" ", map { $_.".pdb" } grep { !m|^test\\| } @{$unified_info{programs}}) -}
+ TESTPROGS={- join(" ", map { $_.$exeext } grep { m|^test\\| } @{$unified_info{programs}}) -}
+ SCRIPTS={- join(" ", @{$unified_info{scripts}}) -}
++{- output_off() if $disabled{apps}; "" -}
++BIN_SCRIPTS=$(BLDDIR)\tools\c_rehash.pl
++MISC_SCRIPTS=$(BLDDIR)\apps\CA.pl $(BLDDIR)\apps\tsget.pl
++{- output_on() if $disabled{apps}; "" -}
+
+ {- output_off() if $disabled{makedepend}; "" -}
+ DEPS={- join(" ", map { (my $x = $_) =~ s|\.o$|$depext|; $x; }
+ grep { $unified_info{sources}->{$_}->[0] =~ /\.c$/ }
+ keys %{$unified_info{sources}}); -}
+ {- output_on() if $disabled{makedepend}; "" -}
++GENERATED={- join(" ",
++ ( map { (my $x = $_) =~ s|\.[sS]$|\.asm|; $x }
++ grep { defined $unified_info{generate}->{$_} }
++ map { @{$unified_info{sources}->{$_}} }
++ grep { /\.o$/ } keys %{$unified_info{sources}} ),
++ ( grep { /\.h$/ } keys %{$unified_info{generate}} )) -}
+
+ # Do not edit these manually. Use Configure with --prefix or --openssldir
+ # to change this! Short explanation in the top comment in Configure
+@@ -138,12 +155,13 @@ build_apps_nodep: $(PROGRAMS) $(SCRIPTS)
+ build_tests: configdata.pm build_tests_nodep depend
+ build_tests_nodep: $(TESTPROGS)
+
+-test tests: build_tests_nodep build_apps_nodep build_engines_nodep depend
++test: tests
++tests: build_tests_nodep build_apps_nodep build_engines_nodep depend
+ @rem {- output_off() if $disabled{tests}; "" -}
+ set SRCTOP=$(SRCDIR)
+ set BLDTOP=$(BLDDIR)
+ set PERL=$(PERL)
+- $(PERL) $(SRCDIR)\test\run_tests.pl $(TESTS)
++ "$(PERL)" "$(SRCDIR)\test\run_tests.pl" $(TESTS)
+ @rem {- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
+ @echo "Tests are not supported with your chosen Configure options"
+ @rem {- output_on() if !$disabled{tests}; "" -}
+@@ -151,26 +169,31 @@ test tests: build_tests_nodep build_apps_nodep build_engines_nodep depend
+ list-tests:
+ @set TOP=$(SRCDIR)
+ @set PERL=$(PERL)
+- @$(PERL) $(SRCDIR)\test\run_tests.pl list
++ @"$(PERL)" "$(SRCDIR)\test\run_tests.pl" list
+
+ install: install_sw install_ssldirs install_docs
+
+ uninstall: uninstall_docs uninstall_sw
+
+ libclean:
+- $(PERL) -e "map { m/(.*)\.dll$$/; unlink glob """$$1.*""" } @ARGV" $(SHLIBS)
+- del /Q /F $(LIBS)
+- del lib.pdb
++ "$(PERL)" -e "map { m/(.*)\.dll$$/; unlink glob """$$1.*"""; } @ARGV" $(SHLIBS)
++ "$(PERL)" -e "map { m/(.*)\.dll$$/; unlink glob """apps/$$1.*"""; } @ARGV" $(SHLIBS)
++ "$(PERL)" -e "map { m/(.*)\.dll$$/; unlink glob """test/$$1.*"""; } @ARGV" $(SHLIBS)
++ -del /Q /F $(LIBS)
++ -del /Q ossl_static.pdb
+
+ clean: libclean
+- del /Q /F $(PROGRAMS) $(TESTPROGS) $(ENGINES) $(SCRIPTS)
+- del /Q /S /F *.asm
+- del /Q /S /F *.d
+- del /Q /S /F *.obj
+- del /Q /S /F *.pdb
+- del /Q /S /F *.exp
+- del /Q /S /F engines\*.ilk
+- del /Q /S /F engines\*.lib
++ -del /Q /F $(PROGRAMS) $(TESTPROGS) $(ENGINES) $(SCRIPTS)
++ -del /Q /S /F $(GENERATED)
++ -del /Q /S /F *.d
++ -del /Q /S /F *.obj
++ -del /Q /S /F *.pdb
++ -del /Q /S /F *.exp
++ -del /Q /S /F engines\*.ilk
++ -del /Q /S /F engines\*.lib
++ -del /Q /S /F apps\*.lib
++ -del /Q /S /F engines\*.manifest
++ -del /Q /S /F apps\*.manifest
+
+ depend:
+
+@@ -181,52 +204,72 @@ install_sw: all install_dev install_engines install_runtime
+ uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
+
+ install_docs:
++ "$(PERL)" "$(SRCDIR)\util\process_docs.pl" \
++ "--destdir=$(DESTDIR)$(INSTALLTOP)\html" --type=html
+
+ uninstall_docs:
+
+ install_ssldirs:
+- @$(PERL) $(SRCDIR)\util\mkdir-p.pl "$(DESTDIR)$(OPENSSLDIR)\certs"
+- @$(PERL) $(SRCDIR)\util\mkdir-p.pl "$(DESTDIR)$(OPENSSLDIR)\private"
++ @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(DESTDIR)$(OPENSSLDIR)\certs"
++ @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(DESTDIR)$(OPENSSLDIR)\private"
++ @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(DESTDIR)$(OPENSSLDIR)\misc"
++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\apps\openssl.cnf" \
++ "$(DESTDIR)$(OPENSSLDIR)"
++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" $(MISC_SCRIPTS) \
++ "$(DESTDIR)$(OPENSSLDIR)\misc"
+
+ install_dev:
+ @if "$(INSTALLTOP)"=="" ( echo INSTALLTOP should not be empty & exit 1 )
+ @echo *** Installing development files
+- @$(PERL) $(SRCDIR)\util\mkdir-p.pl "$(DESTDIR)$(INSTALLTOP)\include\openssl"
+- @$(PERL) $(SRCDIR)\util\copy.pl $(SRCDIR)\include\openssl\*.h \
++ @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(DESTDIR)$(INSTALLTOP)\include\openssl"
++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\include\openssl\*.h" \
+ "$(DESTDIR)$(INSTALLTOP)\include\openssl"
+- @$(PERL) $(SRCDIR)\util\copy.pl $(BLDDIR)\include\openssl\*.h \
++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" $(BLDDIR)\include\openssl\*.h \
+ "$(DESTDIR)$(INSTALLTOP)\include\openssl"
+- @$(PERL) $(SRCDIR)\util\mkdir-p.pl "$(DESTDIR)$(INSTALLTOP)\$(LIBDIR)"
+- @$(PERL) $(SRCDIR)\util\copy.pl $(LIBS) \
++ @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(DESTDIR)$(INSTALLTOP)\$(LIBDIR)"
++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" $(LIBS) \
+ "$(DESTDIR)$(INSTALLTOP)\$(LIBDIR)"
++ @if "$(SHLIBS)"=="" \
++ "$(PERL)" "$(SRCDIR)\util\copy.pl" ossl_static.pdb \
++ "$(DESTDIR)$(INSTALLTOP)\$(LIBDIR)"
+
+ uninstall_dev:
+
+ install_engines:
+ @if "$(INSTALLTOP)"=="" ( echo INSTALLTOP should not be empty & exit 1 )
+ @echo *** Installing engines
+- @$(PERL) $(SRCDIR)\util\mkdir-p.pl "$(DESTDIR)$(ENGINESDIR)"
++ @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(DESTDIR)$(ENGINESDIR)"
++ @if not "$(ENGINES)"=="" \
++ "$(PERL)" "$(SRCDIR)\util\copy.pl" $(ENGINES) "$(DESTDIR)$(ENGINESDIR)"
+ @if not "$(ENGINES)"=="" \
+- $(PERL) $(SRCDIR)\util\copy.pl $(ENGINES) "$(DESTDIR)$(ENGINESDIR)"
++ "$(PERL)" "$(SRCDIR)\util\copy.pl" $(ENGINEPDBS) "$(DESTDIR)$(ENGINESDIR)"
+
+ uninstall_engines:
+
+ install_runtime:
+ @if "$(INSTALLTOP)"=="" ( echo INSTALLTOP should not be empty & exit 1 )
+ @echo *** Installing runtime files
+- @$(PERL) $(SRCDIR)\util\mkdir-p.pl "$(DESTDIR)$(INSTALLTOP)\bin"
++ @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(DESTDIR)$(INSTALLTOP)\bin"
++ @if not "$(SHLIBS)"=="" \
++ "$(PERL)" "$(SRCDIR)\util\copy.pl" $(SHLIBS) "$(DESTDIR)$(INSTALLTOP)\bin"
+ @if not "$(SHLIBS)"=="" \
+- $(PERL) $(SRCDIR)\util\copy.pl $(SHLIBS) "$(DESTDIR)$(INSTALLTOP)\bin"
+- @$(PERL) $(SRCDIR)\util\copy.pl $(PROGRAMS) "$(DESTDIR)$(INSTALLTOP)\bin"
++ "$(PERL)" "$(SRCDIR)\util\copy.pl" $(SHLIBPDBS) \
++ "$(DESTDIR)$(INSTALLTOP)\bin"
++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" $(PROGRAMS) \
++ "$(DESTDIR)$(INSTALLTOP)\bin"
++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" $(PROGRAMPDBS) \
++ "$(DESTDIR)$(INSTALLTOP)\bin"
++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" $(BIN_SCRIPTS) \
++ "$(DESTDIR)$(INSTALLTOP)\bin"
+
+ uninstall_runtime:
+
+ # Building targets ###################################################
+
+-configdata.pm: {- $config{build_file_template} -} $(SRCDIR)\Configure
++configdata.pm: "{- $config{build_file_template} -}" "$(SRCDIR)\Configure"
+ @echo "Detected changed: $?"
+ @echo "Reconfiguring..."
+- $(PERL) $(SRCDIR)\Configure reconf
++ "$(PERL)" "$(SRCDIR)\Configure" reconf
+ @echo "**************************************************"
+ @echo "*** ***"
+ @echo "*** Please run the same make command again ***"
+@@ -250,18 +293,20 @@ configdata.pm: {- $config{build_file_template} -} $(SRCDIR)\Configure
+ sub generatesrc {
+ my %args = @_;
+ (my $target = $args{src}) =~ s/\.[sS]$/.asm/;
+- my $generator = join(" ", @{$args{generator}});
+- my $incs = join("", map { " /I ".$_ } @{$args{incs}});
+- my $deps = join(" ", @{$args{deps}});
++ my $generator = '"'.join('" "', @{$args{generator}}).'"';
++ my $generator_incs = join("", map { " -I \"$_\"" } @{$args{generator_incs}});
++ my $incs = join("", map { " /I \"$_\"" } @{$args{incs}});
++ my $deps = @{$args{deps}} ?
++ '"'.join('" "', @{$args{generator_deps}}, @{$args{deps}}).'"' : '';
+
+ if ($target !~ /\.asm$/) {
+ return <<"EOF";
+-$target: $args{generator}->[0] $deps
+- \$(PERL) $generator > \$@
++$target: "$args{generator}->[0]" $deps
++ "\$(PERL)"$generator_incs $generator > \$@
+ EOF
+ } else {
+ if ($args{generator}->[0] =~ /\.pl$/) {
+- $generator = '$(PERL) '.$generator;
++ $generator = '"$(PERL)"'.$generator_incs.' '.$generator;
+ } elsif ($args{generator}->[0] =~ /\.S$/) {
+ $generator = undef;
+ } else {
+@@ -273,9 +318,8 @@ EOF
+ # end up generating foo.s in two steps.
+ if ($args{src} =~ /\.S$/) {
+ return <<"EOF";
+-$target: $args{generator}->[0] $deps
++$target: "$args{generator}->[0]" $deps
+ set ASM=\$(AS)
+- set CC=\$(CC)
+ $generator \$@.S
+ \$(CC) \$(CFLAGS) $incs /EP /C \$@.S > \$@.i && move /Y \$@.i \$@
+ del /Q \$@.S
+@@ -283,15 +327,14 @@ EOF
+ }
+ # Otherwise....
+ return <<"EOF";
+-$target: $args{generator}->[0] $deps
++$target: "$args{generator}->[0]" $deps
+ set ASM=\$(AS)
+- set CC=\$(CC)
+ $generator \$@
+ EOF
+ }
+ return <<"EOF";
+-$target: $args{generator}->[0] $deps
+- \$(CC) \$(CFLAGS) $incs /EP /C $args{generator}->[0] > \$@.i && move /Y \$@.i \$@
++$target: "$args{generator}->[0]" $deps
++ \$(CC) \$(CFLAGS) $incs /EP /C "$args{generator}->[0]" > \$@.i && move /Y \$@.i \$@
+ EOF
+ }
+ }
+@@ -301,12 +344,12 @@ EOF
+ my $obj = $args{obj};
+ my @srcs = map { (my $x = $_) =~ s/\.s$/.asm/; $x
+ } ( @{$args{srcs}} );
+- my $srcs = join(" ", @srcs);
+- my $deps = join(" ", @srcs, @{$args{deps}});
+- my $incs = join("", map { " /I ".$_ } @{$args{incs}});
++ my $srcs = '"'.join('" "', @srcs).'"';
++ my $deps = '"'.join('" "', @srcs, @{$args{deps}}).'"';
++ my $incs = join("", map { ' /I "'.$_.'"' } @{$args{incs}});
+ unless ($disabled{zlib}) {
+ if ($withargs{zlib_include}) {
+- $incs .= " /I ".$withargs{zlib_include};
++ $incs .= ' /I "'.$withargs{zlib_include}.'"';
+ }
+ }
+ my $ecflags = { lib => '$(LIB_CFLAGS)',
+@@ -322,7 +365,7 @@ EOF
+ return <<"EOF" if (!$disabled{makedepend});
+ $obj$depext: $deps
+ \$(CC) \$(CFLAGS) $ecflags$inc /Zs /showIncludes $srcs 2>&1 | \\
+- \$(PERL) -n << > $obj$depext
++ "\$(PERL)" -n << > $obj$depext
+ chomp;
+ s/^Note: including file: *//;
+ \$\$collect{\$\$_} = 1;
+@@ -362,18 +405,18 @@ EOF
+ rel2abs($config{builddir}));
+ my $target = shlib_import($lib);
+ return <<"EOF"
+-$target: $deps $ordinalsfile $mkdef_pl
+- \$(PERL) $mkdef_pl "$mkdef_key" 32 > $shlib.def
+- \$(PERL) -i.tmp -pe "s|^LIBRARY\\s+${mkdef_key}32|LIBRARY $shlib|;" $shlib.def
++$target: $deps "$ordinalsfile" "$mkdef_pl"
++ "\$(PERL)" "$mkdef_pl" "$mkdef_key" 32 > $shlib.def
++ "\$(PERL)" -i.tmp -pe "s|^LIBRARY\\s+${mkdef_key}32|LIBRARY $shlib|;" $shlib.def
+ DEL $shlib.def.tmp
+- \$(PERL) $mkrc_pl $shlib$shlibext > $shlib.rc
++ "\$(PERL)" "$mkrc_pl" $shlib$shlibext > $shlib.rc
+ \$(RC) \$(RCOUTFLAG)$shlib.res $shlib.rc
+ \$(LD) \$(LDFLAGS) \$(LIB_LDFLAGS) \\
+ /implib:\$@ \$(LDOUTFLAG)$shlib$shlibext /def:$shlib.def @<< || (DEL /Q \$(\@B).* $shlib.* && EXIT 1)
+ $objs $shlib.res$linklibs \$(EX_LIBS)
+ <<
+- DEL /F apps\\$shlib$shlibext
+- DEL /F test\\$shlib$shlibext
++ IF EXIST apps\\$shlib$shlibext DEL /Q /F apps\\$shlib$shlibext
++ IF EXIST test\\$shlib$shlibext DEL /Q /F test\\$shlib$shlibext
+ COPY $shlib$shlibext apps
+ COPY $shlib$shlibext test
+ EOF
+@@ -436,13 +479,13 @@ EOF
+ sub in2script {
+ my %args = @_;
+ my $script = $args{script};
+- my $sources = join(" ", @{$args{sources}});
++ my $sources = '"'.join('" "', @{$args{sources}}).'"';
+ my $dofile = abs2rel(rel2abs(catfile($config{sourcedir},
+ "util", "dofile.pl")),
+ rel2abs($config{builddir}));
+ return <<"EOF";
+ $script: $sources
+- \$(PERL) "-I\$(BLDDIR)" -Mconfigdata "$dofile" \\
++ "\$(PERL)" "-I\$(BLDDIR)" -Mconfigdata "$dofile" \\
+ "-o$target{build_file}" $sources > "$script"
+ EOF
+ }
+diff --git a/Configure b/Configure
+index a7b9ed5..0c87cd1 100755
+--- a/Configure
++++ b/Configure
+@@ -1,5 +1,11 @@
+ #! /usr/bin/env perl
+ # -*- mode: perl; -*-
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ ## Configure -- OpenSSL source tree configuration script
+
+@@ -67,9 +73,9 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx
+ # RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+ # Following are set automatically by this script
+ #
+-# MD5_ASM use some extra md5 assember,
+-# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86
+-# RMD160_ASM use some extra ripemd160 assember,
++# MD5_ASM use some extra md5 assembler,
++# SHA1_ASM use some extra sha1 assembler, must define L_ENDIAN for x86
++# RMD160_ASM use some extra ripemd160 assembler,
+ # SHA256_ASM sha256_block is implemented in assembler
+ # SHA512_ASM sha512_block is implemented in assembler
+ # AES_ASM ASE_[en|de]crypt is implemented in assembler
+@@ -160,7 +166,7 @@ sub read_config;
+
+ # resolve_config(target)
+ #
+-# Resolves all the late evalutations, inheritances and so on for the
++# Resolves all the late evaluations, inheritances and so on for the
+ # chosen target and any target it inherits from.
+ sub resolve_config;
+
+@@ -172,6 +178,8 @@ my $srcdir = catdir(absolutedir(dirname($0))); # catdir ensures local syntax
+ my $blddir = catdir(absolutedir(".")); # catdir ensures local syntax
+ my $dofile = abs2rel(catfile($srcdir, "util/dofile.pl"));
+
++my $local_config_envname = 'OPENSSL_LOCAL_CONFIG_DIR';
++
+ $config{sourcedir} = abs2rel($srcdir);
+ $config{builddir} = abs2rel($blddir);
+
+@@ -202,10 +210,24 @@ die "erroneous version information in opensslv.h: ",
+ # Collect target configurations
+
+ my $pattern = catfile(dirname($0), "Configurations", "*.conf");
+-foreach (sort glob($pattern) ) {
++foreach (sort glob("\"$pattern\"") ) {
+ &read_config($_);
+ }
+
++if (defined $ENV{$local_config_envname}) {
++ if ($^O eq 'VMS') {
++ # VMS environment variables are logical names,
++ # which can be used as is
++ $pattern = $local_config_envname . ':' . '*.conf';
++ } else {
++ $pattern = catfile($ENV{$local_config_envname}, '*.conf');
++ }
++
++ foreach (sort glob($pattern) ) {
++ &read_config($_);
++ }
++}
++
+
+ print "Configuring OpenSSL version $config{version} (0x$config{version_num})\n";
+
+@@ -238,12 +260,13 @@ $config{sdirs} = [
+ my @tls = qw(ssl3 tls1 tls1_1 tls1_2);
+ my @dtls = qw(dtls1 dtls1_2);
+
+-# Explicitelly known options that are possible to disable. They can
++# Explicitly known options that are possible to disable. They can
+ # be regexps, and will be used like this: /^no-${option}$/
+ # For developers: keep it sorted alphabetically
+
+ my @disablables = (
+ "afalgeng",
++ "asan",
+ "asm",
+ "async",
+ "autoalginit",
+@@ -277,6 +300,7 @@ my @disablables = (
+ "engine",
+ "err",
+ "filenames",
++ "fuzz",
+ "gost",
+ "heartbeats",
+ "hw(-.+)?",
+@@ -301,7 +325,6 @@ my @disablables = (
+ "ripemd",
+ "rmd160",
+ "scrypt",
+- "sct",
+ "sctp",
+ "seed",
+ "shared",
+@@ -316,6 +339,7 @@ my @disablables = (
+ "threads",
+ "tls",
+ "ts",
++ "ubsan",
+ "ui",
+ "unit-test",
+ "whirlpool",
+@@ -331,24 +355,29 @@ foreach my $proto ((@tls, @dtls))
+
+ my @deprecated_disablables = (
+ "ssl2",
++ "buf-freelists",
+ );
+
+ # All of the following is disabled by default (RC5 was enabled before 0.9.8):
+
+ our %disabled = ( # "what" => "comment"
++ "asan" => "default",
+ "ec_nistp_64_gcc_128" => "default",
+ "egd" => "default",
++ "fuzz" => "default",
+ "md2" => "default",
+ "rc5" => "default",
+ "sctp" => "default",
+ "ssl-trace" => "default",
+ "ssl3" => "default",
+ "ssl3-method" => "default",
++ "ubsan" => "default",
+ "unit-test" => "default",
+ "weak-ssl-ciphers" => "default",
+ "zlib" => "default",
+ "zlib-dynamic" => "default",
+ "crypto-mdebug" => "default",
++ "crypto-mdebug-backtrace" => "default",
+ "heartbeats" => "default",
+ );
+
+@@ -364,7 +393,7 @@ my @disable_cascades = (
+ "ec" => [ "ecdsa", "ecdh" ],
+
+ "dgram" => [ "dtls", "sctp" ],
+- "sock" => [ "sctp" ],
++ "sock" => [ "dgram" ],
+ "dtls" => [ @dtls ],
+
+ # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA
+@@ -458,8 +487,6 @@ my $target="";
+ $config{options}="";
+ $config{build_type} = "release";
+
+-my $classic = 0;
+-
+ my @argvcopy=@ARGV;
+
+ if (grep /^reconf(igure)?$/, @argvcopy) {
+@@ -644,11 +671,7 @@ foreach (@argvcopy)
+ }
+ elsif (/^[-+]/)
+ {
+- if (/^--classic$/)
+- {
+- $classic=1;
+- }
+- elsif (/^--prefix=(.*)$/)
++ if (/^--prefix=(.*)$/)
+ {
+ $config{prefix}=$1;
+ die "Directory given with --prefix MUST be absolute\n"
+@@ -712,7 +735,7 @@ foreach (@argvcopy)
+ unless ($_ eq $target || /^no-/ || /^disable-/)
+ {
+ # "no-..." follows later after implied disactivations
+- # have been derived. (Don't take this too seroiusly,
++ # have been derived. (Don't take this too seriously,
+ # we really only write OPTIONS to the Makefile out of
+ # nostalgia.)
+
+@@ -888,9 +911,13 @@ $config{cross_compile_prefix} = $ENV{'CROSS_COMPILE'}
+ # Allow overriding the names of some tools. USE WITH CARE
+ $config{perl} = $ENV{'PERL'} || ($^O ne "VMS" ? $^X : "perl");
+ $target{cc} = $ENV{'CC'} || $target{cc} || "cc";
+-$target{ranlib} = $ENV{'RANLIB'} || $target{ranlib} || which("ranlib") || "true";
++$target{ranlib} = $ENV{'RANLIB'} || $target{ranlib} ||
++ (which("$config{cross_compile_prefix}ranlib") ?
++ "\$(CROSS_COMPILE)ranlib" : "true");
+ $target{ar} = $ENV{'AR'} || $target{ar} || "ar";
+ $target{nm} = $ENV{'NM'} || $target{nm} || "nm";
++$target{rc} =
++ $ENV{'RC'} || $ENV{'WINDRES'} || $target{rc} || "windres";
+
+ # For cflags, lflags, plib_lflags, ex_libs and defines, add the debug_
+ # or release_ attributes.
+@@ -904,22 +931,6 @@ $config{shared_ldflag} = "";
+ $target{build_scheme} = [ $target{build_scheme} ]
+ if ref($target{build_scheme}) ne "ARRAY";
+
+-###### TO BE REMOVED WHEN CLASSIC BUILD IS REMOVED
+-######
+-###### If the user has chosen --classic, we give it to them.
+-###### If they try that with an out-of-source config, we complain.
+-if ($target{build_scheme}->[0] eq "unified" && $classic) {
+- die "Can't perform a classic build out of source tree\n"
+- if $srcdir ne $blddir;
+-
+- $target{build_scheme} = { unix => [ "unixmake" ],
+- windows => undef,
+- VMS => undef } -> {$target{build_scheme}->[1]};
+-
+- die "Classic mode unavailable on this platform\n"
+- unless defined($target{build_scheme});
+-}
+-
+ my ($builder, $builder_platform, @builder_opts) =
+ @{$target{build_scheme}};
+
+@@ -983,7 +994,7 @@ unless ($disabled{threads}) {
+ $disabled{threads} = "unavailable";
+ }
+ } else {
+- # The user chose to enable threads explicitely, let's see
++ # The user chose to enable threads explicitly, let's see
+ # if there's a chance that's possible
+ if ($target{thread_scheme} eq "(unknown)") {
+ # If the user asked for "threads" and we don't have internal
+@@ -1030,6 +1041,24 @@ if ($disabled{"dynamic-engine"}) {
+ $config{dynamic_engines} = 1;
+ }
+
++unless ($disabled{fuzz}) {
++ push @{$config{dirs}}, "fuzz";
++ $config{cflags} .= "-fsanitize-coverage=edge,indirect-calls ";
++}
++
++unless ($disabled{asan}) {
++ $config{cflags} .= "-fsanitize=address ";
++}
++
++unless ($disabled{ubsan}) {
++ # -DPEDANTIC or -fnosanitize=aligmnent may also be required on some
++ # platforms.
++ $config{cflags} .= "-fsanitize=undefined -fno-sanitize-recover=all ";
++}
++
++unless ($disabled{fuzz} && $disabled{asan} && $disabled{ubsan}) {
++ $config{cflags} .= "-fno-omit-frame-pointer -g ";
++}
+ #
+ # Platform fix-ups
+ #
+@@ -1239,12 +1268,27 @@ my $buildinfo_debug = defined($ENV{CONFIGURE_DEBUG_BUILDINFO});
+ if ($builder eq "unified") {
+ # Store the name of the template file we will build the build file from
+ # in %config. This may be useful for the build file itself.
+- my $build_file_template =
+- catfile($srcdir, "Configurations",
+- $builder_platform."-".$target{build_file}.".tmpl");
+- $build_file_template =
+- catfile($srcdir, "Configurations", $target{build_file}.".tmpl")
+- if (! -f $build_file_template);
++ my $build_file_template;
++
++ for my $filename (( $builder_platform."-".$target{build_file}.".tmpl",
++ $target{build_file}.".tmpl" )) {
++ if (defined $ENV{$local_config_envname}) {
++ if ($^O eq 'VMS') {
++ # VMS environment variables are logical names,
++ # which can be used as is
++ $build_file_template = $local_config_envname . ':' . $filename;
++ } else {
++ $build_file_template = catfile($ENV{$local_config_envname},
++ $filename);
++ }
++ }
++
++ last if -f $build_file_template;
++
++ $build_file_template = catfile($srcdir, "Configurations", $filename);
++
++ last if -f $build_file_template;
++ }
+ $config{build_file_template} = $build_file_template;
+
+ use lib catdir(dirname(__FILE__),"util");
+@@ -1374,47 +1418,47 @@ if ($builder eq "unified") {
+ => sub { die "ENDIF out of scope" if ! @skip;
+ pop @skip; },
+ qr/^\s*PROGRAMS\s*=\s*(.*)\s*$/
+- => sub { push @programs, split(/\s+/, $1)
++ => sub { push @programs, tokenize($1)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*LIBS\s*=\s*(.*)\s*$/
+- => sub { push @libraries, split(/\s+/, $1)
++ => sub { push @libraries, tokenize($1)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*ENGINES\s*=\s*(.*)\s*$/
+- => sub { push @engines, split(/\s+/, $1)
++ => sub { push @engines, tokenize($1)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*SCRIPTS\s*=\s*(.*)\s*$/
+- => sub { push @scripts, split(/\s+/, $1)
++ => sub { push @scripts, tokenize($1)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*EXTRA\s*=\s*(.*)\s*$/
+- => sub { push @extra, split(/\s+/, $1)
++ => sub { push @extra, tokenize($1)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*OVERRIDES\s*=\s*(.*)\s*$/
+- => sub { push @overrides, split(/\s+/, $1)
++ => sub { push @overrides, tokenize($1)
+ if !@skip || $skip[$#skip] > 0 },
+
+ qr/^\s*ORDINALS\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/,
+- => sub { push @{$ordinals{$1}}, split(/\s+/, $2)
++ => sub { push @{$ordinals{$1}}, tokenize($2)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*SOURCE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/
+- => sub { push @{$sources{$1}}, split(/\s+/, $2)
++ => sub { push @{$sources{$1}}, tokenize($2)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*SHARED_SOURCE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/
+- => sub { push @{$shared_sources{$1}}, split(/\s+/, $2)
++ => sub { push @{$shared_sources{$1}}, tokenize($2)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*INCLUDE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/
+- => sub { push @{$includes{$1}}, split(/\s+/, $2)
++ => sub { push @{$includes{$1}}, tokenize($2)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*DEPEND\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/
+- => sub { push @{$depends{$1}}, split(/\s+/, $2)
++ => sub { push @{$depends{$1}}, tokenize($2)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*GENERATE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/
+ => sub { push @{$generate{$1}}, $2
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*RENAME\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/
+- => sub { push @{$renames{$1}}, split(/\s+/, $2)
++ => sub { push @{$renames{$1}}, tokenize($2)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*SHARED_NAME\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/
+- => sub { push @{$sharednames{$1}}, split(/\s+/, $2)
++ => sub { push @{$sharednames{$1}}, tokenize($2)
+ if !@skip || $skip[$#skip] > 0 },
+ qr/^\s*BEGINRAW\[((?:\\.|[^\\\]])+)\]\s*$/
+ => sub {
+@@ -1628,9 +1672,15 @@ EOF
+
+ foreach (keys %depends) {
+ my $dest = $_;
+- my $ddest = cleanfile($buildd, $_, $blddir);
+- if ($unified_info{rename}->{$ddest}) {
+- $ddest = $unified_info{rename}->{$ddest};
++ my $ddest = cleanfile($sourced, $_, $blddir);
++
++ # If the destination doesn't exist in source, it can only be
++ # a generated file in the build tree.
++ if (! -f $ddest) {
++ $ddest = cleanfile($buildd, $_, $blddir);
++ if ($unified_info{rename}->{$ddest}) {
++ $ddest = $unified_info{rename}->{$ddest};
++ }
+ }
+ foreach (@{$depends{$dest}}) {
+ my $d = cleanfile($sourced, $_, $blddir);
+@@ -1651,9 +1701,9 @@ EOF
+ $d = $unified_info{rename}->{$d};
+ }
+ $unified_info{depends}->{$ddest}->{$d} = 1;
+- # If we depend on a header file, let's make sure it
+- # can get included
+- if ($d =~ /\.h$/) {
++ # If we depend on a header file or a perl module, let's make
++ # sure it can get included
++ if ($d =~ /\.(h|pm)$/) {
+ my $i = dirname($d);
+ push @{$unified_info{includes}->{$ddest}}, $i
+ unless grep { $_ eq $i } @{$unified_info{includes}->{$ddest}};
+@@ -1663,9 +1713,15 @@ EOF
+
+ foreach (keys %includes) {
+ my $dest = $_;
+- my $ddest = cleanfile($buildd, $_, $blddir);
+- if ($unified_info{rename}->{$ddest}) {
+- $ddest = $unified_info{rename}->{$ddest};
++ my $ddest = cleanfile($sourced, $_, $blddir);
++
++ # If the destination doesn't exist in source, it can only be
++ # a generated file in the build tree.
++ if (! -f $ddest) {
++ $ddest = cleanfile($buildd, $_, $blddir);
++ if ($unified_info{rename}->{$ddest}) {
++ $ddest = $unified_info{rename}->{$ddest};
++ }
+ }
+ foreach (@{$includes{$dest}}) {
+ my $i = cleandir($sourced, $_, $blddir);
+@@ -1823,7 +1879,7 @@ print OUT "1;\n";
+ close(OUT);
+
+
+-print "CC =$target{cc}\n";
++print "CC =$config{cross_compile_prefix}$target{cc}\n";
+ print "CFLAG =$target{cflags} $config{cflags}\n";
+ print "SHARED_CFLAG =$target{shared_cflag}\n";
+ print "DEFINES =",join(" ", @{$target{defines}}, @{$config{defines}}),"\n";
+@@ -1851,7 +1907,9 @@ print "CHACHA_ENC =$target{chacha_obj}\n";
+ print "POLY1305_OBJ =$target{poly1305_obj}\n";
+ print "BLAKE2_OBJ =$target{blake2_obj}\n";
+ print "PROCESSOR =$config{processor}\n";
+-print "RANLIB =$target{ranlib}\n";
++print "RANLIB =", $target{ranlib} eq '$(CROSS_COMPILE)ranlib' ?
++ "$config{cross_compile_prefix}ranlib" :
++ "$target{ranlib}", "\n";
+ print "ARFLAGS =$target{arflags}\n";
+ print "PERL =$config{perl}\n";
+ print "\n";
+@@ -1939,6 +1997,14 @@ or position independent code, please let us know (but please first make sure
+ you have tried with a current version of OpenSSL).
+ EOF
+
++print <<"EOF" if (-f catfile($srcdir, "configdata.pm") && $srcdir ne $blddir);
++
++WARNING: there are indications that another build was made in the source
++directory. This build may have picked up artifacts from that build, the
++safest course of action is to clean the source directory and redo this
++configuration.
++EOF
++
+ exit(0);
+
+ ######################################################################
+@@ -2104,8 +2170,8 @@ sub read_config {
+
+ }
+
+-# configuration resolver. Will only resolve all the lazy evalutation
+-# codeblocks for the chozen target and all those it inherits from,
++# configuration resolver. Will only resolve all the lazy evaluation
++# codeblocks for the chosen target and all those it inherits from,
+ # recursively
+ sub resolve_config {
+ my $target = shift;
+@@ -2158,7 +2224,7 @@ sub resolve_config {
+ # - If a value is a coderef, it will be executed with the list of
+ # inherited values as arguments.
+ # - If the corresponding key doesn't have a value at all or is the
+- # emoty string, the inherited value list will be run through the
++ # empty string, the inherited value list will be run through the
+ # default combiner (below), and the result becomes this target's
+ # value.
+ # - Otherwise, this target's value is assumed to be a string that
+@@ -2266,13 +2332,34 @@ sub run_dofile
+ foreach (@templates) {
+ die "Can't open $_, $!" unless -f $_;
+ }
+- my $cmd = "$config{perl} \"-I.\" \"-Mconfigdata\" $dofile -o\"Configure\" \"".join("\" \"", at templates)."\" > \"$out.new\"";
++ my $cmd = "$config{perl} \"-I.\" \"-Mconfigdata\" \"$dofile\" -o\"Configure\" \"".join("\" \"", at templates)."\" > \"$out.new\"";
+ #print STDERR "DEBUG[run_dofile]: \$cmd = $cmd\n";
+ system($cmd);
+ exit 1 if $? != 0;
+ rename("$out.new", $out) || die "Can't rename $out.new, $!";
+ }
+
++sub which
++{
++ my ($name)=@_;
++
++ if (eval { require IPC::Cmd; 1; }) {
++ IPC::Cmd->import();
++ return scalar IPC::Cmd::can_run($name);
++ } else {
++ # if there is $directories component in splitpath,
++ # then it's not something to test with $PATH...
++ return $name if (File::Spec->splitpath($name))[1];
++
++ foreach (File::Spec->path()) {
++ my $fullpath = catfile($_, "$name$target{exe_extension}");
++ if (-f $fullpath and -x $fullpath) {
++ return $fullpath;
++ }
++ }
++ }
++}
++
+ # Configuration printer ##############################################
+
+ sub print_table_entry
+@@ -2400,22 +2487,6 @@ sub absolutedir {
+ return realpath($dir);
+ }
+
+-sub which
+- {
+- my($name)=@_;
+- my $path;
+- foreach $path (split /:/, $ENV{PATH})
+- {
+- my $fullpath = "$path/$name$target{exe_extension}";
+- if (-f $fullpath and -x $fullpath)
+- {
+- return $fullpath
+- unless ($name eq "perl" and
+- system("$fullpath -e " . '\'exit($]<5.0);\''));
+- }
+- }
+- }
+-
+ sub quotify {
+ my %processors = (
+ perl => sub { my $x = shift;
+@@ -2519,3 +2590,41 @@ sub collect_information {
+ }
+ }
+ }
++
++# tokenize($line)
++# $line is a line of text to split up into tokens
++# returns a list of tokens
++#
++# Tokens are divided by spaces. If the tokens include spaces, they
++# have to be quoted with single or double quotes. Double quotes
++# inside a double quoted token must be escaped. Escaping is done
++# with backslash.
++# Basically, the same quoting rules apply for " and ' as in any
++# Unix shell.
++sub tokenize {
++ my $line = my $debug_line = shift;
++ my @result = ();
++
++ while ($line =~ s|^\s+||, $line ne "") {
++ my $token = "";
++ while ($line ne "" && $line !~ m|^\s|) {
++ if ($line =~ m/^"((?:[^"\\]+|\\.)*)"/) {
++ $token .= $1;
++ $line = $';
++ } elsif ($line =~ m/^'([^']*)'/) {
++ $token .= $1;
++ $line = $';
++ } elsif ($line =~ m/^(\S+)/) {
++ $token .= $1;
++ $line = $';
++ }
++ }
++ push @result, $token;
++ }
++
++ if ($ENV{CONFIGURE_DEBUG_TOKENIZE}) {
++ print STDERR "DEBUG[tokenize]: Parsed '$debug_line' into:\n";
++ print STDERR "DEBUG[tokenize]: ('", join("', '", @result), "')\n";
++ }
++ return @result;
++}
+diff --git a/INSTALL b/INSTALL
+index 2e06aa7..ab35353 100644
+--- a/INSTALL
++++ b/INSTALL
+@@ -2,16 +2,15 @@
+ OPENSSL INSTALLATION
+ --------------------
+
+- [This document describes installation on the main supported operating
+- systems, currently the Linux/Unix family, OpenVMS and Windows.
+- Installation on DOS (with djgpp), MacOS (before MacOS X)
+- is described in INSTALL.DJGPP or INSTALL.MacOS, respectively.]
++ [This document describes installation on all supported operating
++ systems (currently mainly the Linux/Unix family, OpenVMS and
++ Windows)]
+
+ To install OpenSSL, you will need:
+
+- * make
+- * Perl 5 with core modules (please read README.PERL)
+- * The perl module Text::Template (please read README.PERL)
++ * A make implementation
++ * Perl 5 with core modules (please read NOTES.PERL)
++ * The perl module Text::Template (please read NOTES.PERL)
+ * an ANSI C compiler
+ * a development environment in the form of development libraries and C
+ header files
+@@ -21,7 +20,8 @@
+ please read one of these:
+
+ * NOTES.VMS (OpenVMS)
+- * NOTES.WIN (any Windows except for Windows CE)
++ * NOTES.WIN (any supported Windows)
++ * NOTES.DJGPP (DOS platform with DJGPP)
+
+ Quick Start
+ -----------
+@@ -234,9 +234,6 @@
+ Don't build support for RFC3779 ("X.509 Extensions for IP
+ Addresses and AS Identifiers")
+
+- no-sct
+- ??
+-
+ sctp
+ Build support for SCTP
+
+@@ -496,13 +493,11 @@
+ malfunction with Perl). You may want increased verbosity, that
+ can be accomplished like this:
+
+- $ HARNESS_VERBOSE=yes make test # Unix
++ $ make VERBOSE=1 test # Unix
+
+- $ DEFINE HARNESS_VERBOSE YES
+- $ mms test ! OpenVMS
++ $ mms /macro=(VERBOSE=1) test ! OpenVMS
+
+- $ set HARNESS_VERBOSE=yes
+- $ nmake test # Windows
++ $ nmake VERBOSE=1 test # Windows
+
+ If you want to run just one or a few specific tests, you can use
+ the make variable TESTS to specify them, like this:
+@@ -513,7 +508,7 @@
+
+ And of course, you can combine (Unix example shown):
+
+- $ HARNESS_VERBOSE=yes make TESTS='test_rsa test_dsa' test
++ $ make VERBOSE=1 TESTS='test_rsa test_dsa' test
+
+ You can find the list of available tests like this:
+
+diff --git a/INSTALL.DJGPP b/INSTALL.DJGPP
+deleted file mode 100644
+index e1ec676..0000000
+--- a/INSTALL.DJGPP
++++ /dev/null
+@@ -1,48 +0,0 @@
+-
+-
+- INSTALLATION ON THE DOS PLATFORM WITH DJGPP
+- -------------------------------------------
+-
+- OpenSSL has been ported to DJGPP, a Unix look-alike 32-bit run-time
+- environment for 16-bit DOS, but only with long filename support.
+- If you wish to compile on native DOS with 8+3 filenames, you will
+- have to tweak the installation yourself, including renaming files
+- with illegal or duplicate names.
+-
+- You should have a full DJGPP environment installed, including the
+- latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
+- requires that PERL and the PERL module Text::Template also be
+- installed.
+-
+- All of these can be obtained from the usual DJGPP mirror sites or
+- directly at "http://www.delorie.com/pub/djgpp". For help on which
+- files to download, see the DJGPP "ZIP PICKER" page at
+- "http://www.delorie.com/djgpp/zip-picker.html". You also need to have
+- the WATT-32 networking package installed before you try to compile
+- OpenSSL. This can be obtained from "http://www.bgnett.no/~giva/".
+- The Makefile assumes that the WATT-32 code is in the directory
+- specified by the environment variable WATT_ROOT. If you have watt-32
+- in directory "watt32" under your main DJGPP directory, specify
+- WATT_ROOT="/dev/env/DJDIR/watt32".
+-
+- To compile OpenSSL, start your BASH shell, then configure for DJGPP by
+- running "./Configure" with appropriate arguments:
+-
+- ./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
+-
+- And finally fire up "make". You may run out of DPMI selectors when
+- running in a DOS box under Windows. If so, just close the BASH
+- shell, go back to Windows, and restart BASH. Then run "make" again.
+-
+- RUN-TIME CAVEAT LECTOR
+- --------------
+-
+- Quoting FAQ:
+-
+- "Cryptographic software needs a source of unpredictable data to work
+- correctly. Many open source operating systems provide a "randomness
+- device" (/dev/urandom or /dev/random) that serves this purpose."
+-
+- As of version 0.9.7f DJGPP port checks upon /dev/urandom$ for a 3rd
+- party "randomness" DOS driver. One such driver, NOISE.SYS, can be
+- obtained from "http://www.rahul.net/dkaufman/index.html".
+diff --git a/INSTALL.WCE b/INSTALL.WCE
+deleted file mode 100644
+index fe1431a..0000000
+--- a/INSTALL.WCE
++++ /dev/null
+@@ -1,93 +0,0 @@
+-
+- INSTALLATION FOR THE WINDOWS CE PLATFORM
+- ----------------------------------------
+-
+- Building OpenSSL for Windows CE requires the following external tools:
+-
+- * Microsoft eMbedded Visual C++ 3.0 or later
+- * Appropriate SDK might be required
+- * Perl for Win32 [commonly recommended ActiveState Perl is available
+- from http://www.activestate.com/Products/ActivePerl/]
+- You also need the perl module Text::Template.
+- Please read README.PERL for more information.
+-
+- * wcecompat compatibility library available at
+- http://www.essemer.com.au/windowsce/
+- * Optionally ceutils for running automated tests (same location)
+-
+- _or_
+-
+- * PocketConsole driver and PortSDK available at
+- http://www.symbolictools.de/public/pocketconsole/
+- * CMD command interpreter (same location)
+-
+- As Windows CE support in OpenSSL relies on 3rd party compatibility
+- library, it's appropriate to check corresponding URL for updates. For
+- example if you choose wcecompat, note that as for the moment of this
+- writing version 1.2 is available and actually required for WCE 4.2
+- and newer platforms. All wcecompat issues should be directed to
+- www.essemer.com.au.
+-
+- Why compatibility library at all? The C Runtime Library implementation
+- for Windows CE that is included with Microsoft eMbedded Visual C++ is
+- incomplete and in some places incorrect. Compatibility library plugs
+- the holes and tries to bring the Windows CE CRT to [more] usable level.
+- Most gaping hole in CRT is support for stdin/stdout/stderr IO, which
+- proposed compatibility libraries solve in two different ways: wcecompat
+- redirects IO to active sync link, while PortSDK - to NT-like console
+- driver on the handheld itself.
+-
+- Building
+- --------
+-
+- Setup the eMbedded Visual C++ environment. There are batch files for doing
+- this installed with eVC++. For an ARM processor, for example, execute:
+-
+- > "C:\Program Files\Microsoft eMbedded Tools\EVC\WCE300\BIN\WCEARM.BAT"
+-
+- Next pick compatibility library according to your preferences.
+-
+- 1. To choose wcecompat set up WCECOMPAT environment variable pointing
+- at the location of wcecompat tree "root":
+-
+- > set WCECOMPAT=C:\wcecompat
+- > set PORTSDK_LIBPATH=
+-
+- 2. To choose PortSDK set up PORTSDK_LIBPATH to point at hardware-
+- specific location where your portlib.lib is installed:
+-
+- > set PORTSDK_LIBPATH=C:\PortSDK\lib\ARM
+- > set WCECOMPAT=
+-
+- Note that you may not set both variables.
+-
+- Next you should run Configure:
+-
+- > perl Configure VC-CE
+-
+- Next you need to build the Makefiles:
+-
+- > ms\do_ms
+-
+- Then from the VC++ environment at a prompt do:
+-
+- > nmake -f ms\cedll.mak
+-
+- [note that static builds are not supported under CE]
+-
+- If all is well it should compile and you will have some DLLs and executables
+- in out32dll*.
+-
+- <<< everyting below needs revision in respect to wcecompat vs. PortSDK >>>
+-
+- If you want
+- to try the tests then make sure the ceutils are in the path and do:
+-
+- > cd out32
+- > ..\ms\testce
+-
+- This will copy each of the test programs to the Windows CE device and execute
+- them, displaying the output of the tests on this computer. The output should
+- look similar to the output produced by running the tests for a regular Windows
+- build.
+-
+diff --git a/LICENSE b/LICENSE
+index fb03713..c6cc098 100644
+--- a/LICENSE
++++ b/LICENSE
+@@ -4,9 +4,7 @@
+
+ The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
+ the OpenSSL License and the original SSLeay license apply to the toolkit.
+- See below for the actual license texts. Actually both licenses are BSD-style
+- Open Source licenses. In case of any license issues related to OpenSSL
+- please contact openssl-core at openssl.org.
++ See below for the actual license texts.
+
+ OpenSSL License
+ ---------------
+diff --git a/Makefile.in b/Makefile.in
+deleted file mode 100644
+index baaaf84..0000000
+--- a/Makefile.in
++++ /dev/null
+@@ -1,798 +0,0 @@
+-##
+-## Makefile for OpenSSL
+-##
+-## {- join("\n## ", @autowarntext) -}
+-
+-VERSION={- $config{version} -}
+-MAJOR={- $config{major} -}
+-MINOR={- $config{minor} -}
+-SHLIB_VERSION_NUMBER={- $config{shlib_version_number} -}
+-SHLIB_VERSION_HISTORY={- $config{shlib_version_history} -}
+-SHLIB_MAJOR={- $config{shlib_major} -}
+-SHLIB_MINOR={- $config{shlib_minor} -}
+-SHLIB_EXT={- $target{shared_extension} || ".so" -}
+-SHLIB_EXT_SIMPLE={- $target{shared_extension_simple} || ".so" -}
+-SHLIB_EXT_IMPORT={- $target{shared_import_extension} || "" -}
+-DSO_EXT={- $target{dso_extension} || ".so" -}
+-PLATFORM={- $config{target} -}
+-OPTIONS={- $config{options} -}
+-CONFIGURE_ARGS=({- join(", ",quotify_l(@{$config{perlargv}})) -})
+-SHLIB_TARGET={- $target{shared_target} -}
+-
+-# HERE indicates where this Makefile lives. This can be used to indicate
+-# where sub-Makefiles are expected to be. Currently has very limited usage,
+-# and should probably not be bothered with at all.
+-HERE=.
+-
+-# DESTDIR is for package builders so that they can configure
+-# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+-# Normally it is left empty.
+-DESTDIR=
+-
+-# Do not edit these manually. Use Configure with --prefix or --openssldir
+-# to change this! Short explanation in the top comment in Configure
+-INSTALLTOP={- # $prefix is used in the OPENSSLDIR perl snippet
+- #
+- our $prefix = $config{prefix} || "/usr/local";
+- $prefix -}
+-OPENSSLDIR={- #
+- # The logic here is that if no --openssldir was given,
+- # OPENSSLDIR will get the value from $prefix plus "/ssl".
+- # If --openssldir was given and the value is an absolute
+- # path, OPENSSLDIR will get its value without change.
+- # If the value from --openssldir is a relative path,
+- # OPENSSLDIR will get $prefix with the --openssldir
+- # value appended as a subdirectory.
+- #
+- use File::Spec::Functions;
+- our $openssldir =
+- $config{openssldir} ?
+- (file_name_is_absolute($config{openssldir}) ?
+- $config{openssldir}
+- : catdir($prefix, $config{openssldir}))
+- : catdir($prefix, "ssl");
+- $openssldir -}
+-LIBDIR={- #
+- # if $prefix/lib$target{multilib} is not an existing
+- # directory, then assume that it's not searched by linker
+- # automatically, in which case adding $target{multilib} suffix
+- # causes more grief than we're ready to tolerate, so don't...
+- our $multilib =
+- -d "$prefix/lib$target{multilib}" ? $target{multilib} : "";
+- our $libdir = $config{libdir} || "lib$multilib";
+- $libdir -}
+-ENGINESDIR={- use File::Spec::Functions;
+- catdir($prefix,$libdir,"engines") -}
+-
+-# NO_IDEA - Define to build without the IDEA algorithm
+-# NO_RC4 - Define to build without the RC4 algorithm
+-# NO_RC2 - Define to build without the RC2 algorithm
+-# THREADS - Define when building with threads, you will probably also need any
+-# system defines as well, i.e. _REENTRANT for Solaris 2.[34]
+-# TERMIO - Define the termio terminal subsystem, needed if sgtty is missing.
+-# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
+-# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
+-# DEVRANDOM - Give this the value of the 'random device' if your OS supports
+-# one. 32 bytes will be read from this when the random
+-# number generator is initalised.
+-# SSL_FORBID_ENULL - define if you want the server to be not able to use the
+-# NULL encryption ciphers.
+-#
+-# LOCK_DEBUG - turns on lots of lock debug output :-)
+-# REF_DEBUG - turn on some xyz_free() assertions.
+-# REF_PRINT - prints some stuff on structure free.
+-# MFUNC - Make all Malloc/Free/Realloc calls call
+-# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+-# call application defined callbacks via CRYPTO_set_mem_functions()
+-# MD5_ASM needs to be defined to use the x86 assembler for MD5
+-# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
+-# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
+-# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8. It must
+-# equal 4.
+-# PKCS1_CHECK - pkcs1 tests.
+-
+-CROSS_COMPILE= {- $config{cross_compile_prefix} -}
+-CC= $(CROSS_COMPILE){- $target{cc} -}
+-CFLAG={- our $cflags2 = join(" ",(map { "-D".$_} @{$target{defines}}, @{$config{defines}}),"-DOPENSSLDIR=\"\\\"\$(OPENSSLDIR)\\\"\"","-DENGINESDIR=\"\\\"\$(ENGINESDIR)\\\"\"") -} {- $target{cflags} -} {- $config{cflags} -}
+-CFLAG_Q={- $cflags2 =~ s|([\\"])|\\$1|g; $cflags2 -} {- $config{cflags} -}
+-LDFLAG= {- $target{lflags} -} {- $config{lflags} -}
+-PLIB_LDFLAG= {- $target{plib_lflags} -} {- $config{plib_lflags} -}
+-EX_LIBS= {- $target{ex_libs} -} {- $config{ex_libs} -}
+-EXE_EXT= {- $target{exe_extension} -}
+-ARFLAGS= {- $target{arflags} -}
+-AR=$(CROSS_COMPILE){- $target{ar} -} $(ARFLAGS) r
+-RANLIB= {- $target{ranlib} -}
+-NM= $(CROSS_COMPILE){- $target{nm} -}
+-PERL= {- $config{perl} -}
+-#RM= echo --
+-RM= rm -f
+-TAR= tar
+-TARFLAGS= --no-recursion
+-MAKEDEPPROG=$(CROSS_COMPILE){- $config{makedepprog} -}
+-
+-# We let the C compiler driver to take care of .s files. This is done in
+-# order to be excused from maintaining a separate set of architecture
+-# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
+-# gcc, then the driver will automatically translate it to -xarch=v8plus
+-# and pass it down to assembler.
+-AS=$(CC) -c
+-ASFLAG=$(CFLAG)
+-
+-# For x86 assembler: Set PROCESSOR to 386 if you want to support
+-# the 80386.
+-PROCESSOR= {- $config{processor} -}
+-
+-# CPUID module collects small commonly used assembler snippets
+-APPS_OBJ={- $target{apps_obj} -}
+-CPUID_OBJ= {- $target{cpuid_obj} -}
+-UPLINK_OBJ= {- $target{uplink_obj} -}
+-BN_ASM= {- $target{bn_obj} -}
+-EC_ASM= {- $target{ec_obj} -}
+-DES_ENC= {- $target{des_obj} -}
+-AES_ENC= {- $target{aes_obj} -}
+-BF_ENC= {- $target{bf_obj} -}
+-CAST_ENC= {- $target{cast_obj} -}
+-RC4_ENC= {- $target{rc4_obj} -}
+-RC5_ENC= {- $target{rc5_obj} -}
+-MD5_ASM_OBJ= {- $target{md5_obj} -}
+-SHA1_ASM_OBJ= {- $target{sha1_obj} -}
+-RMD160_ASM_OBJ= {- $target{rmd160_obj} -}
+-BLAKE2_OBJ= {- $target{blake2_obj} -}
+-WP_ASM_OBJ= {- $target{wp_obj} -}
+-CMLL_ENC= {- $target{cmll_obj} -}
+-MODES_ASM_OBJ= {- $target{modes_obj} -}
+-PADLOCK_ASM_OBJ= {- $target{padlock_obj} -}
+-CHACHA_ENC= {- $target{chacha_obj} -}
+-POLY1305_ASM_OBJ= {- $target{poly1305_obj} -}
+-PERLASM_SCHEME= {- $target{perlasm_scheme} -}
+-
+-# Zlib stuff
+-ZLIB_INCLUDE={- $withargs{zlib_include} -}
+-LIBZLIB={- $withargs{zlib_lib} -}
+-
+-# This is the location of fipscanister.o and friends.
+-# The FIPS module build will place it $(INSTALLTOP)/lib
+-# but since $(INSTALLTOP) can only take the default value
+-# when the module is built it will be in /usr/local/ssl/lib
+-# $(INSTALLTOP) for this build may be different so hard
+-# code the path.
+-
+-FIPSLIBDIR={- $config{fipslibdir} -}
+-
+-# The location of the library which contains fipscanister.o
+-# normally it will be libcrypto. If not compiling in FIPS mode
+-# at all this is empty making it a useful test for a FIPS compile.
+-
+-FIPSCANLIB={- $config{fips} ? "libcrypto" : "" -}
+-
+-# Shared library base address. Currently only used on Windows.
+-#
+-
+-BASEADDR={- $config{baseaddr} -}
+-
+-DIRS= {- join(" ", @{$config{dirs}}) -}
+-SHLIBDIRS= crypto ssl
+-INSTALL_SUBS= engines apps tools
+-
+-# dirs in crypto to build
+-SDIRS= {- join(" ", @{$config{sdirs}}) -}
+-
+-# tests to perform. "alltests" is a special word indicating that all tests
+-# should be performed.
+-TESTS = alltests
+-
+-MAKEFILE= Makefile
+-
+-MANDIR=$(INSTALLTOP)/share/man
+-MAN1=1
+-MAN3=3
+-MANSUFFIX=
+-HTMLSUFFIX=html
+-HTMLDIR=$(INSTALLTOP)/share/doc/$(BASENAME)/html
+-SHELL=/bin/sh
+-
+-TOP= .
+-LIBS= libcrypto.a libssl.a
+-SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+-SHARED_SSL=libssl$(SHLIB_EXT)
+-SHARED_LIBS={- $disabled{shared} ? '' : '$(SHARED_CRYPTO) $(SHARED_SSL)' -}
+-SHARED_CFLAG={- $target{shared_cflag} -}
+-SHARED_LDFLAG={- $target{shared_ldflag}." ".$config{shared_ldflag}
+- # Unlike other OSes (like Solaris, Linux, Tru64,
+- # IRIX) BSD run-time linkers (tested OpenBSD, NetBSD
+- # and FreeBSD) "demand" RPATH set on .so objects.
+- # Apparently application RPATH is not global and
+- # does not apply to .so linked with other .so.
+- # Problem manifests itself when libssl.so fails to
+- # load libcrypto.so. One can argue that we should
+- # engrave this into Makefile.shared rules or into
+- # BSD-* config lines above. Meanwhile let's try to
+- # be cautious and pass -rpath to linker only when
+- # $prefix is not /usr.
+- . ($config{target} =~ m|^BSD-| && $prefix !~ m|^/usr/.*$|
+- ? " -Wl,-rpath,\$\$(LIBRPATH)" : "") -}
+-SHARED_RCFLAG={- $target{shared_rcflag} -}
+-DYNAMIC_ENGINES={- $config{dynamic_engines} -}
+-
+-GENERAL= Makefile
+-BASENAME= openssl
+-NAME= $(BASENAME)-$(VERSION)
+-TARFILE= ../$(NAME).tar
+-HEADER= e_os.h
+-
+-# Directories created on install if they don't exist.
+-INSTALLDIRS= \
+- $(DESTDIR)$(INSTALLTOP)/bin \
+- $(DESTDIR)$(INSTALLTOP)/$(LIBDIR) \
+- $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines \
+- $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
+- $(DESTDIR)$(INSTALLTOP)/include/openssl \
+- $(DESTDIR)$(OPENSSLDIR)/misc \
+- $(DESTDIR)$(OPENSSLDIR)/certs \
+- $(DESTDIR)$(OPENSSLDIR)/private
+-
+-ENGDIRS={- join(" ", @{$config{engdirs}}) -}
+-
+-all: Makefile build_all_but_tests
+-
+-# as we stick to -e, CLEARENV ensures that local variables in lower
+-# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
+-# shell, which [annoyingly enough] terminates unset with error if VAR
+-# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
+-# which terminates unset with error if no variable was present:-(
+-CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
+- $${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES} \
+- $${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC} \
+- $${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL} \
+- $${HEADER+HEADER} \
+- $${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
+- $${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
+- $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
+- $${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
+- $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+-
+-# LC_ALL=C ensures that error [and other] messages are delivered in
+-# same language for uniform treatment.
+-BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\
+- CC='$(CC)' CFLAG='$(CFLAG)' CFLAG_Q='$(CFLAG_Q)' \
+- SHARED_CFLAG='$(SHARED_CFLAG)' \
+- AS='$(CC)' ASFLAG='$(CFLAG) -c' \
+- AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
+- CROSS_COMPILE='$(CROSS_COMPILE)' \
+- PERL='$(PERL)' DYNAMIC_ENGINES='$(DYNAMIC_ENGINES)' \
+- SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
+- DESTDIR='$(DESTDIR)' \
+- INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \
+- LIBDIR='$(LIBDIR)' \
+- SHARED_LDFLAG='$(SHARED_LDFLAG)' \
+- SHARED_RCFLAG='$(SHARED_RCFLAG)' \
+- ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
+- EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
+- SHLIB_EXT='$(SHLIB_EXT)' DSO_EXT='$(DSO_EXT)' \
+- SHLIB_TARGET='$(SHLIB_TARGET)' \
+- LDFLAG='$(LDFLAG)' \
+- PLIB_LDFLAG='$(PLIB_LDFLAG)' EX_LIBS='$(EX_LIBS)' \
+- APPS_OBJ='$(APPS_OBJ)' UPLINK_OBJ='$(UPLINK_OBJ)' \
+- CPUID_OBJ='$(CPUID_OBJ)' BN_ASM='$(BN_ASM)' \
+- EC_ASM='$(EC_ASM)' DES_ENC='$(DES_ENC)' \
+- AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)' \
+- BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)' \
+- RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)' \
+- ENGDIRS='$(ENGDIRS)' \
+- SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
+- MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
+- RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
+- BLAKE2_OBJ='$(BLAKE2_OBJ)' \
+- WP_ASM_OBJ='$(WP_ASM_OBJ)' \
+- MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
+- PADLOCK_ASM_OBJ='$(PADLOCK_ASM_OBJ)' \
+- CHACHA_ENC='$(CHACHA_ENC)' \
+- POLY1305_ASM_OBJ='$(POLY1305_ASM_OBJ)' \
+- PERLASM_SCHEME='$(PERLASM_SCHEME)' \
+- FIPSLIBDIR='${FIPSLIBDIR}' \
+- FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
+- THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
+-# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
+-# which in turn eliminates ambiguities in variable treatment with -e.
+-
+-# BUILD_CMD is a generic macro to build a given target in a given
+-# subdirectory. The target must be given through the shell variable
+-# `target' and the subdirectory to build in must be given through `dir'.
+-# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
+-# BUILD_ONE_CMD instead.
+-#
+-# RECURSIVE_BUILD_CMD is a macro to build a given target in all
+-# subdirectories defined in $(DIRS). It requires that the target
+-# is given through the shell variable `target'.
+-#
+-# BUILD_ONE_CMD is a macro to build a given target in a given
+-# subdirectory if that subdirectory is part of $(DIRS). It requires
+-# exactly the same shell variables as BUILD_CMD.
+-BUILD_CMD= if [ -d "$$dir" ]; then \
+- ( cd $$dir && echo "making $$target in $$dir..." && \
+- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
+- ) || exit 1; \
+- fi
+-RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
+-BUILD_ONE_CMD=\
+- if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
+- $(BUILD_CMD); \
+- fi
+-
+-reflect:
+- @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
+-
+-sub_all: build_all
+-
+-build_all_but_tests: build_libs build_apps build_tools
+-build_all: build_all_but_tests build_tests
+-
+-build_libs: build_libcrypto build_libssl openssl.pc
+-
+-build_libcrypto: build_crypto build_engines libcrypto.pc
+-build_libssl: build_ssl libssl.pc
+-
+-build_crypto:
+- @dir=crypto; target=all; $(BUILD_ONE_CMD)
+-build_ssl: build_crypto
+- @dir=ssl; target=all; $(BUILD_ONE_CMD)
+-build_engines: build_crypto
+- @dir=engines; target=all; AS='$(CC) -c'; export AS; $(BUILD_ONE_CMD)
+-
+-build_apps: build_libs
+- @dir=apps; target=all; $(BUILD_ONE_CMD)
+-build_tests: build_libs
+- @dir=test; target=all; $(BUILD_ONE_CMD)
+-build_tools: build_libs
+- @dir=tools; target=all; $(BUILD_ONE_CMD)
+-
+-all_testapps: build_libs build_testapps
+-build_testapps:
+- @dir=crypto; target=testapps; $(BUILD_ONE_CMD)
+-
+-libcrypto$(SHLIB_EXT): libcrypto.a
+- @if [ "$(SHLIB_TARGET)" != "" ]; then \
+- if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+- FIPSLD_CC="$(CC)"; CC=fips/fipsld; \
+- export CC FIPSLD_CC; \
+- fi; \
+- $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared; \
+- else \
+- echo "There's no support for shared libraries on this platform" >&2; \
+- exit 1; \
+- fi
+-
+-libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
+- @if [ "$(SHLIB_TARGET)" != "" ]; then \
+- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
+- else \
+- echo "There's no support for shared libraries on this platform" >&2; \
+- exit 1; \
+- fi
+-
+-link-shared:
+- @ set -e; for i in $(SHLIBDIRS); do \
+- $(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
+- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+- LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+- symlink.$(SHLIB_TARGET); \
+- libs="$$libs -l$$i"; \
+- done
+-
+-build-shared: do_$(SHLIB_TARGET) link-shared
+-
+-do_$(SHLIB_TARGET):
+- @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+- $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+- LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+- LIBDEPS="$$libs $(EX_LIBS)" \
+- link_shlib.$(SHLIB_TARGET); \
+- libs="-l$$i $$libs"; \
+- case "$(PLATFORM)" in \
+- Cygwin*) \
+- rm -f apps/cyg$$i-$(SHLIB_MAJOR).$(SHLIB_MINOR).dll; \
+- rm -f test/cyg$$i-$(SHLIB_MAJOR).$(SHLIB_MINOR).dll; \
+- cp cyg$$i-$(SHLIB_MAJOR).$(SHLIB_MINOR).dll apps/; \
+- cp cyg$$i-$(SHLIB_MAJOR).$(SHLIB_MINOR).dll test/; \
+- ;; \
+- mingw*) \
+- arch=; \
+- if expr $(PLATFORM) : mingw64 > /dev/null; then \
+- arch=-x64; \
+- fi; \
+- rm -f apps/lib$$i-$(SHLIB_MAJOR)_$(SHLIB_MINOR)$$arch.dll; \
+- rm -f test/lib$$i-$(SHLIB_MAJOR)_$(SHLIB_MINOR)$$arch.dll; \
+- cp lib$$i-$(SHLIB_MAJOR)_$(SHLIB_MINOR)$$arch.dll apps/; \
+- cp lib$$i-$(SHLIB_MAJOR)_$(SHLIB_MINOR)$$arch.dll test/; \
+- ;; \
+- esac; \
+- done
+-
+-libcrypto.pc: Makefile
+- @ ( echo 'prefix=$(INSTALLTOP)'; \
+- echo 'exec_prefix=$${prefix}'; \
+- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+- echo 'includedir=$${prefix}/include'; \
+- echo ''; \
+- echo 'Name: OpenSSL-libcrypto'; \
+- echo 'Description: OpenSSL cryptography library'; \
+- echo 'Version: '$(VERSION); \
+- echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lcrypto'; \
+- echo 'Libs.private: $(EX_LIBS)'; \
+- echo 'Cflags: -I$${includedir}' ) > libcrypto.pc
+-
+-libssl.pc: Makefile
+- @ ( echo 'prefix=$(INSTALLTOP)'; \
+- echo 'exec_prefix=$${prefix}'; \
+- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+- echo 'includedir=$${prefix}/include'; \
+- echo ''; \
+- echo 'Name: OpenSSL-libssl'; \
+- echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+- echo 'Version: '$(VERSION); \
+- echo 'Requires.private: libcrypto'; \
+- echo 'Libs: -L$${libdir} -lssl'; \
+- echo 'Libs.private: $(EX_LIBS)'; \
+- echo 'Cflags: -I$${includedir}' ) > libssl.pc
+-
+-openssl.pc: Makefile
+- @ ( echo 'prefix=$(INSTALLTOP)'; \
+- echo 'exec_prefix=$${prefix}'; \
+- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+- echo 'includedir=$${prefix}/include'; \
+- echo ''; \
+- echo 'Name: OpenSSL'; \
+- echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+- echo 'Version: '$(VERSION); \
+- echo 'Requires: libssl libcrypto' ) > openssl.pc
+-
+-Makefile: Makefile.in Configure config
+- @echo "Makefile is older than Makefile.in, Configure or config."
+- @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
+- @false
+-
+-libclean:
+- rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
+-
+-clean: libclean
+- rm -f */*/*.o */*.o *.o core a.out fluff testlog make.log cctest cctest.c
+- rm -rf *.bak certs/.0
+- @set -e; target=clean; $(RECURSIVE_BUILD_CMD)
+- rm -f $(LIBS) tags TAGS
+- rm -f openssl.pc libssl.pc libcrypto.pc
+- rm -f speed.* .pure
+- rm -f $(TARFILE)
+-
+-gentests:
+- @(cd test && echo "generating dummy tests (if needed)..." && \
+- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
+-
+-test: tests
+-
+-tests: build_tests
+- @(cd test && echo "testing..." && \
+- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+- @if [ -z "$(CROSS_COMPILE)" ]; then \
+- OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a; \
+- fi
+-
+-list-tests:
+- @(cd test && \
+- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. list-tests)
+-
+-report:
+- @$(PERL) util/selftest.pl
+-
+-tags TAGS: FORCE
+- rm -f TAGS tags
+- -ctags -R .
+- -etags `find . -name '*.[ch]' -o -name '*.pm'`
+-
+-FORCE:
+-
+-depend:
+- @set -e; target=depend; $(RECURSIVE_BUILD_CMD)
+-
+-update: generate errors ordinals depend
+-
+-generate:
+- (cd apps && PERL='${PERL}' $(MAKE) generate)
+- (cd crypto/bn && PERL='${PERL}' $(MAKE) generate)
+- (cd crypto/objects && PERL='${PERL}' $(MAKE) generate)
+-
+-errors:
+- $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
+- $(PERL) util/mkerr.pl -recurse -write
+- (cd engines; $(MAKE) PERL=$(PERL) errors)
+-
+-ordinals: util/libcrypto.num util/libssl.num test_ordinals TABLE
+-util/libcrypto.num::
+- $(PERL) util/mkdef.pl crypto update
+-util/libssl.num::
+- $(PERL) util/mkdef.pl ssl update
+-test_ordinals:
+- TOP=$(TOP) PERL=$(PERL) $(PERL) test/run_tests.pl test_ordinals
+-
+-TABLE: Configure Configurations/*.conf
+- (echo 'Output of `Configure TABLE'"':"; \
+- $(PERL) Configure TABLE) > TABLE
+-
+-# Build distribution tar-file. As the list of files returned by "find" is
+-# pretty long, on several platforms a "too many arguments" error or similar
+-# would occur. Therefore the list of files is temporarily stored into a file
+-# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
+-# tar does not support the --files-from option.
+-TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list \
+- --owner 0 --group 0 \
+- --transform 's|^|$(NAME)/|' \
+- -cvf -
+-
+-$(TARFILE).list:
+- git diff --quiet HEAD
+- git ls-files | sort > $(TARFILE).list
+-
+-tar: $(TARFILE).list
+- find . -type d -print | xargs chmod 755
+- find . -type f -print | xargs chmod a+r
+- find . -type f -perm -0100 -print | xargs chmod a+x
+- $(TAR_COMMAND) | gzip --best > $(TARFILE).gz
+- rm -f $(TARFILE).list
+- ls -l $(TARFILE).gz
+-
+-tar-snap: $(TARFILE).list
+- $(TAR_COMMAND) > $(TARFILE)
+- rm -f $(TARFILE).list
+- ls -l $(TARFILE)
+-
+-dist:
+- $(PERL) Configure dist
+- @$(MAKE) SDIRS='$(SDIRS)' clean
+- @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
+-
+-install: all install_docs install_sw
+-
+-uninstall: uninstall_sw uninstall_docs
+-
+-install_sw:
+- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALLDIRS)
+- @set -e; for i in include/openssl/*.h; do \
+- (cp $$i $(DESTDIR)$(INSTALLTOP)/$$i; \
+- chmod 644 $(DESTDIR)$(INSTALLTOP)/$$i ); \
+- done;
+- @set -e; target=install; for dir in $(INSTALL_SUBS); do $(BUILD_CMD); done
+- @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
+- do \
+- if [ -f "$$i" ]; then \
+- ( echo installing $$i; \
+- cp $$i $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+- $(RANLIB) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+- chmod 644 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
+- fi; \
+- done;
+- @set -e; if [ -n "$(SHARED_LIBS)" ]; then \
+- tmp="$(SHARED_LIBS)"; \
+- for i in $${tmp:-x}; \
+- do \
+- if [ -f "$$i" -o -f "$$i.a" ]; then \
+- case "$(PLATFORM)" in \
+- Cygwin*) \
+- c=`echo $$i | sed 's/^lib\(.*\)\.dll/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
+- echo installing $$c; \
+- cp $$c $(DESTDIR)$(INSTALLTOP)/bin/$$c.new; \
+- chmod 755 $(DESTDIR)$(INSTALLTOP)/bin/$$c.new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/bin/$$c.new $(DESTDIR)$(INSTALLTOP)/bin/$$c; \
+- echo installing $$i.a; \
+- cp $$i.a $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a.new; \
+- chmod 644 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a.new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a.new $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a; \
+- ;; \
+- mingw*) \
+- arch=; \
+- if expr $(PLATFORM) : mingw64 > /dev/null; then \
+- arch=-x64; \
+- fi; \
+- m=`echo $$i | sed -e 's/\.dll$$/-$(SHLIB_MAJOR)_$(SHLIB_MINOR)'"$$arch"'.dll/'`; \
+- echo installing $$m; \
+- cp $$m $(DESTDIR)$(INSTALLTOP)/bin/$$m.new; \
+- chmod 755 $(DESTDIR)$(INSTALLTOP)/bin/$$m.new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/bin/$$m.new $(DESTDIR)$(INSTALLTOP)/bin/$$m; \
+- echo installing $$i.a; \
+- cp $$i.a $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a.new; \
+- chmod 555 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a.new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a.new $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a; \
+- ;; \
+- *) \
+- echo installing $$i; \
+- cp $$i $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+- chmod 555 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+- ;; \
+- esac; \
+- fi; \
+- done; \
+- ( here="`pwd`"; \
+- cd $(DESTDIR)$(INSTALLTOP)/$(LIBDIR); \
+- $(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
+- if [ "$(INSTALLTOP)" != "/usr" ]; then \
+- echo 'OpenSSL shared libraries have been installed in:'; \
+- echo ' $(INSTALLTOP)'; \
+- fi; \
+- fi
+- cp libcrypto.pc $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+- chmod 644 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
+- cp libssl.pc $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+- chmod 644 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
+- cp openssl.pc $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+- chmod 644 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+-
+-uninstall_sw:
+- cd include/openssl && files=* && cd $(DESTDIR)$(INSTALLTOP)/include/openssl && $(RM) $$files
+- @for i in $(LIBS) ;\
+- do \
+- test -f "$$i" && \
+- echo $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i && \
+- $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+- done;
+- @if [ -n "$(SHARED_LIBS)" ]; then \
+- tmp="$(SHARED_LIBS)"; \
+- for i in $${tmp:-x}; \
+- do \
+- if [ -f "$$i" -o -f "$$i.a" ]; then \
+- case "$(PLATFORM)" in \
+- Cygwin*) \
+- c=`echo $$i | sed 's/^lib\(.*\)\.dll/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
+- echo $(RM) $(DESTDIR)$(INSTALLTOP)/bin/$$c; \
+- $(RM) $(DESTDIR)$(INSTALLTOP)/bin/$$c; \
+- echo $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a; \
+- $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a; \
+- ;; \
+- mingw*) \
+- arch=; \
+- if expr $(PLATFORM) : mingw64 > /dev/null; then \
+- arch=-x64; \
+- fi; \
+- m=`echo $$i | sed -e 's/\.dll$$/-$(SHLIB_MAJOR)_$(SHLIB_MINOR)'"$$arch"'.dll/'`; \
+- echo $(RM) $(DESTDIR)$(INSTALLTOP)/bin/$$m; \
+- $(RM) $(DESTDIR)$(INSTALLTOP)/bin/$$m; \
+- echo $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a; \
+- $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i.a; \
+- ;; \
+- *) \
+- echo $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+- $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+- ;; \
+- esac; \
+- fi; \
+- done; \
+- fi
+- $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
+- $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
+- $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+- @target=uninstall; for dir in $(INSTALL_SUBS); do $(BUILD_CMD); done
+-
+-install_html_docs:
+- here="`pwd`"; \
+- filecase=; \
+- case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
+- filecase=-i; \
+- esac; \
+- for subdir in apps crypto ssl; do \
+- $(PERL) $(TOP)/util/mkdir-p $(DESTDIR)$(HTMLDIR)/$$subdir; \
+- for i in doc/$$subdir/*.pod; do \
+- fn=`basename $$i .pod`; \
+- echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+- cat $$i \
+- | sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+- | pod2html --podroot=doc --htmlroot=.. --podpath=$$subdir:apps:crypto:ssl \
+- | sed -r 's/<!DOCTYPE.*//g' \
+- > $(DESTDIR)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+- $(PERL) util/extract-names.pl < $$i | \
+- grep -v $$filecase "^$$fn\$$" | \
+- (cd $(DESTDIR)$(HTMLDIR)/$$subdir; \
+- while read n; do \
+- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+- done); \
+- done; \
+- done
+-
+-uninstall_html_docs:
+- here="`pwd`"; \
+- filecase=; \
+- case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
+- filecase=-i; \
+- esac; \
+- for subdir in apps crypto ssl; do \
+- for i in doc/$$subdir/*.pod; do \
+- fn=`basename $$i .pod`; \
+- $(RM) $(DESTDIR)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+- $(PERL) util/extract-names.pl < $$i | \
+- grep -v $$filecase "^$$fn\$$" | \
+- while read n; do \
+- $(RM) $(DESTDIR)$(HTMLDIR)/$$subdir/"$$n".$(HTMLSUFFIX); \
+- done; \
+- done; \
+- done
+-
+-install_docs:
+- @$(PERL) $(TOP)/util/mkdir-p.pl \
+- $(DESTDIR)$(MANDIR)/man1 \
+- $(DESTDIR)$(MANDIR)/man3 \
+- $(DESTDIR)$(MANDIR)/man5 \
+- $(DESTDIR)$(MANDIR)/man7
+- here="`pwd`"; \
+- filecase=; \
+- case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
+- filecase=-i; \
+- esac; \
+- set -e; for i in doc/apps/*.pod; do \
+- fn=`basename $$i .pod`; \
+- sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
+- echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+- (cd `$(PERL) util/dirname.pl $$i`; \
+- pod2man \
+- --section=$$sec --center=OpenSSL \
+- --release=$(VERSION) `basename $$i`) \
+- > $(DESTDIR)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+- $(PERL) util/extract-names.pl < $$i | \
+- (grep -v $$filecase "^$$fn\$$"; true) | \
+- (grep -v "[ ]"; true) | \
+- (cd $(DESTDIR)$(MANDIR)/man$$sec/; \
+- while read n; do \
+- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+- done); \
+- done; \
+- set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
+- fn=`basename $$i .pod`; \
+- sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
+- echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+- (cd `$(PERL) util/dirname.pl $$i`; \
+- pod2man \
+- --section=$$sec --center=OpenSSL \
+- --release=$(VERSION) `basename $$i`) \
+- > $(DESTDIR)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+- $(PERL) util/extract-names.pl < $$i | \
+- (grep -v $$filecase "^$$fn\$$"; true) | \
+- (grep -v "[ ]"; true) | \
+- (cd $(DESTDIR)$(MANDIR)/man$$sec/; \
+- while read n; do \
+- PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+- done); \
+- done
+-
+-uninstall_docs:
+- @here="`pwd`"; \
+- filecase=; \
+- case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*) \
+- filecase=-i; \
+- esac; \
+- for i in doc/apps/*.pod; do \
+- fn=`basename $$i .pod`; \
+- sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
+- echo $(RM) $(DESTDIR)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+- $(RM) $(DESTDIR)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+- $(PERL) util/extract-names.pl < $$i | \
+- (grep -v $$filecase "^$$fn\$$"; true) | \
+- (grep -v "[ ]"; true) | \
+- while read n; do \
+- echo $(RM) $(DESTDIR)$(MANDIR)/man$$sec/"$$n".$${sec}$(MANSUFFIX); \
+- $(RM) $(DESTDIR)$(MANDIR)/man$$sec/"$$n".$${sec}$(MANSUFFIX); \
+- done; \
+- done; \
+- for i in doc/crypto/*.pod doc/ssl/*.pod; do \
+- fn=`basename $$i .pod`; \
+- sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
+- echo $(RM) $(DESTDIR)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+- $(RM) $(DESTDIR)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+- $(PERL) util/extract-names.pl < $$i | \
+- (grep -v $$filecase "^$$fn\$$"; true) | \
+- (grep -v "[ ]"; true) | \
+- while read n; do \
+- echo $(RM) $(DESTDIR)$(MANDIR)/man$$sec/"$$n".$${sec}$(MANSUFFIX); \
+- $(RM) $(DESTDIR)$(MANDIR)/man$$sec/"$$n".$${sec}$(MANSUFFIX); \
+- done; \
+- done
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/Makefile.shared b/Makefile.shared
+index 65980b2..d856180 100644
+--- a/Makefile.shared
++++ b/Makefile.shared
+@@ -14,6 +14,7 @@ CFLAGS=$(CFLAG)
+ LDFLAGS=$(LDFLAG)
+ SHARED_LDFLAGS=$(SHARED_LDFLAG)
+
++RC=windres
+ # SHARED_RCFLAGS are flags used with windres, i.e. when build for Cygwin
+ # or Mingw.
+ SHARED_RCFLAGS=$(SHARED_RCFLAG)
+@@ -278,9 +279,9 @@ link_shlib.cygwin:
+ SHLIB=cyg$(LIBNAME); SHLIB_SOVER=-$(LIBVERSION); SHLIB_SUFFIX=.dll; \
+ dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
+ echo "$(PERL) $(SRCDIR)/util/mkrc.pl $$dll_name |" \
+- "$(CROSS_COMPILE)windres $(SHARED_RCFLAGS) -o rc.o"; \
++ "$(RC) $(SHARED_RCFLAGS) -o rc.o"; \
+ $(PERL) $(SRCDIR)/util/mkrc.pl $$dll_name | \
+- $(CROSS_COMPILE)windres $(SHARED_RCFLAGS) -o rc.o; \
++ $(RC) $(SHARED_RCFLAGS) -o rc.o; \
+ ALLSYMSFLAGS='-Wl,--whole-archive'; \
+ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,--enable-auto-image-base -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a rc.o"; \
+@@ -306,9 +307,9 @@ link_shlib.mingw:
+ | sed -e 's|^\(LIBRARY *\)$(LIBNAME)32|\1'"$$dll_name"'|' \
+ > $(LIBNAME).def; \
+ echo "$(PERL) $(SRCDIR)/util/mkrc.pl $$dll_name |" \
+- "$(CROSS_COMPILE)windres $(SHARED_RCFLAGS) -o rc.o"; \
++ "$(RC) $(SHARED_RCFLAGS) -o rc.o"; \
+ $(PERL) $(SRCDIR)/util/mkrc.pl $$dll_name | \
+- $(CROSS_COMPILE)windres $(SHARED_RCFLAGS) -o rc.o; \
++ $(RC) $(SHARED_RCFLAGS) -o rc.o; \
+ ALLSYMSFLAGS='-Wl,--whole-archive'; \
+ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a $(LIBNAME).def rc.o"; \
+@@ -561,11 +562,11 @@ symlink.hpux:
+ symlink.cygwin symlink.alpha-osf1 symlink.tru64 symlink.tru64-rpath:
+
+ # Compatibility targets
+-link_dso.bsd-gcc-shared link_dso.linux-shared link_dso.gnu-shared link_dso.haiku-shared: link_dso.gnu
++link_dso.bsd-gcc-shared link_dso.linux-shared link_dso.gnu-shared: link_dso.gnu
+ link_shlib.bsd-gcc-shared: link_shlib.linux-shared
+-link_shlib.gnu-shared link_shlib.haiku-shared: link_shlib.gnu
+-link_app.bsd-gcc-shared link_app.linux-shared link_app.gnu-shared link_app.haiku-shared: link_app.gnu
+-symlink.bsd-gcc-shared symlink.bsd-shared symlink.linux-shared symlink.gnu-shared symlink.haiku-shared: symlink.gnu
++link_shlib.gnu-shared: link_shlib.gnu
++link_app.bsd-gcc-shared link_app.linux-shared link_app.gnu-shared: link_app.gnu
++symlink.bsd-gcc-shared symlink.bsd-shared symlink.linux-shared symlink.gnu-shared: symlink.gnu
+ link_dso.bsd-shared: link_dso.bsd
+ link_shlib.bsd-shared: link_shlib.bsd
+ link_app.bsd-shared: link_app.bsd
+diff --git a/NEWS b/NEWS
+index 90336bc..c3f7497 100644
+--- a/NEWS
++++ b/NEWS
+@@ -5,8 +5,9 @@
+ This file gives a brief overview of the major changes between each OpenSSL
+ release. For more details please read the CHANGES file.
+
+- Major changes between OpenSSL 1.0.2g and OpenSSL 1.1.0 [in pre-release]
++ Major changes between OpenSSL 1.0.2h and OpenSSL 1.1.0 [in pre-release]
+
++ o Copyright text was shrunk to a boilerplate that points to the license
+ o "shared" builds are now the default when possible
+ o Added support for "pipelining"
+ o Added the AFALG engine
+@@ -46,6 +47,19 @@
+ o Support for Certificate Transparency
+ o HKDF support.
+
++ Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]
++
++ o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
++ o Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
++ o Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
++ o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
++ o EBCDIC overread (CVE-2016-2176)
++ o Modify behavior of ALPN to invoke callback after SNI/servername
++ callback, such that updates to the SSL_CTX affect ALPN.
++ o Remove LOW from the DEFAULT cipher list. This removes singles DES from
++ the default.
++ o Only remove the SSLv2 methods with the no-ssl2-method option.
++
+ Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016]
+
+ o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
+diff --git a/NOTES.DJGPP b/NOTES.DJGPP
+new file mode 100644
+index 0000000..bbe63dc
+--- /dev/null
++++ b/NOTES.DJGPP
+@@ -0,0 +1,48 @@
++
++
++ INSTALLATION ON THE DOS PLATFORM WITH DJGPP
++ -------------------------------------------
++
++ OpenSSL has been ported to DJGPP, a Unix look-alike 32-bit run-time
++ environment for 16-bit DOS, but only with long filename support.
++ If you wish to compile on native DOS with 8+3 filenames, you will
++ have to tweak the installation yourself, including renaming files
++ with illegal or duplicate names.
++
++ You should have a full DJGPP environment installed, including the
++ latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
++ requires that PERL and the PERL module Text::Template also be
++ installed (see NOTES.PERL).
++
++ All of these can be obtained from the usual DJGPP mirror sites or
++ directly at "http://www.delorie.com/pub/djgpp". For help on which
++ files to download, see the DJGPP "ZIP PICKER" page at
++ "http://www.delorie.com/djgpp/zip-picker.html". You also need to have
++ the WATT-32 networking package installed before you try to compile
++ OpenSSL. This can be obtained from "http://www.watt-32.net/".
++ The Makefile assumes that the WATT-32 code is in the directory
++ specified by the environment variable WATT_ROOT. If you have watt-32
++ in directory "watt32" under your main DJGPP directory, specify
++ WATT_ROOT="/dev/env/DJDIR/watt32".
++
++ To compile OpenSSL, start your BASH shell, then configure for DJGPP by
++ running "./Configure" with appropriate arguments:
++
++ ./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
++
++ And finally fire up "make". You may run out of DPMI selectors when
++ running in a DOS box under Windows. If so, just close the BASH
++ shell, go back to Windows, and restart BASH. Then run "make" again.
++
++ RUN-TIME CAVEAT LECTOR
++ --------------
++
++ Quoting FAQ:
++
++ "Cryptographic software needs a source of unpredictable data to work
++ correctly. Many open source operating systems provide a "randomness
++ device" (/dev/urandom or /dev/random) that serves this purpose."
++
++ As of version 0.9.7f DJGPP port checks upon /dev/urandom$ for a 3rd
++ party "randomness" DOS driver. One such driver, NOISE.SYS, can be
++ obtained from "http://www.rahul.net/dkaufman/index.html".
+diff --git a/NOTES.PERL b/NOTES.PERL
+new file mode 100644
+index 0000000..eda812d
+--- /dev/null
++++ b/NOTES.PERL
+@@ -0,0 +1,118 @@
++ TOC
++ ===
++
++ - Notes on Perl
++ - Notes on Perl on Windows
++ - Notes on Perl modules we use
++ - Notes on installing a perl module
++
++ Notes on Perl
++ -------------
++
++ For our scripts, we rely quite a bit on Perl, and increasingly on
++ some core Perl modules. These Perl modules are part of the Perl
++ source, so if you build Perl on your own, you should be set.
++
++ However, if you install Perl as binary packages, the outcome might
++ differ, and you may have to check that you do get the core modules
++ installed properly. We do not claim to know them all, but experience
++ has told us the following:
++
++ - on Linux distributions based on Debian, the package 'perl' will
++ install the core Perl modules as well, so you will be fine.
++ - on Linux distributions based on RPMs, you will need to install
++ 'perl-core' rather than just 'perl'.
++
++ You MUST have at least Perl version 5.10.0 installed. This minimum
++ requirement is due to our use of regexp backslash sequence \R among
++ other features that didn't exist in core Perl before that version.
++
++ Notes on Perl on Windows
++ ------------------------
++
++ There are a number of build targets that can be viewed as "Windows".
++ Indeed, there are VC-* configs targeting VisualStudio C, as well as
++ MinGW and Cygwin. The key recommendation is to use "matching" Perl,
++ one that matches build environment. For example, if you will build
++ on Cygwin be sure to use the Cygwin package manager to install Perl.
++ For VC-* builds we recommend ActiveState Perl, available from
++ http://www.activestate.com/ActivePerl.
++
++ Notes on Perl on VMS
++ --------------------
++
++ You will need to install Perl separately. One way to do so is to
++ download the source from http://perl.org/, unpacking it, reading
++ README.vms and follow instructions. Another way is to download a
++ .PCSI file from http://www.vmsperl.com/ and install it using the
++ POLYCENTER install tool.
++
++ Notes on Perl modules we use
++ ----------------------------
++
++ We make increasing use of Perl modules, and do our best to limit
++ ourselves to core Perl modules to keep the requirements down. There
++ are just a few exceptions:
++
++ Test::More We require the minimum version to be 0.96, which
++ appeared in Perl 5.13.4, because that version was
++ the first to have all the features we're using.
++ This module is required for testing only! If you
++ don't plan on running the tests, you don't need to
++ bother with this one.
++
++ Text::Template This module is not part of the core Perl modules.
++ As a matter of fact, the core Perl modules do not
++ include any templating module to date.
++ This module is absolutely needed, configuration
++ depends on it.
++
++ To avoid unnecessary initial hurdles, we have bundled a copy of the
++ following modules in our source. They will work as fallbacks if
++ these modules aren't already installed on the system.
++
++ Text::Template
++
++ Notes on installing a perl module
++ ---------------------------------
++
++ There are a number of ways to install a perl module. In all
++ descriptions below, Text::Template will server as an example.
++
++ 1. for Linux users, the easiest is to install with the use of your
++ favorite package manager. Usually, all you need to do is search
++ for the module name and to install the package that comes up.
++
++ On Debian based Linux distributions, it would go like this:
++
++ $ apt-cache search Text::Template
++ ...
++ libtext-template-perl - perl module to process text templates
++ $ sudo apt-get install libtext-template-perl
++
++ Perl modules in Debian based distributions use package names like
++ the name of the module in question, with "lib" prepended and
++ "-perl" appended.
++
++ 2. Install using CPAN. This is very easy, but usually requires root
++ access:
++
++ $ cpan -i Text::Template
++
++ Note that this runs all the tests that the module to be install
++ comes with. This is usually a smooth operation, but there are
++ platforms where a failure is indicate even though the actual tests
++ were successful. Should that happen, you can force an
++ installation regardless (that should be safe since you've already
++ seen the tests succeed!):
++
++ $ cpan -f -i Text::Template
++
++ Note: on VMS, you must quote any argument that contains upper case
++ characters, so the lines above would be:
++
++ $ cpan -i "Text::Template"
++
++ and:
++
++ $ cpan -f -i "Text::Template"
+diff --git a/NOTES.WIN b/NOTES.WIN
+index 1c10b75..b3d1967 100644
+--- a/NOTES.WIN
++++ b/NOTES.WIN
+@@ -2,15 +2,16 @@
+ NOTES FOR THE WINDOWS PLATFORMS
+ ===============================
+
+- [Notes for Windows CE can be found in INSTALL.WCE]
+-
+ Requirement details for native (Visual C++) builds
+ --------------------------------------------------
+
++ In addition to the requirements and instructions listed in INSTALL,
++ this are required as well:
++
+ - You need Perl. We recommend ActiveState Perl, available from
+ http://www.activestate.com/ActivePerl.
+ You also need the perl module Text::Template, available on CPAN.
+- Please read README.PERL for more information.
++ Please read NOTES.PERL for more information.
+
+ - You need a C compiler. OpenSSL has been tested to build with these:
+
+@@ -46,6 +47,12 @@
+ PREFIX: %ProgramFiles%\OpenSSL
+ OPENSSLDIR: %CommonProgramFiles%\SSL
+
++ ALSO NOTE that those directories are usually write protected, even if
++ your account is in the Administrators group. To work around that,
++ start the command prompt by right-clicking on it and choosing "Run as
++ Administrator" before running 'nmake install'. The other solution
++ is, of course, to choose a different set of directories by using
++ --prefix and --openssldir when configuring.
+
+ GNU C (Cygwin)
+ --------------
+@@ -105,18 +112,18 @@
+ This section applies to non-Cygwin builds.
+
+ If you link with static OpenSSL libraries then you're expected to
+- additionally link your application with WS2_32.LIB, ADVAPI32.LIB,
+- GDI32.LIB and USER32.LIB. Those developing non-interactive service
+- applications might feel concerned about linking with the latter two,
+- as they are justly associated with interactive desktop, which is not
+- available to service processes. The toolkit is designed to detect in
+- which context it's currently executed, GUI, console app or service,
+- and act accordingly, namely whether or not to actually make GUI calls.
+- Additionally those who wish to /DELAYLOAD:GDI32.DLL and /DELAYLOAD:USER32.DLL
+- and actually keep them off service process should consider
+- implementing and exporting from .exe image in question own
+- _OPENSSL_isservice not relying on USER32.DLL.
+- E.g., on Windows Vista and later you could:
++ additionally link your application with WS2_32.LIB, GDI32.LIB,
++ ADVAPI32.LIB, CRYPT32.LIB and USER32.LIB. Those developing
++ non-interactive service applications might feel concerned about
++ linking with GDI32.LIB and USER32.LIB, as they are justly associated
++ with interactive desktop, which is not available to service
++ processes. The toolkit is designed to detect in which context it's
++ currently executed, GUI, console app or service, and act accordingly,
++ namely whether or not to actually make GUI calls. Additionally those
++ who wish to /DELAYLOAD:GDI32.DLL and /DELAYLOAD:USER32.DLL and
++ actually keep them off service process should consider implementing
++ and exporting from .exe image in question own _OPENSSL_isservice not
++ relying on USER32.DLL. E.g., on Windows Vista and later you could:
+
+ __declspec(dllexport) __cdecl BOOL _OPENSSL_isservice(void)
+ { DWORD sess;
+diff --git a/README b/README
+index 5773613..1672580 100644
+--- a/README
++++ b/README
+@@ -1,5 +1,5 @@
+
+- OpenSSL 1.1.0-pre5 (beta) 19 Apr 2016
++ OpenSSL 1.1.0-pre6-dev
+
+ Copyright (c) 1998-2016 The OpenSSL Project
+ Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
+@@ -48,9 +48,8 @@
+ ------------
+
+ See the appropriate file:
+- INSTALL Linux, Unix, Windows, OpenVMS
+- INSTALL.DJGPP DOS platform with DJGPP
+- INSTALL.WCE Windows CE
++ INSTALL Linux, Unix, Windows, OpenVMS, ...
++ NOTES.* INSTALL addendums for different platforms
+
+ SUPPORT
+ -------
+diff --git a/README.PERL b/README.PERL
+deleted file mode 100644
+index 184b377..0000000
+--- a/README.PERL
++++ /dev/null
+@@ -1,118 +0,0 @@
+- TOC
+- ===
+-
+- - Notes on Perl
+- - Notes on Perl on Windows
+- - Notes on Perl modules we use
+- - Notes on installing a perl module
+-
+- Notes on Perl
+- -------------
+-
+- For our scripts, we rely quite a bit on Perl, and increasingly on
+- some core Perl modules. These Perl modules are part of the Perl
+- source, so if you build Perl on your own, you should be set.
+-
+- However, if you install Perl as binary packages, the outcome might
+- differ, and you may have to check that you do get the core modules
+- installed properly. We do not claim to know them all, but experience
+- has told us the following:
+-
+- - on Linux distributions based on Debian, the package 'perl' will
+- install the core Perl modules as well, so you will be fine.
+- - on Linux distributions based on RPMs, you will need to install
+- 'perl-core' rather than just 'perl'.
+-
+- You MUST have at least Perl version 5.10.0 installed. This minimum
+- requirement is due to our use of regexp backslash sequence \R among
+- other features that didn't exist in core Perl before that version.
+-
+- Notes on Perl on Windows
+- ------------------------
+-
+- If you will build on Cygwin (and possibly some other POSIX layers),
+- Perl is already part of your distribution. Simply use the Cygwin
+- package manager to make sure Perl gets installed.
+-
+- Otherwise, you will need to install Perl separately. The Perl
+- package that we know of is ActiveState Perl, available from
+- http://www.activestate.com/ActivePerl.
+-
+- Notes on Perl on VMS
+- --------------------
+-
+- You will need to install Perl separately. One way to do so is to
+- download the source from http://perl.org/, unpacking it, reading
+- README.vms and follow instructions. Another way is to download a
+- .PCSI file from http://www.vmsperl.com/ and install it using the
+- POLYCENTER install tool.
+-
+- Notes on Perl modules we use
+- ----------------------------
+-
+- We make increasing use of Perl modules, and do our best to limit
+- ourselves to core Perl modules to keep the requirements down. There
+- are just a few exceptions:
+-
+- Test::More We require the minimum version to be 0.96, which
+- appeared in Perl 5.13.4, because that version was
+- the first to have all the features we're using.
+- This module is required for testing only! If you
+- don't plan on running the tests, you don't need to
+- bother with this one.
+-
+- Text::Template This module is not part of the core Perl modules.
+- As a matter of fact, the core Perl modules do not
+- include any templating module to date.
+- This module is absolutely needed, configuration
+- depends on it.
+-
+- To avoid unnecessary initial hurdles, we have bundled a copy of the
+- following modules in our source. They will work as fallbacks if
+- these modules aren't already installed on the system.
+-
+- Text::Template
+-
+- Notes on installing a perl module
+- ---------------------------------
+-
+- There are a number of ways to install a perl module. In all
+- descriptions below, Text::Template will server as an example.
+-
+- 1. for Linux users, the easiest is to install with the use of your
+- favorite package manager. Usually, all you need to do is search
+- for the module name and to install the package that comes up.
+-
+- On Debian based Linux distributions, it would go like this:
+-
+- $ apt-cache search Text::Template
+- ...
+- libtext-template-perl - perl module to process text templates
+- $ sudo apt-get install libtext-template-perl
+-
+- Perl modules in Debian based distributions use package names like
+- the name of the module in question, with "lib" prepended and
+- "-perl" appended.
+-
+- 2. Install using CPAN. This is very easy, but usually requires root
+- access:
+-
+- $ cpan -i Text::Template
+-
+- Note that this runs all the tests that the module to be install
+- comes with. This is usually a smooth operation, but there are
+- platforms where a failure is indicate even though the actual tests
+- were successful. Should that happen, you can force an
+- installation regardless (that should be safe since you've already
+- seen the tests succeed!):
+-
+- $ cpan -f -i Text::Template
+-
+- Note: on VMS, you must quote any argument that contains upper case
+- characters, so the lines above would be:
+-
+- $ cpan -i "Text::Template"
+-
+- and:
+-
+- $ cpan -f -i "Text::Template"
+diff --git a/VMS/VMSify-conf.pl b/VMS/VMSify-conf.pl
+index 9890362..21eff11 100644
+--- a/VMS/VMSify-conf.pl
++++ b/VMS/VMSify-conf.pl
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/VMS/openssl_shutdown.com.in b/VMS/openssl_shutdown.com.in
+index 236979e..5385362 100644
+--- a/VMS/openssl_shutdown.com.in
++++ b/VMS/openssl_shutdown.com.in
+@@ -39,9 +39,7 @@ $ DEAS OSSL$LIB'v'
+ $ DEAS OSSL$SHARE'v'
+ $ DEAS OSSL$ENGINES'v'
+ $ DEAS OSSL$EXE'v'
+-$ {- output_off() if $disabled{shared} -}
+-$ {- join("\n\$ ", map { "DEAS $_'v'" } map { $unified_info{sharednames}->{$_} || () } @{$unified_info{libraries}}) -}
+-$ {- output_on() -}
++$ {- join("\n\$ ", map { my $x = uc $_; "DEAS ${x}'v'" } @{$config{shared_libs}}) -}
+ $ IF P2 .NES. "NOALIASES"
+ $ THEN
+ $ DEAS OSSL$ROOT
+@@ -51,9 +49,7 @@ $ DEAS OSSL$SHARE
+ $ DEAS OSSL$ENGINES
+ $ DEAS OSSL$EXE
+ $ DEAS OPENSSL
+-$ {- output_off() if $disabled{shared} -}
+-$ {- join("\n\$ ", map { "DEAS $_" } map { $unified_info{sharednames}->{$_} || () } @{$unified_info{libraries}}) -}
+-$ {- output_on() -}
++$ {- join("\n\$ ", map { my $x = uc $_; "DEAS ${x}" } @{$config{shared_libs}}) -}
+ $ ENDIF
+ $
+ $ EXIT 'status'
+diff --git a/VMS/openssl_startup.com.in b/VMS/openssl_startup.com.in
+index caad022..e5043b5 100644
+--- a/VMS/openssl_startup.com.in
++++ b/VMS/openssl_startup.com.in
+@@ -90,9 +90,7 @@ $ DEF OSSL$LIB'v' OSSL$INSTROOT:[LIB.'arch']
+ $ DEF OSSL$SHARE'v' OSSL$INSTROOT:[LIB.'arch']
+ $ DEF OSSL$ENGINES'v' OSSL$INSTROOT:[ENGINES.'arch']
+ $ DEF OSSL$EXE'v' OSSL$INSTROOT:[EXE.'arch']
+-$ {- output_off() if $disabled{shared} -}
+-$ {- join("\n\$ ", map { "DEF $_'v' OSSL\$SHARE:$_" } map { $unified_info{sharednames}->{$_} || () } @{$unified_info{libraries}}) -}
+-$ {- output_on() -}
++$ {- join("\n\$ ", map { my $x = uc $_; "DEF ${x}'v' OSSL\$SHARE:${x}" } @{$config{shared_libs}}) -}
+ $ IF P2 .NES. "NOALIASES"
+ $ THEN
+ $ DEF OSSL$INSTROOT OSSL$INSTROOT'v'
+@@ -102,9 +100,7 @@ $ DEF OSSL$SHARE OSSL$SHARE'v'
+ $ DEF OSSL$ENGINES OSSL$ENGINES'v'
+ $ DEF OSSL$EXE OSSL$EXE'v'
+ $ DEF OPENSSL OSSL$INCLUDE:[OPENSSL]
+-$ {- output_off() if $disabled{shared} -}
+-$ {- join("\n\$ ", map { "DEF $_ $_'v'" } map { $unified_info{sharednames}->{$_} || () } @{$unified_info{libraries}}) -}
+-$ {- output_on() -}
++$ {- join("\n\$ ", map { my $x = uc $_; "DEF ${x} ${x}'v'" } @{$config{shared_libs}}) -}
+ $ ENDIF
+ $
+ $ DEFT OSSL$DATAROOT 'OPENSSLDIR_'
+diff --git a/VMS/openssl_utils.com b/VMS/openssl_utils.com
+index b9dea72..09c75d9 100644
+--- a/VMS/openssl_utils.com
++++ b/VMS/openssl_utils.com
+@@ -5,8 +5,7 @@ $ OPENSSL :== $OSSL$EXE:OPENSSL
+ $
+ $ IF F$SYMBOL(PERL) .EQS. "STRING"
+ $ THEN
+-$ OSSLCA :== 'PERL' OSSL$EXE:CA.pl
+-$ OSSLREHASH :== 'PERL' OSSL$EXE:c_rehash.pl
++$ C_REHASH :== 'PERL' OSSL$EXE:c_rehash.pl
+ $ ELSE
+-$ WRITE SYS$ERROR "NOTE: no perl => no OSSLCA or OSSLREHASH"
++$ WRITE SYS$ERROR "NOTE: no perl => no C_REHASH"
+ $ ENDIF
+diff --git a/VMS/translatesyms.pl b/VMS/translatesyms.pl
+index de3db6c..f61d954 100644
+--- a/VMS/translatesyms.pl
++++ b/VMS/translatesyms.pl
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # This script will translate any SYMBOL_VECTOR item that has a translation
+ # in CXX$DEMANGLER_DB. The latter is generated by and CC/DECC command that
+diff --git a/apps/CA.pl.in b/apps/CA.pl.in
+index f5e8e4a..0dec24c 100644
+--- a/apps/CA.pl.in
++++ b/apps/CA.pl.in
+@@ -1,4 +1,11 @@
+ #!{- $config{perl} -}
++# Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # Wrapper around the ca to make it easier to use
+ #
+@@ -16,7 +23,7 @@ if(defined $ENV{'OPENSSL'}) {
+
+ my $verbose = 1;
+
+-my $OPENSSL_CONFIG = $ENV{"OPENSSL_CONFIG"};
++my $OPENSSL_CONFIG = $ENV{"OPENSSL_CONFIG"} || "";
+ my $DAYS = "-days 365";
+ my $CADAYS = "-days 1095"; # 3 years
+ my $REQ = "$openssl req $OPENSSL_CONFIG";
+@@ -38,7 +45,7 @@ my $NEWREQ = "newreq.pem";
+ my $NEWCERT = "newcert.pem";
+ my $NEWP12 = "newcert.p12";
+ my $RET = 0;
+-my $WHAT = shift @ARGV;
++my $WHAT = shift @ARGV || "";
+ my $FILE;
+
+ # See if reason for a CRL entry is valid; exit if not.
+@@ -89,7 +96,7 @@ sub run
+
+
+ if ( $WHAT =~ /^(-\?|-h|-help)$/ ) {
+- print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-signcert|-verify\n";
+ print STDERR " CA -pkcs12 [certname]\n";
+ print STDERR " CA -crl|-revoke cert-filename [reason]\n";
+ exit 0;
+diff --git a/apps/Makefile.in b/apps/Makefile.in
+deleted file mode 100644
+index d2ec0c7..0000000
+--- a/apps/Makefile.in
++++ /dev/null
+@@ -1,159 +0,0 @@
+-#
+-# apps/Makefile
+-#
+-
+-DIR= apps
+-TOP= ..
+-CC= cc
+-INCLUDES= -I$(TOP) -I../crypto -I../include
+-CFLAG= -g -static -Wswitch
+-MAKEFILE= Makefile
+-PERL= perl
+-RM= rm -f
+-
+-PLIB_LDFLAG=
+-EX_LIBS=
+-EXE_EXT=
+-
+-APPS_OBJ=
+-
+-SHLIB_TARGET=
+-
+-CFLAGS= $(INCLUDES) $(CFLAG)
+-
+-GENERAL=Makefile makeapps.com install.com
+-
+-DLIBCRYPTO=../libcrypto.a
+-DLIBSSL=../libssl.a
+-LIBCRYPTO=-L.. -lcrypto
+-LIBSSL=-L.. -lssl
+-
+-SCRIPTS=CA.pl tsget
+-EXE= openssl$(EXE_EXT)
+-CONFS=openssl.cnf ct_log_list.cnf
+-
+-COMMANDS= \
+- asn1pars.o ca.o ciphers.o cms.o crl.o crl2p7.o dgst.o dhparam.o \
+- dsa.o dsaparam.o ec.o ecparam.o enc.o engine.o errstr.o gendsa.o \
+- genpkey.o genrsa.o nseq.o ocsp.o passwd.o pkcs12.o pkcs7.o pkcs8.o \
+- pkey.o pkeyparam.o pkeyutl.o prime.o rand.o req.o rsa.o rsautl.o \
+- s_client.o s_server.o s_time.o sess_id.o smime.o speed.o spkac.o \
+- srp.o ts.o verify.o version.o x509.o rehash.o
+-
+-EXTRA_OBJ=apps.o opt.o s_cb.o s_socket.o
+-EXTRA_SRC=apps.c opt.c s_cb.c s_socket.c
+-RAND_OBJ=app_rand.o
+-RAND_SRC=app_rand.c
+-
+-OBJ = $(COMMANDS)
+-
+-SRC = \
+- asn1pars.c ca.c ciphers.c cms.c crl.c crl2p7.c dgst.c dhparam.c \
+- dsa.c dsaparam.c ec.c ecparam.c enc.c engine.c errstr.c gendsa.c \
+- genpkey.c genrsa.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c pkcs8.c \
+- pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c rsa.c rsautl.c \
+- s_client.c s_server.c s_time.c sess_id.c smime.c speed.c spkac.c \
+- srp.c ts.c verify.c version.c x509.c rehash.c
+-
+-EXE_OBJ = openssl.o $(OBJ) $(EXTRA_OBJ) $(RAND_OBJ) $(APPS_OBJ)
+-EXE_SRC = openssl.c $(SRC) $(EXTRA_SRC) $(RAND_SRC)
+-
+-HEADER= apps.h progs.h s_apps.h \
+- testdsa.h testrsa.h timeouts.h
+-
+-ALL= $(GENERAL) $(EXE_SRC) $(HEADER)
+-
+-top:
+- @(cd ..; $(MAKE) DIRS=$(DIR) all)
+-
+-all: exe scripts
+-
+-exe: $(EXE)
+-
+-scripts: $(SCRIPTS)
+-
+-openssl-vms.cnf: openssl.cnf
+- $(PERL) $(TOP)/VMS/VMSify-conf.pl < openssl.cnf > openssl-vms.cnf
+-
+-install:
+- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+- @set -e; for i in $(EXE); \
+- do \
+- echo installing $$i; \
+- cp $$i $(DESTDIR)$(INSTALLTOP)/bin/$$i.new; \
+- chmod 755 $(DESTDIR)$(INSTALLTOP)/bin/$$i.new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/bin/$$i.new $(DESTDIR)$(INSTALLTOP)/bin/$$i; \
+- done
+- @set -e; for i in $(SCRIPTS); \
+- do \
+- echo installing $$i; \
+- cp $$i $(DESTDIR)$(OPENSSLDIR)/misc/$$i.new; \
+- chmod 755 $(DESTDIR)$(OPENSSLDIR)/misc/$$i.new; \
+- mv -f $(DESTDIR)$(OPENSSLDIR)/misc/$$i.new $(DESTDIR)$(OPENSSLDIR)/misc/$$i; \
+- done
+- @set -e; for i in $(CONFS); \
+- do \
+- echo installing $$i; \
+- cp $$i $(DESTDIR)$(OPENSSLDIR)/$$i.new; \
+- chmod 644 $(DESTDIR)$(OPENSSLDIR)/$$i.new; \
+- mv -f $(DESTDIR)$(OPENSSLDIR)/$$i.new $(DESTDIR)$(OPENSSLDIR)/$$i; \
+- done
+-
+-uninstall:
+- @set -e; for i in $(EXE); \
+- do \
+- echo $(RM) $(DESTDIR)$(INSTALLTOP)/bin/$$i; \
+- $(RM) $(DESTDIR)$(INSTALLTOP)/bin/$$i; \
+- done
+- @set -e; for i in $(SCRIPTS); \
+- do \
+- echo $(RM) $(DESTDIR)$(OPENSSLDIR)/misc/$$i; \
+- $(RM) $(DESTDIR)$(OPENSSLDIR)/misc/$$i; \
+- done
+- @set -e; for i in $(CONFS); \
+- do \
+- echo $(RM) $(DESTDIR)$(OPENSSLDIR)/$$i; \
+- $(RM) $(DESTDIR)$(OPENSSLDIR)/$$i; \
+- done
+-
+-generate: openssl-vms.cnf progs.h
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(EXE_SRC)
+-
+-clean:
+- rm -f *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
+- rm -f req
+-
+-$(DLIBSSL):
+- (cd ..; $(MAKE) build_libssl)
+-
+-$(DLIBCRYPTO):
+- (cd ..; $(MAKE) build_libcrypto)
+-
+-$(EXE): $(EXE_OBJ) $(DLIBCRYPTO) $(DLIBSSL)
+- $(RM) $(EXE)
+- shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+- shlib_target="$(SHLIB_TARGET)"; \
+- fi; \
+- LIBRARIES="$(LIBSSL) $(LIBCRYPTO)" ; \
+- $(MAKE) -f $(TOP)/Makefile.shared -e \
+- APPNAME=$(EXE) OBJECTS="$(EXE_OBJ)" \
+- LDFLAG="$(LDFLAG)" \
+- LIBDEPS="$(PLIB_LDFLAG) $$LIBRARIES $(EX_LIBS)" \
+- link_app.$${shlib_target}
+-
+-progs.h: progs.pl Makefile.in
+- $(RM) progs.h
+- $(PERL) progs.pl $(EXE_SRC) > progs.h
+-
+-CA.pl: CA.pl.in
+- $(PERL) -I$(TOP) -Mconfigdata $(TOP)/util/dofile.pl -oapps/Makefile CA.pl.in > CA.pl.new
+- mv CA.pl.new CA.pl
+-
+-tsget: tsget.in
+- $(PERL) -I$(TOP) -Mconfigdata $(TOP)/util/dofile.pl -oapps/Makefile tsget.in > tsget.new
+- mv tsget.new tsget
+-
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/apps/app_rand.c b/apps/app_rand.c
+index a6805d4..8163d99 100644
+--- a/apps/app_rand.c
++++ b/apps/app_rand.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "apps.h"
+diff --git a/apps/apps.c b/apps/apps.c
+index 6d8c489..a3e1794 100644
+--- a/apps/apps.c
++++ b/apps/apps.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
+@@ -115,6 +14,7 @@
+ */
+ # define _POSIX_C_SOURCE 2
+ #endif
++
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -142,7 +42,7 @@
+ #endif
+ #include <openssl/bn.h>
+ #include <openssl/ssl.h>
+-
++#include "s_apps.h"
+ #include "apps.h"
+
+ #ifdef _WIN32
+@@ -156,7 +56,9 @@ typedef struct {
+ unsigned long mask;
+ } NAME_EX_TBL;
+
++#if !defined(OPENSSL_NO_UI) || !defined(OPENSSL_NO_ENGINE)
+ static UI_METHOD *ui_method = NULL;
++#endif
+
+ static int set_table_opts(unsigned long *flags, const char *arg,
+ const NAME_EX_TBL * in_tbl);
+@@ -174,8 +76,6 @@ int chopup_args(ARGS *arg, char *buf)
+ if (arg->size == 0) {
+ arg->size = 20;
+ arg->argv = app_malloc(sizeof(*arg->argv) * arg->size, "argv space");
+- if (arg->argv == NULL)
+- return 0;
+ }
+
+ for (p = buf;;) {
+@@ -187,11 +87,12 @@ int chopup_args(ARGS *arg, char *buf)
+
+ /* The start of something good :-) */
+ if (arg->argc >= arg->size) {
++ char **tmp;
+ arg->size += 20;
+- arg->argv = OPENSSL_realloc(arg->argv,
+- sizeof(*arg->argv) * arg->size);
+- if (arg->argv == NULL)
++ tmp = OPENSSL_realloc(arg->argv, sizeof(*arg->argv) * arg->size);
++ if (tmp == NULL)
+ return 0;
++ arg->argv = tmp;
+ }
+ quoted = *p == '\'' || *p == '"';
+ if (quoted)
+@@ -568,9 +469,9 @@ int app_load_modules(const CONF *config)
+ CONF *to_free = NULL;
+
+ if (config == NULL)
+- config = to_free = app_load_config_quiet(default_config_file);
++ config = to_free = app_load_config_quiet(default_config_file);
+ if (config == NULL)
+- return 1;
++ return 1;
+
+ if (CONF_modules_load(config, NULL, 0) <= 0) {
+ BIO_printf(bio_err, "Error configuring OpenSSL modules\n");
+@@ -1085,6 +986,7 @@ int set_name_ex(unsigned long *flags, const char *arg)
+ {
+ static const NAME_EX_TBL ex_tbl[] = {
+ {"esc_2253", ASN1_STRFLGS_ESC_2253, 0},
++ {"esc_2254", ASN1_STRFLGS_ESC_2254, 0},
+ {"esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0},
+ {"esc_msb", ASN1_STRFLGS_ESC_MSB, 0},
+ {"use_quote", ASN1_STRFLGS_ESC_QUOTE, 0},
+@@ -1382,7 +1284,7 @@ static unsigned long index_serial_hash(const OPENSSL_CSTRING *a)
+ n = a[DB_serial];
+ while (*n == '0')
+ n++;
+- return (lh_strhash(n));
++ return OPENSSL_LH_strhash(n);
+ }
+
+ static int index_serial_cmp(const OPENSSL_CSTRING *a,
+@@ -1402,7 +1304,7 @@ static int index_name_qual(char **a)
+
+ static unsigned long index_name_hash(const OPENSSL_CSTRING *a)
+ {
+- return (lh_strhash(a[DB_name]));
++ return OPENSSL_LH_strhash(a[DB_name]);
+ }
+
+ int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
+@@ -1513,7 +1415,7 @@ int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
+
+ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
+ {
+- char buf[5][BSIZE];
++ char buf[2][BSIZE];
+ int i, j;
+
+ i = strlen(serialfile) + strlen(old_suffix);
+@@ -1882,6 +1784,7 @@ int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
+ BIO *mem;
+ int len, ret;
+ unsigned char tbuf[1024];
++
+ mem = BIO_new(BIO_s_mem());
+ if (mem == NULL)
+ return -1;
+@@ -1964,9 +1867,9 @@ void policies_print(X509_STORE_CTX *ctx)
+ * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
+ * outlen: (output) set to the length of the resulting buffer on success.
+ * err: (maybe NULL) on failure, an error message line is written to this BIO.
+- * in: a NUL termianted string like "abc,def,ghi"
++ * in: a NUL terminated string like "abc,def,ghi"
+ *
+- * returns: a malloced buffer or NULL on failure.
++ * returns: a malloc'd buffer or NULL on failure.
+ */
+ unsigned char *next_protos_parse(size_t *outlen, const char *in)
+ {
+@@ -2621,6 +2524,8 @@ BIO *bio_open_default_quiet(const char *filename, char mode, int format)
+
+ void wait_for_async(SSL *s)
+ {
++ /* On Windows select only works for sockets, so we simply don't wait */
++#ifndef OPENSSL_SYS_WINDOWS
+ int width = 0;
+ fd_set asyncfds;
+ OSSL_ASYNC_FD *fds;
+@@ -2630,7 +2535,7 @@ void wait_for_async(SSL *s)
+ return;
+ if (numfds == 0)
+ return;
+- fds = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD) * numfds);
++ fds = app_malloc(sizeof(OSSL_ASYNC_FD) * numfds, "allocate async fds");
+ if (!SSL_get_all_async_fds(s, fds, &numfds)) {
+ OPENSSL_free(fds);
+ }
+@@ -2644,4 +2549,33 @@ void wait_for_async(SSL *s)
+ fds++;
+ }
+ select(width, (void *)&asyncfds, NULL, NULL, NULL);
++#endif
+ }
++
++/* if OPENSSL_SYS_WINDOWS is defined then so is OPENSSL_SYS_MSDOS */
++#if defined(OPENSSL_SYS_MSDOS)
++int has_stdin_waiting(void)
++{
++# if defined(OPENSSL_SYS_WINDOWS)
++ HANDLE inhand = GetStdHandle(STD_INPUT_HANDLE);
++ DWORD events = 0;
++ INPUT_RECORD inputrec;
++ DWORD insize = 1;
++ BOOL peeked;
++
++ if (inhand == INVALID_HANDLE_VALUE) {
++ return 0;
++ }
++
++ peeked = PeekConsoleInput(inhand, &inputrec, insize, &events);
++ if (!peeked) {
++ /* Probably redirected input? _kbhit() does not work in this case */
++ if (!feof(stdin)) {
++ return 1;
++ }
++ return 0;
++ }
++# endif
++ return _kbhit();
++}
++#endif
+diff --git a/apps/apps.h b/apps/apps.h
+index 10e1534..6a0acab 100644
+--- a/apps/apps.h
++++ b/apps/apps.h
+@@ -1,117 +1,19 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_APPS_H
+ # define HEADER_APPS_H
+
+ # include "e_os.h"
++# if defined(__unix) || defined(__unix__)
++# include <sys/time.h> /* struct timeval for DTLS */
++# endif
+ # include <assert.h>
+
+ # include <openssl/e_os2.h>
+@@ -165,6 +67,9 @@ CONF *app_load_config_quiet(const char *filename);
+ int app_load_modules(const CONF *config);
+ void unbuffer(FILE *fp);
+ void wait_for_async(SSL *s);
++# if defined(OPENSSL_SYS_MSDOS)
++int has_stdin_waiting(void);
++# endif
+
+ /*
+ * Common verification options.
+@@ -407,6 +312,7 @@ typedef struct string_int_pair_st {
+ # define OPT_FMT_HTTP (1L << 9)
+ # define OPT_FMT_PVK (1L << 10)
+ # define OPT_FMT_PDE (OPT_FMT_PEMDER | OPT_FMT_ENGINE)
++# define OPT_FMT_PDS (OPT_FMT_PEMDER | OPT_FMT_SMIME)
+ # define OPT_FMT_ANY ( \
+ OPT_FMT_PEMDER | OPT_FMT_PKCS12 | OPT_FMT_SMIME | \
+ OPT_FMT_ENGINE | OPT_FMT_MSBLOB | OPT_FMT_NETSCAPE | \
+diff --git a/apps/asn1pars.c b/apps/asn1pars.c
+index 3da7e3b..d3b1970 100644
+--- a/apps/asn1pars.c
++++ b/apps/asn1pars.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+@@ -82,7 +34,7 @@ OPTIONS asn1parse_options[] = {
+ {"in", OPT_IN, '<', "input file"},
+ {"out", OPT_OUT, '>', "output file (output format is always DER)"},
+ {"i", OPT_INDENT, 0, "indents the output"},
+- {"noout", OPT_NOOUT, 0, "don't produce any output"},
++ {"noout", OPT_NOOUT, 0, "do not produce any output"},
+ {"offset", OPT_OFFSET, 'p', "offset into file"},
+ {"length", OPT_LENGTH, 'p', "length of section in file"},
+ {"oid", OPT_OID, '<', "file of extra oid definitions"},
+diff --git a/apps/build.info b/apps/build.info
+index 3baba66..c7dc19f 100644
+--- a/apps/build.info
++++ b/apps/build.info
+@@ -1,4 +1,6 @@
+-{- use File::Spec::Functions qw/catdir rel2abs/; -}
++{- use File::Spec::Functions qw/catdir rel2abs/;
++ our $tsget_name = $config{target} =~ /^(VC|vms)-/ ? "tsget.pl" : "tsget";
++ "" -}
+ IF[{- !$disabled{apps} -}]
+ PROGRAMS=openssl
+ SOURCE[openssl]=\
+@@ -12,10 +14,10 @@ IF[{- !$disabled{apps} -}]
+ apps.c opt.c s_cb.c s_socket.c \
+ app_rand.c \
+ {- $target{apps_aux_src} -}
+- INCLUDE[openssl]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[openssl]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[openssl]=../libssl
+
+- SCRIPTS=CA.pl tsget
++ SCRIPTS=CA.pl {- $tsget_name -}
+ SOURCE[CA.pl]=CA.pl.in
+- SOURCE[tsget]=tsget.in
++ SOURCE[{- $tsget_name -}]=tsget.in
+ ENDIF
+diff --git a/apps/ca.c b/apps/ca.c
+index 95801fb..acbd388 100644
+--- a/apps/ca.c
++++ b/apps/ca.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* The PPKI stuff has been donated by Jeff Barber <jeffb at issl.atl.hp.com> */
+@@ -181,9 +133,7 @@ char *make_revocation_str(int rev_type, char *rev_arg);
+ int make_revoked(X509_REVOKED *rev, const char *str);
+ static int old_entry_print(ASN1_OBJECT *obj, ASN1_STRING *str);
+
+-static CONF *conf = NULL;
+ static CONF *extconf = NULL;
+-static char *section = NULL;
+ static int preserve = 0;
+ static int msie_hack = 0;
+
+@@ -220,7 +170,7 @@ OPTIONS ca_options[] = {
+ {"policy", OPT_POLICY, 's', "The CA 'policy' to support"},
+ {"keyfile", OPT_KEYFILE, 's', "Private key"},
+ {"keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)"},
+- {"passin", OPT_PASSIN, 's'},
++ {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+ {"key", OPT_KEY, 's', "Key to decode the private key if it is encrypted"},
+ {"cert", OPT_CERT, '<', "The CA cert"},
+ {"selfsign", OPT_SELFSIGN, '-',
+@@ -228,17 +178,17 @@ OPTIONS ca_options[] = {
+ {"in", OPT_IN, '<', "The input PEM encoded cert request(s)"},
+ {"out", OPT_OUT, '>', "Where to put the output file(s)"},
+ {"outdir", OPT_OUTDIR, '/', "Where to put output cert"},
+- {"sigopt", OPT_SIGOPT, 's'},
+- {"notext", OPT_NOTEXT, '-'},
++ {"sigopt", OPT_SIGOPT, 's', "Signature parameter in n:v form"},
++ {"notext", OPT_NOTEXT, '-', "Do not print the generated certificate"},
+ {"batch", OPT_BATCH, '-', "Don't ask questions"},
+ {"preserveDN", OPT_PRESERVEDN, '-', "Don't re-order the DN"},
+ {"noemailDN", OPT_NOEMAILDN, '-', "Don't add the EMAIL field to the DN"},
+ {"gencrl", OPT_GENCRL, '-', "Generate a new CRL"},
+ {"msie_hack", OPT_MSIE_HACK, '-',
+ "msie modifications to handle all those universal strings"},
+- {"crldays", OPT_CRLDAYS, 'p', "Days is when the next CRL is due"},
+- {"crlhours", OPT_CRLHOURS, 'p', "Hours is when the next CRL is due"},
+- {"crlsec", OPT_CRLSEC, 'p'},
++ {"crldays", OPT_CRLDAYS, 'p', "Days until the next CRL is due"},
++ {"crlhours", OPT_CRLHOURS, 'p', "Hours until the next CRL is due"},
++ {"crlsec", OPT_CRLSEC, 'p', "Seconds until the next CRL is due"},
+ {"infiles", OPT_INFILES, '-', "The last argument, requests to process"},
+ {"ss_cert", OPT_SS_CERT, '<', "File contains a self signed cert to sign"},
+ {"spkac", OPT_SPKAC, '<',
+@@ -268,6 +218,7 @@ OPTIONS ca_options[] = {
+
+ int ca_main(int argc, char **argv)
+ {
++ CONF *conf = NULL;
+ ENGINE *e = NULL;
+ BIGNUM *crlnumber = NULL, *serial = NULL;
+ EVP_PKEY *pkey = NULL;
+@@ -281,7 +232,7 @@ int ca_main(int argc, char **argv)
+ STACK_OF(X509) *cert_sk = NULL;
+ X509_CRL *crl = NULL;
+ const EVP_MD *dgst = NULL;
+- char *configfile = default_config_file;
++ char *configfile = default_config_file, *section = NULL;
+ char *md = NULL, *policy = NULL, *keyfile = NULL;
+ char *certfile = NULL, *crl_ext = NULL, *crlnumberfile = NULL;
+ char *infile = NULL, *spkac_file = NULL, *ss_cert_file = NULL;
+@@ -289,7 +240,7 @@ int ca_main(int argc, char **argv)
+ char *outdir = NULL, *outfile = NULL, *rev_arg = NULL, *ser_status = NULL;
+ char *serialfile = NULL, *startdate = NULL, *subj = NULL;
+ char *prog, *enddate = NULL, *tmp_email_dn = NULL;
+- char *dbfile = NULL, *f, *randfile = NULL, *tofree = NULL;
++ char *dbfile = NULL, *f, *randfile = NULL;
+ char buf[3][BSIZE];
+ char *const *pp;
+ const char *p;
+@@ -304,46 +255,41 @@ int ca_main(int argc, char **argv)
+ X509_REVOKED *r = NULL;
+ OPTION_CHOICE o;
+
+- conf = NULL;
+- section = NULL;
+- preserve = 0;
+- msie_hack = 0;
+-
+ prog = opt_init(argc, argv, ca_options);
+ while ((o = opt_next()) != OPT_EOF) {
+ switch (o) {
+- case OPT_EOF:
+- case OPT_ERR:
++ case OPT_EOF:
++ case OPT_ERR:
+ opthelp:
+- BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
+- goto end;
+- case OPT_HELP:
+- opt_help(ca_options);
+- ret = 0;
+- goto end;
+- case OPT_IN:
+- req = 1;
+- infile = opt_arg();
+- break;
+- case OPT_OUT:
+- outfile = opt_arg();
+- break;
+- case OPT_VERBOSE:
+- verbose = 1;
+- break;
+- case OPT_CONFIG:
+- configfile = opt_arg();
+- break;
+- case OPT_NAME:
+- section = opt_arg();
+- break;
+- case OPT_SUBJ:
+- subj = opt_arg();
+- /* preserve=1; */
+- break;
+- case OPT_UTF8:
+- chtype = MBSTRING_UTF8;
+- break;
++ BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
++ goto end;
++ case OPT_HELP:
++ opt_help(ca_options);
++ ret = 0;
++ goto end;
++ case OPT_IN:
++ req = 1;
++ infile = opt_arg();
++ break;
++ case OPT_OUT:
++ outfile = opt_arg();
++ break;
++ case OPT_VERBOSE:
++ verbose = 1;
++ break;
++ case OPT_CONFIG:
++ configfile = opt_arg();
++ break;
++ case OPT_NAME:
++ section = opt_arg();
++ break;
++ case OPT_SUBJ:
++ subj = opt_arg();
++ /* preserve=1; */
++ break;
++ case OPT_UTF8:
++ chtype = MBSTRING_UTF8;
++ break;
+ case OPT_CREATE_SERIAL:
+ create_ser = 1;
+ break;
+@@ -481,13 +427,11 @@ end_of_options:
+ argv = opt_rest();
+
+ BIO_printf(bio_err, "Using configuration from %s\n", configfile);
+- /* We already loaded the default config file */
+- if (configfile != default_config_file) {
+- if ((conf = app_load_config(configfile)) == NULL)
+- goto end;
+- if (!app_load_modules(conf))
+- goto end;
+- }
++
++ if ((conf = app_load_config(configfile)) == NULL)
++ goto end;
++ if (configfile != default_config_file && !app_load_modules(conf))
++ goto end;
+
+ /* Lets get the config section we are using */
+ if (section == NULL) {
+@@ -552,7 +496,7 @@ end_of_options:
+ } else
+ ERR_clear_error();
+
+- /*****************************************************************/
++ /*****************************************************************/
+ /* report status of cert with serial number given on command line */
+ if (ser_status) {
+ if ((dbfile = NCONF_get_string(conf, section, ENV_DATABASE)) == NULL) {
+@@ -571,7 +515,7 @@ end_of_options:
+ goto end;
+ }
+
+- /*****************************************************************/
++ /*****************************************************************/
+ /* we definitely need a private key, so let's get it */
+
+ if ((keyfile == NULL) && ((keyfile = NCONF_get_string(conf,
+@@ -596,7 +540,7 @@ end_of_options:
+ goto end;
+ }
+
+- /*****************************************************************/
++ /*****************************************************************/
+ /* we need a certificate */
+ if (!selfsign || spkac_file || ss_cert_file || gencrl) {
+ if ((certfile == NULL)
+@@ -664,7 +608,7 @@ end_of_options:
+ } else
+ ERR_clear_error();
+
+- /*****************************************************************/
++ /*****************************************************************/
+ /* lookup where to write new certificates */
+ if ((outdir == NULL) && (req)) {
+
+@@ -690,7 +634,7 @@ end_of_options:
+ #endif
+ }
+
+- /*****************************************************************/
++ /*****************************************************************/
+ /* we need to load the database file */
+ if ((dbfile = NCONF_get_string(conf, section, ENV_DATABASE)) == NULL) {
+ lookup_fail(section, ENV_DATABASE);
+@@ -748,7 +692,7 @@ end_of_options:
+ if (!index_index(db))
+ goto end;
+
+- /*****************************************************************/
++ /*****************************************************************/
+ /* Update the db file for expired certificates */
+ if (doupdatedb) {
+ if (verbose)
+@@ -1116,7 +1060,7 @@ end_of_options:
+ }
+ }
+
+- /*****************************************************************/
++ /*****************************************************************/
+ if (gencrl) {
+ int crl_v2 = 0;
+ if (!crl_ext) {
+@@ -1257,7 +1201,7 @@ end_of_options:
+ goto end;
+
+ }
+- /*****************************************************************/
++ /*****************************************************************/
+ if (dorevoke) {
+ if (infile == NULL) {
+ BIO_printf(bio_err, "no input files\n");
+@@ -1283,10 +1227,9 @@ end_of_options:
+ BIO_printf(bio_err, "Data Base Updated\n");
+ }
+ }
+- /*****************************************************************/
++ /*****************************************************************/
+ ret = 0;
+ end:
+- OPENSSL_free(tofree);
+ BIO_free_all(Cout);
+ BIO_free_all(Sout);
+ BIO_free_all(out);
+diff --git a/apps/ciphers.c b/apps/ciphers.c
+index 924c015..9e3b633 100644
+--- a/apps/ciphers.c
++++ b/apps/ciphers.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -70,6 +22,7 @@ typedef enum OPTION_choice {
+ OPT_TLS1_1,
+ OPT_TLS1_2,
+ OPT_PSK,
++ OPT_SRP,
+ OPT_V, OPT_UPPER_V, OPT_S
+ } OPTION_CHOICE;
+
+@@ -96,6 +49,9 @@ OPTIONS ciphers_options[] = {
+ #ifndef OPENSSL_NO_PSK
+ {"psk", OPT_PSK, '-', "include ciphersuites requiring PSK"},
+ #endif
++#ifndef OPENSSL_NO_SRP
++ {"srp", OPT_SRP, '-', "include ciphersuites requiring SRP"},
++#endif
+ {NULL}
+ };
+
+@@ -108,6 +64,12 @@ static unsigned int dummy_psk(SSL *ssl, const char *hint, char *identity,
+ return 0;
+ }
+ #endif
++#ifndef OPENSSL_NO_SRP
++static char *dummy_srp(SSL *ssl, void *arg)
++{
++ return "";
++}
++#endif
+
+ int ciphers_main(int argc, char **argv)
+ {
+@@ -122,6 +84,9 @@ int ciphers_main(int argc, char **argv)
+ #ifndef OPENSSL_NO_PSK
+ int psk = 0;
+ #endif
++#ifndef OPENSSL_NO_SRP
++ int srp = 0;
++#endif
+ const char *p;
+ char *ciphers = NULL, *prog;
+ char buf[512];
+@@ -174,6 +139,10 @@ int ciphers_main(int argc, char **argv)
+ #ifndef OPENSSL_NO_PSK
+ psk = 1;
+ #endif
++ case OPT_SRP:
++#ifndef OPENSSL_NO_SRP
++ srp = 1;
++#endif
+ break;
+ }
+ }
+@@ -197,6 +166,10 @@ int ciphers_main(int argc, char **argv)
+ if (psk)
+ SSL_CTX_set_psk_client_callback(ctx, dummy_psk);
+ #endif
++#ifndef OPENSSL_NO_SRP
++ if (srp)
++ SSL_CTX_set_srp_client_pwd_callback(ctx, dummy_srp);
++#endif
+ if (ciphers != NULL) {
+ if (!SSL_CTX_set_cipher_list(ctx, ciphers)) {
+ BIO_printf(bio_err, "Error in cipher list\n");
+diff --git a/apps/cms.c b/apps/cms.c
+index 95f2124..3a9b7af 100644
+--- a/apps/cms.c
++++ b/apps/cms.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* CMS utility function */
+@@ -134,15 +90,15 @@ OPTIONS cms_options[] = {
+ " cert.pem... recipient certs for encryption\n"},
+ {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
+ {"help", OPT_HELP, '-', "Display this summary"},
+- {"inform", OPT_INFORM, 'F', "Input format SMIME (default), PEM or DER"},
+- {"outform", OPT_OUTFORM, 'F',
++ {"inform", OPT_INFORM, 'c', "Input format SMIME (default), PEM or DER"},
++ {"outform", OPT_OUTFORM, 'c',
+ "Output format SMIME (default), PEM or DER"},
+ {"in", OPT_IN, '<', "Input file"},
+ {"out", OPT_OUT, '>', "Output file"},
+ {"encrypt", OPT_ENCRYPT, '-', "Encrypt message"},
+ {"decrypt", OPT_DECRYPT, '-', "Decrypt encrypted message"},
+ {"sign", OPT_SIGN, '-', "Sign message"},
+- {"sign_receipt", OPT_SIGN_RECEIPT, '-'},
++ {"sign_receipt", OPT_SIGN_RECEIPT, '-', "Generate a signed receipt for the message"},
+ {"resign", OPT_RESIGN, '-'},
+ {"verify", OPT_VERIFY, '-', "Verify signed message"},
+ {"verify_retcode", OPT_VERIFY_RETCODE, '-'},
+@@ -177,7 +133,7 @@ OPTIONS cms_options[] = {
+ {"noindef", OPT_NOINDEF, '-'},
+ {"nooldmime", OPT_NOOLDMIME, '-'},
+ {"crlfeol", OPT_CRLFEOL, '-'},
+- {"noout", OPT_NOOUT, '-'},
++ {"noout", OPT_NOOUT, '-', "For the -cmsout operation do not output the parsed CMS structure"},
+ {"receipt_request_print", OPT_RR_PRINT, '-'},
+ {"receipt_request_all", OPT_RR_ALL, '-'},
+ {"receipt_request_first", OPT_RR_FIRST, '-'},
+@@ -191,7 +147,7 @@ OPTIONS cms_options[] = {
+ "Do not load certificates from the default certificates directory"},
+ {"content", OPT_CONTENT, '<',
+ "Supply or override content for detached signature"},
+- {"print", OPT_PRINT, '-'},
++ {"print", OPT_PRINT, '-', "For the -cmsout operation print out all fields of the CMS structure"},
+ {"secretkey", OPT_SECRETKEY, 's'},
+ {"secretkeyid", OPT_SECRETKEYID, 's'},
+ {"pwri_password", OPT_PWRI_PASSWORD, 's'},
+@@ -205,7 +161,7 @@ OPTIONS cms_options[] = {
+ {"signer", OPT_SIGNER, 's', "Signer certificate file"},
+ {"recip", OPT_RECIP, '<', "Recipient cert file for decryption"},
+ {"certsout", OPT_CERTSOUT, '>', "Certificate output file"},
+- {"md", OPT_MD, 's'},
++ {"md", OPT_MD, 's', "Digest algorithm to use when signing or resigning"},
+ {"inkey", OPT_INKEY, 's',
+ "Input private key (if not signer or recipient)"},
+ {"keyform", OPT_KEYFORM, 'f', "Input private key format (PEM or ENGINE)"},
+@@ -260,6 +216,7 @@ int cms_main(int argc, char **argv)
+ unsigned char *pwri_pass = NULL, *pwri_tmp = NULL;
+ unsigned char *secret_key = NULL, *secret_keyid = NULL;
+ long ltmp;
++ const char *mime_eol = "\n";
+ OPTION_CHOICE o;
+
+ if ((vpm = X509_VERIFY_PARAM_new()) == NULL)
+@@ -278,11 +235,11 @@ int cms_main(int argc, char **argv)
+ ret = 0;
+ goto end;
+ case OPT_INFORM:
+- if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
++ if (!opt_format(opt_arg(), OPT_FMT_PDS, &informat))
+ goto opthelp;
+ break;
+ case OPT_OUTFORM:
+- if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
++ if (!opt_format(opt_arg(), OPT_FMT_PDS, &outformat))
+ goto opthelp;
+ break;
+ case OPT_OUT:
+@@ -392,6 +349,7 @@ int cms_main(int argc, char **argv)
+ flags |= CMS_NOOLDMIMETYPE;
+ break;
+ case OPT_CRLFEOL:
++ mime_eol = "\r\n";
+ flags |= CMS_CRLFEOL;
+ break;
+ case OPT_NOOUT:
+@@ -1084,11 +1042,11 @@ int cms_main(int argc, char **argv)
+ CMS_ContentInfo_print_ctx(out, cms, 0, NULL);
+ } else if (outformat == FORMAT_SMIME) {
+ if (to)
+- BIO_printf(out, "To: %s\n", to);
++ BIO_printf(out, "To: %s%s", to, mime_eol);
+ if (from)
+- BIO_printf(out, "From: %s\n", from);
++ BIO_printf(out, "From: %s%s", from, mime_eol);
+ if (subject)
+- BIO_printf(out, "Subject: %s\n", subject);
++ BIO_printf(out, "Subject: %s%s", subject, mime_eol);
+ if (operation == SMIME_RESIGN)
+ ret = SMIME_write_CMS(out, cms, indata, flags);
+ else
+diff --git a/apps/crl.c b/apps/crl.c
+index 915c9ac..3e30bdc 100644
+--- a/apps/crl.c
++++ b/apps/crl.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -80,15 +32,15 @@ OPTIONS crl_options[] = {
+ {"in", OPT_IN, '<', "Input file - default stdin"},
+ {"outform", OPT_OUTFORM, 'F', "Output format - default PEM"},
+ {"out", OPT_OUT, '>', "output file - default stdout"},
+- {"keyform", OPT_KEYFORM, 'F'},
+- {"key", OPT_KEY, '<'},
++ {"keyform", OPT_KEYFORM, 'F', "Private key file format (PEM or ENGINE)"},
++ {"key", OPT_KEY, '<', "CRL signing Private key to use"},
+ {"issuer", OPT_ISSUER, '-', "Print issuer DN"},
+ {"lastupdate", OPT_LASTUPDATE, '-', "Set lastUpdate field"},
+ {"nextupdate", OPT_NEXTUPDATE, '-', "Set nextUpdate field"},
+ {"noout", OPT_NOOUT, '-', "No CRL output"},
+ {"fingerprint", OPT_FINGERPRINT, '-', "Print the crl fingerprint"},
+ {"crlnumber", OPT_CRLNUMBER, '-', "Print CRL number"},
+- {"badsig", OPT_BADSIG, '-'},
++ {"badsig", OPT_BADSIG, '-', "Corrupt last byte of loaded CRL signature (for test)" },
+ {"gendelta", OPT_GENDELTA, '<'},
+ {"CApath", OPT_CAPATH, '/', "Verify CRL using certificates in dir"},
+ {"CAfile", OPT_CAFILE, '<', "Verify CRL using certificates in file name"},
+@@ -96,7 +48,7 @@ OPTIONS crl_options[] = {
+ "Do not load the default certificates file"},
+ {"no-CApath", OPT_NOCAPATH, '-',
+ "Do not load certificates from the default certificates directory"},
+- {"verify", OPT_VERIFY, '-'},
++ {"verify", OPT_VERIFY, '-', "Verify CRL signature"},
+ {"text", OPT_TEXT, '-', "Print out a text format version"},
+ {"hash", OPT_HASH, '-', "Print hash value"},
+ {"nameopt", OPT_NAMEOPT, 's', "Various certificate name options"},
+@@ -244,13 +196,13 @@ int crl_main(int argc, char **argv)
+ if (lookup == NULL)
+ goto end;
+ ctx = X509_STORE_CTX_new();
+- if (!X509_STORE_CTX_init(ctx, store, NULL, NULL)) {
++ if (ctx == NULL || !X509_STORE_CTX_init(ctx, store, NULL, NULL)) {
+ BIO_printf(bio_err, "Error initialising X509 store\n");
+ goto end;
+ }
+
+- xobj = X509_STORE_get_X509_by_subject(ctx, X509_LU_X509,
+- X509_CRL_get_issuer(x));
++ xobj = X509_STORE_CTX_get_obj_by_subject(ctx, X509_LU_X509,
++ X509_CRL_get_issuer(x));
+ if (xobj == NULL) {
+ BIO_printf(bio_err, "Error getting CRL issuer certificate\n");
+ goto end;
+diff --git a/apps/crl2p7.c b/apps/crl2p7.c
+index e864973..73e6270 100644
+--- a/apps/crl2p7.c
++++ b/apps/crl2p7.c
+@@ -1,64 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-
+ /*
+- * This was written by Gordon Chaffee <chaffee at plateau.cs.berkeley.edu> and
+- * donated 'to the cause' along with lots and lots of other fixes to the
+- * library.
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/apps/dgst.c b/apps/dgst.c
+index bebaaf5..e438b7c 100644
+--- a/apps/dgst.c
++++ b/apps/dgst.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/apps/dh1024.pem b/apps/dh1024.pem
+index 6eaeca9..f1a5e18 100644
+--- a/apps/dh1024.pem
++++ b/apps/dh1024.pem
+@@ -1,10 +1,10 @@
+ -----BEGIN DH PARAMETERS-----
+-MIGHAoGBAPSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsY
+-jY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6
+-ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpL3jHAgEC
++MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR
++Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL
++/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC
+ -----END DH PARAMETERS-----
+
+-These are the 1024 bit DH parameters from "Assigned Number for SKIP Protocols"
+-(http://www.skip-vpn.org/spec/numbers.html).
+-See there for how they were generated.
+-Note that g is not a generator, but this is not a problem since p is a safe prime.
++These are the 1024-bit DH parameters from "Internet Key Exchange
++Protocol Version 2 (IKEv2)": https://tools.ietf.org/html/rfc5996
++
++See https://tools.ietf.org/html/rfc2412 for how they were generated.
+diff --git a/apps/dh2048.pem b/apps/dh2048.pem
+index dcd0b8d..e899f2e 100644
+--- a/apps/dh2048.pem
++++ b/apps/dh2048.pem
+@@ -1,12 +1,14 @@
+ -----BEGIN DH PARAMETERS-----
+-MIIBCAKCAQEA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV
+-89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50
+-T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknb
+-zSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdX
+-Q6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbT
+-CD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwIBAg==
++MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
++5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==
+ -----END DH PARAMETERS-----
+
+-These are the 2048 bit DH parameters from "Assigned Number for SKIP Protocols"
+-(http://www.skip-vpn.org/spec/numbers.html).
+-See there for how they were generated.
++These are the 2048-bit DH parameters from "More Modular Exponential
++(MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)":
++https://tools.ietf.org/html/rfc3526
++
++See https://tools.ietf.org/html/rfc2412 for how they were generated.
+diff --git a/apps/dh4096.pem b/apps/dh4096.pem
+index 1b35ad8..adada2b 100644
+--- a/apps/dh4096.pem
++++ b/apps/dh4096.pem
+@@ -1,18 +1,19 @@
+ -----BEGIN DH PARAMETERS-----
+-MIICCAKCAgEA+hRyUsFN4VpJ1O8JLcCo/VWr19k3BCgJ4uk+d+KhehjdRqNDNyOQ
+-l/MOyQNQfWXPeGKmOmIig6Ev/nm6Nf9Z2B1h3R4hExf+zTiHnvVPeRBhjdQi81rt
+-Xeoh6TNrSBIKIHfUJWBh3va0TxxjQIs6IZOLeVNRLMqzeylWqMf49HsIXqbcokUS
+-Vt1BkvLdW48j8PPv5DsKRN3tloTxqDJGo9tKvj1Fuk74A+Xda1kNhB7KFlqMyN98
+-VETEJ6c7KpfOo30mnK30wqw3S8OtaIR/maYX72tGOno2ehFDkq3pnPtEbD2CScxc
+-alJC+EL7RPk5c/tgeTvCngvc1KZn92Y//EI7G9tPZtylj2b56sHtMftIoYJ9+ODM
+-sccD5Piz/rejE3Ome8EOOceUSCYAhXn8b3qvxVI1ddd1pED6FHRhFvLrZxFvBEM9
+-ERRMp5QqOaHJkM+Dxv8Cj6MqrCbfC4u+ZErxodzuusgDgvZiLF22uxMZbobFWyte
+-OvOzKGtwcTqO/1wV5gKkzu1ZVswVUQd5Gg8lJicwqRWyyNRczDDoG9jVDxmogKTH
+-AaqLulO7R8Ifa1SwF2DteSGVtgWEN8gDpN3RBmmPTDngyF2DHb5qmpnznwtFKdTL
+-KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI=
++MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
++IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
++awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
++mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
++fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
++5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
++fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
++ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
++ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
+++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
++HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI=
+ -----END DH PARAMETERS-----
+
+-These are the 4096 bit DH parameters from "Assigned Number for SKIP Protocols"
+-(http://www.skip-vpn.org/spec/numbers.html).
+-See there for how they were generated.
+-Note that g is not a generator, but this is not a problem since p is a safe prime.
++These are the 4096-bit DH parameters from "More Modular Exponential
++(MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)":
++https://tools.ietf.org/html/rfc3526
++
++See https://tools.ietf.org/html/rfc2412 for how they were generated.
+diff --git a/apps/dhparam.c b/apps/dhparam.c
+index 9ad80ed..350dd28 100644
+--- a/apps/dhparam.c
++++ b/apps/dhparam.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -150,7 +49,7 @@ OPTIONS dhparam_options[] = {
+ {"out", OPT_OUT, '>', "Output file"},
+ {"check", OPT_CHECK, '-', "Check the DH parameters"},
+ {"text", OPT_TEXT, '-', "Print a text form of the DH parameters"},
+- {"noout", OPT_NOOUT, '-'},
++ {"noout", OPT_NOOUT, '-', "Don't output any DH parameters"},
+ {"rand", OPT_RAND, 's',
+ "Load the file(s) into the random number generator"},
+ {"C", OPT_C, '-', "Print C code"},
+diff --git a/apps/dsa.c b/apps/dsa.c
+index 1c841a3..ef50fed 100644
+--- a/apps/dsa.c
++++ b/apps/dsa.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -83,15 +35,15 @@ typedef enum OPTION_choice {
+
+ OPTIONS dsa_options[] = {
+ {"help", OPT_HELP, '-', "Display this summary"},
+- {"inform", OPT_INFORM, 'F', "Input format, DER PEM PVK"},
++ {"inform", OPT_INFORM, 'f', "Input format, DER PEM PVK"},
+ {"outform", OPT_OUTFORM, 'F', "Output format, DER PEM PVK"},
+ {"in", OPT_IN, 's', "Input key"},
+ {"out", OPT_OUT, '>', "Output file"},
+ {"noout", OPT_NOOUT, '-', "Don't print key out"},
+ {"text", OPT_TEXT, '-', "Print the key in text"},
+ {"modulus", OPT_MODULUS, '-', "Print the DSA public value"},
+- {"pubin", OPT_PUBIN, '-'},
+- {"pubout", OPT_PUBOUT, '-'},
++ {"pubin", OPT_PUBIN, '-', "Expect a public key in input file"},
++ {"pubout", OPT_PUBOUT, '-', "Output public key, not private"},
+ {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+ {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
+ {"", OPT_CIPHER, '-', "Any supported cipher"},
+diff --git a/apps/dsaparam.c b/apps/dsaparam.c
+index 5c282be..c12bd70 100644
+--- a/apps/dsaparam.c
++++ b/apps/dsaparam.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+diff --git a/apps/ec.c b/apps/ec.c
+index 432e9ff..007bf0a 100644
+--- a/apps/ec.c
++++ b/apps/ec.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -92,15 +44,15 @@ typedef enum OPTION_choice {
+
+ OPTIONS ec_options[] = {
+ {"help", OPT_HELP, '-', "Display this summary"},
+- {"in", OPT_IN, '<', "Input file"},
+- {"inform", OPT_INFORM, 'F', "Input format - DER or PEM"},
++ {"in", OPT_IN, 's', "Input file"},
++ {"inform", OPT_INFORM, 'f', "Input format - DER or PEM"},
+ {"out", OPT_OUT, '>', "Output file"},
+ {"outform", OPT_OUTFORM, 'F', "Output format - DER or PEM"},
+ {"noout", OPT_NOOUT, '-', "Don't print key out"},
+ {"text", OPT_TEXT, '-', "Print the key"},
+ {"param_out", OPT_PARAM_OUT, '-', "Print the elliptic curve parameters"},
+- {"pubin", OPT_PUBIN, '-'},
+- {"pubout", OPT_PUBOUT, '-'},
++ {"pubin", OPT_PUBIN, '-', "Expect a public key in input file"},
++ {"pubout", OPT_PUBOUT, '-', "Output public key, not private"},
+ {"no_public", OPT_NO_PUBLIC, '-', "exclude public key from private key"},
+ {"check", OPT_CHECK, '-', "check key consistency"},
+ {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+@@ -118,6 +70,7 @@ OPTIONS ec_options[] = {
+ int ec_main(int argc, char **argv)
+ {
+ BIO *in = NULL, *out = NULL;
++ ENGINE *e = NULL;
+ EC_KEY *eckey = NULL;
+ const EC_GROUP *group;
+ const EVP_CIPHER *enc = NULL;
+@@ -143,7 +96,7 @@ int ec_main(int argc, char **argv)
+ ret = 0;
+ goto end;
+ case OPT_INFORM:
+- if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
++ if (!opt_format(opt_arg(), OPT_FMT_ANY, &informat))
+ goto opthelp;
+ break;
+ case OPT_IN:
+@@ -178,7 +131,7 @@ int ec_main(int argc, char **argv)
+ passoutarg = opt_arg();
+ break;
+ case OPT_ENGINE:
+- (void)setup_engine(opt_arg(), 0);
++ e = setup_engine(opt_arg(), 0);
+ break;
+ case OPT_CIPHER:
+ if (!opt_cipher(opt_unknown(), &enc))
+@@ -217,9 +170,11 @@ int ec_main(int argc, char **argv)
+ goto end;
+ }
+
+- in = bio_open_default(infile, 'r', informat);
+- if (in == NULL)
+- goto end;
++ if (informat != FORMAT_ENGINE) {
++ in = bio_open_default(infile, 'r', informat);
++ if (in == NULL)
++ goto end;
++ }
+
+ BIO_printf(bio_err, "read EC key\n");
+ if (informat == FORMAT_ASN1) {
+@@ -227,6 +182,16 @@ int ec_main(int argc, char **argv)
+ eckey = d2i_EC_PUBKEY_bio(in, NULL);
+ else
+ eckey = d2i_ECPrivateKey_bio(in, NULL);
++ } else if (informat == FORMAT_ENGINE) {
++ EVP_PKEY *pkey;
++ if (pubin)
++ pkey = load_pubkey(infile, informat , 1, passin, e, "Public Key");
++ else
++ pkey = load_key(infile, informat, 1, passin, e, "Private Key");
++ if (pkey != NULL) {
++ eckey = EVP_PKEY_get1_EC_KEY(pkey);
++ EVP_PKEY_free(pkey);
++ }
+ } else {
+ if (pubin)
+ eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL, NULL);
+diff --git a/apps/ecparam.c b/apps/ecparam.c
+index 55d71f7..4e6cf22 100644
+--- a/apps/ecparam.c
++++ b/apps/ecparam.c
+@@ -1,59 +1,12 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+diff --git a/apps/enc.c b/apps/enc.c
+index 9e7d069..b7e4a95 100644
+--- a/apps/enc.c
++++ b/apps/enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -108,11 +60,11 @@ OPTIONS enc_options[] = {
+ "Used with -[base64|a] to specify base64 buffer as a single line"},
+ {"bufsize", OPT_BUFSIZE, 's', "Buffer size"},
+ {"k", OPT_K, 's', "Passphrase"},
+- {"kfile", OPT_KFILE, '<', "Fead passphrase from file"},
++ {"kfile", OPT_KFILE, '<', "Read passphrase from file"},
+ {"K", OPT_UPPER_K, 's', "Raw key, in hex"},
+ {"S", OPT_UPPER_S, 's', "Salt, in hex"},
+ {"iv", OPT_IV, 's', "IV in hex"},
+- {"md", OPT_MD, 's', "Use specified digest to create key from passphrase"},
++ {"md", OPT_MD, 's', "Use specified digest to create a key from the passphrase"},
+ {"none", OPT_NONE, '-', "Don't encrypt"},
+ {"", OPT_CIPHER, '-', "Any supported cipher"},
+ #ifdef ZLIB
+@@ -291,8 +243,6 @@ int enc_main(int argc, char **argv)
+ break;
+ }
+ }
+- argc = opt_num_rest();
+- argv = opt_rest();
+
+ if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
+ BIO_printf(bio_err, "%s: AEAD ciphers not supported\n", prog);
+diff --git a/apps/engine.c b/apps/engine.c
+index b60bfbc..bb4b0c1 100644
+--- a/apps/engine.c
++++ b/apps/engine.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte <richard at levitte.org> for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -107,13 +58,17 @@ static int append_buf(char **buf, int *size, const char *s)
+ }
+
+ if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
++ char *tmp;
+ *size += 256;
+- *buf = OPENSSL_realloc(*buf, *size);
++ tmp = OPENSSL_realloc(*buf, *size);
++ if (tmp == NULL) {
++ OPENSSL_free(*buf);
++ *buf = NULL;
++ return 0;
++ }
++ *buf = tmp;
+ }
+
+- if (*buf == NULL)
+- return 0;
+-
+ if (**buf != '\0')
+ OPENSSL_strlcat(*buf, ", ", *size);
+ OPENSSL_strlcat(*buf, s, *size);
+diff --git a/apps/errstr.c b/apps/errstr.c
+index 141338a..ae7acf5 100644
+--- a/apps/errstr.c
++++ b/apps/errstr.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -106,8 +58,6 @@ int errstr_main(int argc, char **argv)
+ goto end;
+ }
+ }
+- argc = opt_num_rest();
+- argv = opt_rest();
+
+ ret = 0;
+ for (argv = opt_rest(); *argv; argv++) {
+diff --git a/apps/gendsa.c b/apps/gendsa.c
+index 33166b7..2be3b9a 100644
+--- a/apps/gendsa.c
++++ b/apps/gendsa.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+diff --git a/apps/genpkey.c b/apps/genpkey.c
+index ca5d848..7abb3e6 100644
+--- a/apps/genpkey.c
++++ b/apps/genpkey.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <string.h>
+ #include "apps.h"
+diff --git a/apps/genrsa.c b/apps/genrsa.c
+index 8b6dd03..79e2dae 100644
+--- a/apps/genrsa.c
++++ b/apps/genrsa.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+diff --git a/apps/nseq.c b/apps/nseq.c
+index 4bc4f32..018d5eb 100644
+--- a/apps/nseq.c
++++ b/apps/nseq.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/apps/ocsp.c b/apps/ocsp.c
+index ca293a9..48ceadd 100644
+--- a/apps/ocsp.c
++++ b/apps/ocsp.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -178,7 +129,8 @@ OPTIONS ocsp_options[] = {
+ "Don't verify additional certificates"},
+ {"no_intern", OPT_NO_INTERN, '-',
+ "Don't search certificates contained in response for signer"},
+- {"badsig", OPT_BADSIG, '-'},
++ {"badsig", OPT_BADSIG, '-',
++ "Corrupt last byte of loaded OSCP response signature (for test)"},
+ {"text", OPT_TEXT, '-', "Print text form of request and response"},
+ {"req_text", OPT_REQ_TEXT, '-', "Print text form of request"},
+ {"resp_text", OPT_RESP_TEXT, '-', "Print text form of response"},
+@@ -205,7 +157,7 @@ OPTIONS ocsp_options[] = {
+ {"path", OPT_PATH, 's', "Path to use in OCSP request"},
+ {"issuer", OPT_ISSUER, '<', "Issuer certificate"},
+ {"cert", OPT_CERT, '<', "Certificate to check"},
+- {"serial", OPT_SERIAL, 's', "Nerial number to check"},
++ {"serial", OPT_SERIAL, 's', "Serial number to check"},
+ {"index", OPT_INDEX, '<', "Certificate status index file"},
+ {"CA", OPT_CA, '<', "CA certificate"},
+ {"nmin", OPT_NMIN, 'p', "Number of minutes before next update"},
+@@ -216,9 +168,9 @@ OPTIONS ocsp_options[] = {
+ "Sesponder certificate to sign responses with"},
+ {"rkey", OPT_RKEY, '<', "Responder key to sign responses with"},
+ {"rother", OPT_ROTHER, '<', "Other certificates to include in response"},
+- {"rmd", OPT_RMD, 's'},
++ {"rmd", OPT_RMD, 's', "Digest Algorithm to use in signature of OCSP response"},
+ {"header", OPT_HEADER, 's', "key=value header to add"},
+- {"", OPT_MD, '-', "Any supported digest"},
++ {"", OPT_MD, '-', "Any supported digest algorithm (sha1,sha256, ... )"},
+ OPT_V_OPTIONS,
+ {NULL}
+ };
+@@ -227,6 +179,7 @@ int ocsp_main(int argc, char **argv)
+ {
+ BIO *acbio = NULL, *cbio = NULL, *derbio = NULL, *out = NULL;
+ const EVP_MD *cert_id_md = NULL, *rsign_md = NULL;
++ int trailing_md = 0;
+ CA_DB *rdb = NULL;
+ EVP_PKEY *key = NULL, *rkey = NULL;
+ OCSP_BASICRESP *bs = NULL;
+@@ -438,6 +391,7 @@ int ocsp_main(int argc, char **argv)
+ goto end;
+ if (!sk_OPENSSL_STRING_push(reqnames, opt_arg()))
+ goto end;
++ trailing_md = 0;
+ break;
+ case OPT_SERIAL:
+ if (cert_id_md == NULL)
+@@ -446,6 +400,7 @@ int ocsp_main(int argc, char **argv)
+ goto end;
+ if (!sk_OPENSSL_STRING_push(reqnames, opt_arg()))
+ goto end;
++ trailing_md = 0;
+ break;
+ case OPT_INDEX:
+ ridx_filename = opt_arg();
+@@ -473,7 +428,7 @@ int ocsp_main(int argc, char **argv)
+ case OPT_ROTHER:
+ rcertfile = opt_arg();
+ break;
+- case OPT_RMD:
++ case OPT_RMD: /* Response MessageDigest */
+ if (!opt_md(opt_arg(), &rsign_md))
+ goto end;
+ break;
+@@ -489,7 +444,7 @@ int ocsp_main(int argc, char **argv)
+ goto end;
+ break;
+ case OPT_MD:
+- if (cert_id_md != NULL) {
++ if (trailing_md) {
+ BIO_printf(bio_err,
+ "%s: Digest must be before -cert or -serial\n",
+ prog);
+@@ -497,9 +452,16 @@ int ocsp_main(int argc, char **argv)
+ }
+ if (!opt_md(opt_unknown(), &cert_id_md))
+ goto opthelp;
++ trailing_md = 1;
+ break;
+ }
+ }
++
++ if (trailing_md) {
++ BIO_printf(bio_err, "%s: Digest must be before -cert or -serial\n",
++ prog);
++ goto opthelp;
++ }
+ argc = opt_num_rest();
+ if (argc != 0)
+ goto opthelp;
+@@ -1027,13 +989,13 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
+
+ static BIO *init_responder(const char *port)
+ {
+- BIO *acbio = NULL, *bufbio = NULL;
+-
+ # ifdef OPENSSL_NO_SOCK
+ BIO_printf(bio_err,
+ "Error setting up accept BIO - sockets not supported.\n");
+ return NULL;
+-# endif
++# else
++ BIO *acbio = NULL, *bufbio = NULL;
++
+ bufbio = BIO_new(BIO_f_buffer());
+ if (bufbio == NULL)
+ goto err;
+@@ -1060,9 +1022,10 @@ static BIO *init_responder(const char *port)
+ BIO_free_all(acbio);
+ BIO_free(bufbio);
+ return NULL;
++# endif
+ }
+
+-
++# ifndef OPENSSL_NO_SOCK
+ /*
+ * Decode %xx URL-decoding in-place. Ignores mal-formed sequences.
+ */
+@@ -1086,9 +1049,13 @@ static int urldecode(char *p)
+ *out = '\0';
+ return (int)(out - save);
+ }
++# endif
+
+ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio)
+ {
++# ifdef OPENSSL_NO_SOCK
++ return 0;
++# else
+ int len;
+ OCSP_REQUEST *req = NULL;
+ char inbuf[2048], reqbuf[2048];
+@@ -1169,7 +1136,7 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio)
+ *preq = req;
+
+ return 1;
+-
++# endif
+ }
+
+ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
+diff --git a/apps/openssl.c b/apps/openssl.c
+index c8912ee..f069277 100644
+--- a/apps/openssl.c
++++ b/apps/openssl.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -305,7 +204,7 @@ int main(int argc, char *argv[])
+ extern void add_history(const char *cp);
+ char *text;
+
+- char *text = readline(prompt);
++ text = readline(prompt);
+ if (text == NULL)
+ goto end;
+ i = strlen(text);
+@@ -491,10 +390,8 @@ int help_main(int argc, char **argv)
+ return 0;
+ }
+ }
+- argc = opt_num_rest();
+- argv = opt_rest();
+
+- if (argc != 0) {
++ if (opt_num_rest() != 0) {
+ BIO_printf(bio_err, "Usage: %s\n", prog);
+ return 1;
+ }
+@@ -628,7 +525,7 @@ static int function_cmp(const FUNCTION * a, const FUNCTION * b)
+
+ static unsigned long function_hash(const FUNCTION * a)
+ {
+- return lh_strhash(a->name);
++ return OPENSSL_LH_strhash(a->name);
+ }
+
+ static int SortFnByName(const void *_f1, const void *_f2)
+@@ -743,9 +640,6 @@ static void list_disabled(void)
+ #ifdef OPENSSL_NO_SCRYPT
+ BIO_puts(bio_out, "SCRYPT\n");
+ #endif
+-#ifdef OPENSSL_NO_SCT
+- BIO_puts(bio_out, "SCT\n");
+-#endif
+ #ifdef OPENSSL_NO_SCTP
+ BIO_puts(bio_out, "SCTP\n");
+ #endif
+@@ -761,15 +655,9 @@ static void list_disabled(void)
+ #ifdef OPENSSL_NO_SRTP
+ BIO_puts(bio_out, "SRTP\n");
+ #endif
+-#ifdef OPENSSL_NO_SSL
+- BIO_puts(bio_out, "SSL\n");
+-#endif
+ #ifdef OPENSSL_NO_SSL3
+ BIO_puts(bio_out, "SSL3\n");
+ #endif
+-#if defined(OPENSSL_NO_TLS)
+- BIO_puts(bio_out, "TLS\n");
+-#endif
+ #ifdef OPENSSL_NO_TLS1
+ BIO_puts(bio_out, "TLS1\n");
+ #endif
+diff --git a/apps/opt.c b/apps/opt.c
+index 63d3215..87d3e4d 100644
+--- a/apps/opt.c
++++ b/apps/opt.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* #define COMPILE_STANDALONE_TEST_DRIVER */
+@@ -59,6 +19,7 @@
+ #include <ctype.h>
+ #include <limits.h>
+ #include <openssl/bio.h>
++#include <openssl/x509v3.h>
+
+ #define MAX_OPT_HELP_WIDTH 30
+ const char OPT_HELP_STR[] = "--";
+@@ -179,7 +140,7 @@ char *opt_init(int ac, char **av, const OPTIONS *o)
+ switch (i) {
+ case 0: case '-': case '/': case '<': case '>': case 'E': case 'F':
+ case 'M': case 'U': case 'f': case 'l': case 'n': case 'p': case 's':
+- case 'u':
++ case 'u': case 'c':
+ break;
+ default:
+ assert(0);
+@@ -615,10 +576,10 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
+ break;
+ case OPT_V_NO_ALT_CHAINS:
+ X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_NO_ALT_CHAINS);
+- break;
++ break;
+ case OPT_V_NO_CHECK_TIME:
+ X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_NO_CHECK_TIME);
+- break;
++ break;
+ }
+ return 1;
+
+@@ -755,10 +716,12 @@ int opt_next(void)
+ return -1;
+ }
+ break;
++ case 'c':
+ case 'E':
+ case 'F':
+ case 'f':
+ if (opt_format(arg,
++ o->valtype == 'c' ? OPT_FMT_PDS :
+ o->valtype == 'E' ? OPT_FMT_PDE :
+ o->valtype == 'F' ? OPT_FMT_PEMDER
+ : OPT_FMT_ANY, &ival))
+diff --git a/apps/passwd.c b/apps/passwd.c
+index 98092bb..e282521 100644
+--- a/apps/passwd.c
++++ b/apps/passwd.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2000-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++/*
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #if defined OPENSSL_NO_MD5 || defined CHARSET_EBCDIC
+@@ -175,6 +135,7 @@ int passwd_main(int argc, char **argv)
+ if (pw_source_defined)
+ goto opthelp;
+ in_stdin = 1;
++ pw_source_defined = 1;
+ break;
+ }
+ }
+diff --git a/apps/pkcs12.c b/apps/pkcs12.c
+index 406b103..8602a99 100644
+--- a/apps/pkcs12.c
++++ b/apps/pkcs12.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -674,6 +625,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
+ PKCS8_PRIV_KEY_INFO *p8;
+ X509 *x509;
+ STACK_OF(X509_ATTRIBUTE) *attrs;
++ int ret = 0;
+
+ attrs = PKCS12_SAFEBAG_get0_attrs(bag);
+
+@@ -688,7 +640,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
+ if ((pkey = EVP_PKCS82PKEY(p8)) == NULL)
+ return 0;
+ print_attribs(out, PKCS8_pkey_get0_attrs(p8), "Key Attributes");
+- PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
++ ret = PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
+ EVP_PKEY_free(pkey);
+ break;
+
+@@ -713,7 +665,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
+ }
+ print_attribs(out, PKCS8_pkey_get0_attrs(p8), "Key Attributes");
+ PKCS8_PRIV_KEY_INFO_free(p8);
+- PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
++ ret = PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
+ EVP_PKEY_free(pkey);
+ break;
+
+@@ -733,7 +685,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
+ if ((x509 = PKCS12_SAFEBAG_get1_cert(bag)) == NULL)
+ return 0;
+ dump_cert_text(out, x509);
+- PEM_write_bio_X509(out, x509);
++ ret = PEM_write_bio_X509(out, x509);
+ X509_free(x509);
+ break;
+
+@@ -750,7 +702,7 @@ int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
+ BIO_printf(bio_err, "\n");
+ return 1;
+ }
+- return 1;
++ return ret;
+ }
+
+ /* Given a single certificate return a verified chain or NULL if error */
+diff --git a/apps/pkcs7.c b/apps/pkcs7.c
+index ad8330d..8763df0 100644
+--- a/apps/pkcs7.c
++++ b/apps/pkcs7.c
+@@ -1,106 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -222,12 +126,16 @@ int pkcs7_main(int argc, char **argv)
+ i = OBJ_obj2nid(p7->type);
+ switch (i) {
+ case NID_pkcs7_signed:
+- certs = p7->d.sign->cert;
+- crls = p7->d.sign->crl;
++ if (p7->d.sign != NULL) {
++ certs = p7->d.sign->cert;
++ crls = p7->d.sign->crl;
++ }
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+- certs = p7->d.signed_and_enveloped->cert;
+- crls = p7->d.signed_and_enveloped->crl;
++ if (p7->d.signed_and_enveloped != NULL) {
++ certs = p7->d.signed_and_enveloped->cert;
++ crls = p7->d.signed_and_enveloped->crl;
++ }
+ break;
+ default:
+ break;
+diff --git a/apps/pkcs8.c b/apps/pkcs8.c
+index 15b8e6a..22b5866 100644
+--- a/apps/pkcs8.c
++++ b/apps/pkcs8.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999-2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -71,7 +23,8 @@ typedef enum OPTION_choice {
+ #ifndef OPENSSL_NO_SCRYPT
+ OPT_SCRYPT, OPT_SCRYPT_N, OPT_SCRYPT_R, OPT_SCRYPT_P,
+ #endif
+- OPT_V2, OPT_V1, OPT_V2PRF, OPT_ITER, OPT_PASSIN, OPT_PASSOUT
++ OPT_V2, OPT_V1, OPT_V2PRF, OPT_ITER, OPT_PASSIN, OPT_PASSOUT,
++ OPT_TRADITIONAL
+ } OPTION_CHOICE;
+
+ OPTIONS pkcs8_options[] = {
+@@ -89,6 +42,7 @@ OPTIONS pkcs8_options[] = {
+ {"iter", OPT_ITER, 'p', "Specify the iteration count"},
+ {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+ {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
++ {"traditional", OPT_TRADITIONAL, '-', "use traditional format private key"},
+ #ifndef OPENSSL_NO_ENGINE
+ {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
+ #endif
+@@ -118,7 +72,7 @@ int pkcs8_main(int argc, char **argv)
+ OPTION_CHOICE o;
+ int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER;
+ int informat = FORMAT_PEM, outformat = FORMAT_PEM, topk8 = 0, pbe_nid = -1;
+- int private = 0;
++ int private = 0, traditional = 0;
+ #ifndef OPENSSL_NO_SCRYPT
+ long scrypt_N = 0, scrypt_r = 0, scrypt_p = 0;
+ #endif
+@@ -158,6 +112,9 @@ int pkcs8_main(int argc, char **argv)
+ case OPT_NOCRYPT:
+ nocrypt = 1;
+ break;
++ case OPT_TRADITIONAL:
++ traditional = 1;
++ break;
+ case OPT_V2:
+ if (!opt_cipher(opt_arg(), &cipher))
+ goto opthelp;
+@@ -177,6 +134,8 @@ int pkcs8_main(int argc, char **argv)
+ "%s: Unknown PRF algorithm %s\n", prog, opt_arg());
+ goto opthelp;
+ }
++ if (cipher == NULL)
++ cipher = EVP_aes_256_cbc();
+ break;
+ case OPT_ITER:
+ if (!opt_int(opt_arg(), &iter))
+@@ -225,8 +184,8 @@ int pkcs8_main(int argc, char **argv)
+ goto end;
+ }
+
+- if ((pbe_nid == -1) && !cipher)
+- pbe_nid = NID_pbeWithMD5AndDES_CBC;
++ if ((pbe_nid == -1) && cipher == NULL)
++ cipher = EVP_aes_256_cbc();
+
+ in = bio_open_default(infile, 'r', informat);
+ if (in == NULL)
+@@ -341,7 +300,10 @@ int pkcs8_main(int argc, char **argv)
+ else if (1) {
+ #ifndef OPENSSL_NO_UI
+ p8pass = pass;
+- EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
++ if (EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0)) {
++ BIO_printf(bio_err, "Can't read Password\n");
++ goto end;
++ }
+ } else {
+ #endif
+ BIO_printf(bio_err, "Password required\n");
+@@ -363,11 +325,15 @@ int pkcs8_main(int argc, char **argv)
+ }
+
+ assert(private);
+- if (outformat == FORMAT_PEM)
+- PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
+- else if (outformat == FORMAT_ASN1)
++ if (outformat == FORMAT_PEM) {
++ if (traditional)
++ PEM_write_bio_PrivateKey_traditional(out, pkey, NULL, NULL, 0,
++ NULL, passout);
++ else
++ PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
++ } else if (outformat == FORMAT_ASN1) {
+ i2d_PrivateKey_bio(out, pkey);
+- else {
++ } else {
+ BIO_printf(bio_err, "Bad format specified for key\n");
+ goto end;
+ }
+diff --git a/apps/pkey.c b/apps/pkey.c
+index 122ced7..50ee05f 100644
+--- a/apps/pkey.c
++++ b/apps/pkey.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <string.h>
+ #include "apps.h"
+@@ -66,12 +18,12 @@ typedef enum OPTION_choice {
+ OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
+ OPT_INFORM, OPT_OUTFORM, OPT_PASSIN, OPT_PASSOUT, OPT_ENGINE,
+ OPT_IN, OPT_OUT, OPT_PUBIN, OPT_PUBOUT, OPT_TEXT_PUB,
+- OPT_TEXT, OPT_NOOUT, OPT_MD
++ OPT_TEXT, OPT_NOOUT, OPT_MD, OPT_TRADITIONAL
+ } OPTION_CHOICE;
+
+ OPTIONS pkey_options[] = {
+ {"help", OPT_HELP, '-', "Display this summary"},
+- {"inform", OPT_INFORM, 'F', "Input format (DER or PEM)"},
++ {"inform", OPT_INFORM, 'f', "Input format (DER or PEM)"},
+ {"outform", OPT_OUTFORM, 'F', "Output format (DER or PEM)"},
+ {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+ {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
+@@ -84,6 +36,8 @@ OPTIONS pkey_options[] = {
+ {"text", OPT_TEXT, '-', "Output in plaintext as well"},
+ {"noout", OPT_NOOUT, '-', "Don't output the key"},
+ {"", OPT_MD, '-', "Any supported cipher"},
++ {"traditional", OPT_TRADITIONAL, '-',
++ "Use traditional format for private keys"},
+ #ifndef OPENSSL_NO_ENGINE
+ {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
+ #endif
+@@ -101,7 +55,7 @@ int pkey_main(int argc, char **argv)
+ OPTION_CHOICE o;
+ int informat = FORMAT_PEM, outformat = FORMAT_PEM;
+ int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0, ret = 1;
+- int private = 0;
++ int private = 0, traditional = 0;
+
+ prog = opt_init(argc, argv, pkey_options);
+ while ((o = opt_next()) != OPT_EOF) {
+@@ -153,6 +107,9 @@ int pkey_main(int argc, char **argv)
+ case OPT_NOOUT:
+ noout = 1;
+ break;
++ case OPT_TRADITIONAL:
++ traditional = 1;
++ break;
+ case OPT_MD:
+ if (!opt_cipher(opt_unknown(), &cipher))
+ goto opthelp;
+@@ -188,8 +145,13 @@ int pkey_main(int argc, char **argv)
+ PEM_write_bio_PUBKEY(out, pkey);
+ else {
+ assert(private);
+- PEM_write_bio_PrivateKey(out, pkey, cipher,
+- NULL, 0, NULL, passout);
++ if (traditional)
++ PEM_write_bio_PrivateKey_traditional(out, pkey, cipher,
++ NULL, 0, NULL,
++ passout);
++ else
++ PEM_write_bio_PrivateKey(out, pkey, cipher,
++ NULL, 0, NULL, passout);
+ }
+ } else if (outformat == FORMAT_ASN1) {
+ if (pubout)
+diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c
+index d55adef..f6bcb8f 100644
+--- a/apps/pkeyparam.c
++++ b/apps/pkeyparam.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <string.h>
+ #include "apps.h"
+diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
+index fe7f586..0dc3897 100644
+--- a/apps/pkeyutl.c
++++ b/apps/pkeyutl.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "apps.h"
+@@ -109,7 +60,7 @@ OPTIONS pkeyutl_options[] = {
+ {"sigfile", OPT_SIGFILE, '<', "Signature file (verify operation only)"},
+ {"inkey", OPT_INKEY, 's', "Input private key file"},
+ {"peerkey", OPT_PEERKEY, 's', "Peer key file used in key derivation"},
+- {"passin", OPT_PASSIN, 's', "Pass phrase source"},
++ {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+ {"peerform", OPT_PEERFORM, 'E', "Peer key format - default PEM"},
+ {"keyform", OPT_KEYFORM, 'E', "Private key format - default PEM"},
+ {"pkeyopt", OPT_PKEYOPT, 's', "Public key options as opt:value"},
+diff --git a/apps/prime.c b/apps/prime.c
+index b18257d..940fd45 100644
+--- a/apps/prime.c
++++ b/apps/prime.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
++/*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+@@ -122,16 +82,34 @@ int prime_main(int argc, char **argv)
+ goto end;
+ }
+ bn = BN_new();
+- BN_generate_prime_ex(bn, bits, safe, NULL, NULL, NULL);
++ if (bn == NULL) {
++ BIO_printf(bio_err, "Out of memory.\n");
++ goto end;
++ }
++ if (!BN_generate_prime_ex(bn, bits, safe, NULL, NULL, NULL)) {
++ BIO_printf(bio_err, "Failed to generate prime.\n");
++ goto end;
++ }
+ s = hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
++ if (s == NULL) {
++ BIO_printf(bio_err, "Out of memory.\n");
++ goto end;
++ }
+ BIO_printf(bio_out, "%s\n", s);
+ OPENSSL_free(s);
+ } else {
+ for ( ; *argv; argv++) {
++ int r;
++
+ if (hex)
+- BN_hex2bn(&bn, argv[0]);
++ r = BN_hex2bn(&bn, argv[0]);
+ else
+- BN_dec2bn(&bn, argv[0]);
++ r = BN_dec2bn(&bn, argv[0]);
++
++ if(!r) {
++ BIO_printf(bio_err, "Failed to process value (%s)\n", argv[0]);
++ goto end;
++ }
+
+ BN_print(bio_out, bn);
+ BIO_printf(bio_out, " (%s) %s prime\n",
+@@ -143,6 +121,7 @@ int prime_main(int argc, char **argv)
+
+ BN_free(bn);
+
++ ret = 0;
+ end:
+ return ret;
+ }
+diff --git a/apps/progs.h b/apps/progs.h
+index c8779d9..ac9d208 100644
+--- a/apps/progs.h
++++ b/apps/progs.h
+@@ -1,12 +1,13 @@
+ /*
+- * Automatically generated by progs.pl for openssl.c
+- * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ * WARNING: do not edit!
++ * Generated by apps/progs.pl
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ typedef enum FUNC_TYPE {
+@@ -213,27 +214,15 @@ static FUNCTION functions[] = {
+ #ifndef OPENSSL_NO_MD4
+ { FT_md, "md4", dgst_main},
+ #endif
+-#ifndef OPENSSL_NO_MD5
+ { FT_md, "md5", dgst_main},
+-#endif
+ #ifndef OPENSSL_NO_GOST
+ { FT_md, "gost", dgst_main},
+ #endif
+-#ifndef OPENSSL_NO_SHA
+ { FT_md, "sha1", dgst_main},
+-#endif
+-#ifndef OPENSSL_NO_SHA
+ { FT_md, "sha224", dgst_main},
+-#endif
+-#ifndef OPENSSL_NO_SHA
+ { FT_md, "sha256", dgst_main},
+-#endif
+-#ifndef OPENSSL_NO_SHA
+ { FT_md, "sha384", dgst_main},
+-#endif
+-#ifndef OPENSSL_NO_SHA
+ { FT_md, "sha512", dgst_main},
+-#endif
+ #ifndef OPENSSL_NO_MDC2
+ { FT_md, "mdc2", dgst_main},
+ #endif
+diff --git a/apps/progs.pl b/apps/progs.pl
+index ee6ce92..3ec16d5 100644
+--- a/apps/progs.pl
++++ b/apps/progs.pl
+@@ -1,12 +1,10 @@
+-#!/usr/bin/perl
+-
+-# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Licensed under the OpenSSL licenses, (the "License");
+-# you may not use this file except in compliance with the License.
+-# You may obtain a copy of the License at
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
+ # https://www.openssl.org/source/license.html
+-# or in the file LICENSE in the source distribution.
+
+ # Generate progs.h file by looking for command mains in list of C files
+ # passed on the command line.
+@@ -31,14 +29,15 @@ foreach my $filename (@ARGV) {
+
+ print <<'EOF';
+ /*
+- * Automatically generated by progs.pl for openssl.c
+- * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ * WARNING: do not edit!
++ * Generated by apps/progs.pl
++ *
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ typedef enum FUNC_TYPE {
+@@ -94,11 +93,6 @@ foreach my $cmd (@ARGV) {
+ }
+
+ my %md_disabler = (
+- sha1 => "sha",
+- sha224 => "sha",
+- sha256 => "sha",
+- sha384 => "sha",
+- sha512 => "sha",
+ blake2b512 => "blake2",
+ blake2s256 => "blake2",
+ );
+@@ -114,7 +108,7 @@ foreach my $cmd (
+ } elsif (my $disabler = $md_disabler{$cmd}) {
+ print "#ifndef OPENSSL_NO_".uc($disabler)."\n${str}#endif\n";
+ } else {
+- print "#ifndef OPENSSL_NO_".uc($cmd)."\n${str}#endif\n";
++ print $str;
+ }
+ }
+
+diff --git a/apps/rand.c b/apps/rand.c
+index bd6fdff..89a23a2 100644
+--- a/apps/rand.c
++++ b/apps/rand.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "apps.h"
+diff --git a/apps/rehash.c b/apps/rehash.c
+index 895a222..7337942 100644
+--- a/apps/rehash.c
++++ b/apps/rehash.c
+@@ -1,60 +1,16 @@
+ /*
+- * C implementation based on the original Perl and shell versions
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Copyright (c) 2013-2014 Timo Teräs <timo.teras at iki.fi>
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++
++/*
++ * C implementation based on the original Perl and shell versions
+ *
++ * Copyright (c) 2013-2014 Timo Teräs <timo.teras at iki.fi>
+ */
+
+ #include "apps.h"
+diff --git a/apps/req.c b/apps/req.c
+index 7f4a946..aaca43a 100644
+--- a/apps/req.c
++++ b/apps/req.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -386,7 +338,7 @@ int req_main(int argc, char **argv)
+ if (verbose)
+ BIO_printf(bio_err, "Using configuration from %s\n", template);
+ req_conf = app_load_config(template);
+- if (!app_load_modules(req_conf))
++ if (template != default_config_file && !app_load_modules(req_conf))
+ goto end;
+
+ if (req_conf != NULL) {
+diff --git a/apps/rsa.c b/apps/rsa.c
+index 980d9ef..3a1195f 100644
+--- a/apps/rsa.c
++++ b/apps/rsa.c
+@@ -1,106 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+diff --git a/apps/rsautl.c b/apps/rsautl.c
+index 728352c..84f0164 100644
+--- a/apps/rsautl.c
++++ b/apps/rsautl.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -105,7 +56,7 @@ OPTIONS rsautl_options[] = {
+ {"rev", OPT_REV, '-', "Reverse the order of the input buffer"},
+ {"encrypt", OPT_ENCRYPT, '-', "Encrypt with public key"},
+ {"decrypt", OPT_DECRYPT, '-', "Decrypt with private key"},
+- {"passin", OPT_PASSIN, 's', "Pass phrase source"},
++ {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+ # ifndef OPENSSL_NO_ENGINE
+ {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
+ # endif
+diff --git a/apps/s_apps.h b/apps/s_apps.h
+index b029635..c47932b 100644
+--- a/apps/s_apps.h
++++ b/apps/s_apps.h
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <openssl/opensslconf.h>
+
+ #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
+diff --git a/apps/s_cb.c b/apps/s_cb.c
+index abcbad4..9481fa5 100644
+--- a/apps/s_cb.c
++++ b/apps/s_cb.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* callback functions used by s_client, s_server, and s_time */
+@@ -406,8 +305,6 @@ int ssl_print_point_formats(BIO *out, SSL *s)
+
+ }
+ }
+- if (nformats <= 0)
+- BIO_puts(out, "NONE");
+ BIO_puts(out, "\n");
+ return 1;
+ }
+@@ -439,8 +336,6 @@ int ssl_print_curves(BIO *out, SSL *s, int noshared)
+ BIO_printf(out, "%s", cname);
+ }
+ }
+- if (ncurves == 0)
+- BIO_puts(out, "NONE");
+ OPENSSL_free(curves);
+ if (noshared) {
+ BIO_puts(out, "\n");
+diff --git a/apps/s_client.c b/apps/s_client.c
+index d658e04..4b9880a 100644
+--- a/apps/s_client.c
++++ b/apps/s_client.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+@@ -189,9 +89,6 @@ extern int verify_return_error;
+ extern int verify_quiet;
+
+ static char *prog;
+-static int async = 0;
+-static unsigned int split_send_fragment = 0;
+-static unsigned int max_pipelines = 0;
+ static int c_nbio = 0;
+ static int c_tlsextdebug = 0;
+ static int c_status_req = 0;
+@@ -238,6 +135,7 @@ static void do_ssl_shutdown(SSL *ssl)
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_ASYNC:
++ case SSL_ERROR_WANT_ASYNC_JOB:
+ /* We just do busy waiting. Nothing clever */
+ continue;
+ }
+@@ -341,7 +239,7 @@ typedef struct srp_arg_st {
+ int msg; /* copy from c_msg */
+ int debug; /* copy from c_debug */
+ int amp; /* allow more groups */
+- int strength /* minimal size for N */ ;
++ int strength; /* minimal size for N */
+ } SRP_ARG;
+
+ # define SRP_NUMBER_ITERATIONS_FOR_PRIME 64
+@@ -375,7 +273,7 @@ static int srp_Verify_N_and_g(const BIGNUM *N, const BIGNUM *g)
+ * The callback is only called for a non default group.
+ *
+ * An application does not need the call back at all if
+- * only the stanard groups are used. In real life situations,
++ * only the standard groups are used. In real life situations,
+ * client and server already share well known groups,
+ * thus there is no need to verify them.
+ * Furthermore, in case that a server actually proposes a group that
+@@ -508,7 +406,7 @@ static ossl_ssize_t hexdecode(const char **inptr, void *result)
+ {
+ unsigned char **out = (unsigned char **)result;
+ const char *in = *inptr;
+- unsigned char *ret = OPENSSL_malloc(strlen(in)/2);
++ unsigned char *ret = app_malloc(strlen(in)/2, "hexdecode");
+ unsigned char *cp = ret;
+ uint8_t byte;
+ int nibble = 0;
+@@ -517,19 +415,16 @@ static ossl_ssize_t hexdecode(const char **inptr, void *result)
+ return -1;
+
+ for (byte = 0; *in; ++in) {
+- char c;
++ int x;
+
+ if (isspace(_UC(*in)))
+ continue;
+- c = tolower(_UC(*in));
+- if ('0' <= c && c <= '9') {
+- byte |= c - '0';
+- } else if ('a' <= c && c <= 'f') {
+- byte |= c - 'a' + 10;
+- } else {
++ x = OPENSSL_hexchar2int(*in);
++ if (x < 0) {
+ OPENSSL_free(ret);
+ return 0;
+ }
++ byte |= (char)x;
+ if ((nibble ^= 1) == 0) {
+ *cp++ = byte;
+ byte = 0;
+@@ -651,8 +546,14 @@ typedef enum OPTION_choice {
+ OPT_DEBUG, OPT_TLSEXTDEBUG, OPT_STATUS, OPT_WDEBUG,
+ OPT_MSG, OPT_MSGFILE, OPT_ENGINE, OPT_TRACE, OPT_SECURITY_DEBUG,
+ OPT_SECURITY_DEBUG_VERBOSE, OPT_SHOWCERTS, OPT_NBIO_TEST, OPT_STATE,
+- OPT_PSK_IDENTITY, OPT_PSK, OPT_SRPUSER, OPT_SRPPASS, OPT_SRP_STRENGTH,
+- OPT_SRP_LATEUSER, OPT_SRP_MOREGROUPS, OPT_SSL3, OPT_SSL_CONFIG,
++#ifndef OPENSSL_NO_PSK
++ OPT_PSK_IDENTITY, OPT_PSK,
++#endif
++#ifndef OPENSSL_NO_SRP
++ OPT_SRPUSER, OPT_SRPPASS, OPT_SRP_STRENGTH, OPT_SRP_LATEUSER,
++ OPT_SRP_MOREGROUPS,
++#endif
++ OPT_SSL3, OPT_SSL_CONFIG,
+ OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
+ OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_KEYFORM, OPT_PASS,
+ OPT_CERT_CHAIN, OPT_CAPATH, OPT_NOCAPATH, OPT_CHAINCAPATH, OPT_VERIFYCAPATH,
+@@ -813,7 +714,7 @@ OPTIONS s_client_options[] = {
+ {"psk", OPT_PSK, 's', "PSK in hex (without 0x)"},
+ #endif
+ #ifndef OPENSSL_NO_SRP
+- {"srpuser", OPT_SRPUSER, 's', "SRP authentification for 'user'"},
++ {"srpuser", OPT_SRPUSER, 's', "SRP authentication for 'user'"},
+ {"srppass", OPT_SRPPASS, 's', "Password for 'user'"},
+ {"srp_lateuser", OPT_SRP_LATEUSER, '-',
+ "SRP username into second ClientHello message"},
+@@ -835,7 +736,7 @@ OPTIONS s_client_options[] = {
+ {"noct", OPT_NOCT, '-', "Do not request or parse SCTs (default)"},
+ {"ctlogfile", OPT_CTLOG_FILE, '<', "CT log list CONF file"},
+ #endif
+- {NULL}
++ {NULL, OPT_EOF, 0x00, NULL}
+ };
+
+ typedef enum PROTOCOL_choice {
+@@ -851,7 +752,7 @@ typedef enum PROTOCOL_choice {
+ PROTO_IRC
+ } PROTOCOL_CHOICE;
+
+-static OPT_PAIR services[] = {
++static const OPT_PAIR services[] = {
+ {"smtp", PROTO_SMTP},
+ {"pop3", PROTO_POP3},
+ {"imap", PROTO_IMAP},
+@@ -860,7 +761,7 @@ static OPT_PAIR services[] = {
+ {"xmpp-server", PROTO_XMPP_SERVER},
+ {"telnet", PROTO_TELNET},
+ {"irc", PROTO_IRC},
+- {NULL}
++ {NULL, 0}
+ };
+
+ int s_client_main(int argc, char **argv)
+@@ -937,6 +838,9 @@ int s_client_main(int argc, char **argv)
+ int ct_validation = 0;
+ #endif
+ int min_version = 0, max_version = 0;
++ int async = 0;
++ unsigned int split_send_fragment = 0;
++ unsigned int max_pipelines = 0;
+
+ FD_ZERO(&readfds);
+ FD_ZERO(&writefds);
+@@ -1136,7 +1040,6 @@ int s_client_main(int argc, char **argv)
+ BIO_printf(bio_err, "Error getting client auth engine\n");
+ goto opthelp;
+ }
+- break;
+ #endif
+ break;
+ case OPT_RAND:
+@@ -1200,10 +1103,6 @@ int s_client_main(int argc, char **argv)
+ goto end;
+ }
+ break;
+-#else
+- case OPT_PSK_IDENTITY:
+- case OPT_PSK:
+- break;
+ #endif
+ #ifndef OPENSSL_NO_SRP
+ case OPT_SRPUSER:
+@@ -1233,13 +1132,6 @@ int s_client_main(int argc, char **argv)
+ if (min_version < TLS1_VERSION)
+ min_version = TLS1_VERSION;
+ break;
+-#else
+- case OPT_SRPUSER:
+- case OPT_SRPPASS:
+- case OPT_SRP_STRENGTH:
+- case OPT_SRP_LATEUSER:
+- case OPT_SRP_MOREGROUPS:
+- break;
+ #endif
+ case OPT_SSL_CONFIG:
+ ssl_config = opt_arg();
+@@ -1384,6 +1276,7 @@ int s_client_main(int argc, char **argv)
+ case OPT_STARTTLS:
+ if (!opt_pair(opt_arg(), services, &starttls_proto))
+ goto end;
++ break;
+ case OPT_SERVERNAME:
+ servername = opt_arg();
+ break;
+@@ -1801,9 +1694,9 @@ int s_client_main(int argc, char **argv)
+ goto end;
+ }
+ } else if (dane_tlsa_rrset != NULL) {
+- BIO_printf(bio_err, "%s: DANE TLSA authentication requires the "
+- "-dane_tlsa_domain option.\n", prog);
+- goto end;
++ BIO_printf(bio_err, "%s: DANE TLSA authentication requires the "
++ "-dane_tlsa_domain option.\n", prog);
++ goto end;
+ }
+
+ re_start:
+@@ -2267,18 +2160,8 @@ int s_client_main(int argc, char **argv)
+ tv.tv_usec = 0;
+ i = select(width, (void *)&readfds, (void *)&writefds,
+ NULL, &tv);
+-# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
+- if (!i && (!_kbhit() || !read_tty))
++ if (!i && (!has_stdin_waiting() || !read_tty))
+ continue;
+-# else
+- if (!i && (!((_kbhit())
+- || (WAIT_OBJECT_0 ==
+- WaitForSingleObject(GetStdHandle
+- (STD_INPUT_HANDLE),
+- 0)))
+- || !read_tty))
+- continue;
+-# endif
+ } else
+ i = select(width, (void *)&readfds, (void *)&writefds,
+ NULL, timeoutp);
+@@ -2359,6 +2242,8 @@ int s_client_main(int argc, char **argv)
+ write_ssl = 0;
+ }
+ break;
++ case SSL_ERROR_WANT_ASYNC_JOB:
++ /* This shouldn't ever happen in s_client - treat as an error */
+ case SSL_ERROR_SSL:
+ ERR_print_errors(bio_err);
+ goto shut;
+@@ -2445,20 +2330,17 @@ int s_client_main(int argc, char **argv)
+ BIO_printf(bio_c_out, "closed\n");
+ ret = 0;
+ goto shut;
++ case SSL_ERROR_WANT_ASYNC_JOB:
++ /* This shouldn't ever happen in s_client. Treat as an error */
+ case SSL_ERROR_SSL:
+ ERR_print_errors(bio_err);
+ goto shut;
+ /* break; */
+ }
+ }
+-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
+-# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
+- else if (_kbhit())
+-# else
+- else if ((_kbhit())
+- || (WAIT_OBJECT_0 ==
+- WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
+-# endif
++/* OPENSSL_SYS_MSDOS includes OPENSSL_SYS_WINDOWS */
++#if defined(OPENSSL_SYS_MSDOS)
++ else if (has_stdin_waiting())
+ #else
+ else if (FD_ISSET(fileno(stdin), &readfds))
+ #endif
+@@ -2520,6 +2402,16 @@ int s_client_main(int argc, char **argv)
+ if (in_init)
+ print_stuff(bio_c_out, con, full_log);
+ do_ssl_shutdown(con);
++#if defined(OPENSSL_SYS_WINDOWS)
++ /*
++ * Give the socket time to send its last data before we close it.
++ * No amount of setting SO_LINGER etc on the socket seems to persuade
++ * Windows to send the data before closing the socket...but sleeping
++ * for a short time seems to do it (units in ms)
++ * TODO: Find a better way to do this
++ */
++ Sleep(50);
++#endif
+ BIO_closesocket(SSL_get_fd(con));
+ end:
+ if (con != NULL) {
+@@ -2669,6 +2561,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
+ SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
+ if (peer != NULL) {
+ EVP_PKEY *pktmp;
++
+ pktmp = X509_get0_pubkey(peer);
+ BIO_printf(bio, "Server public key is %d bit\n",
+ EVP_PKEY_bits(pktmp));
+diff --git a/apps/s_server.c b/apps/s_server.c
+index 6c8541e..08753c3 100644
+--- a/apps/s_server.c
++++ b/apps/s_server.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+@@ -181,6 +81,9 @@ typedef unsigned int u_int;
+ #endif
+ #include "s_apps.h"
+ #include "timeouts.h"
++#ifdef CHARSET_EBCDIC
++#include <openssl/ebcdic.h>
++#endif
+
+ static int not_resumable_sess_cb(SSL *s, int is_forward_secure);
+ static int sv_body(int s, int stype, unsigned char *context);
+@@ -243,9 +146,6 @@ static int async = 0;
+ static unsigned int split_send_fragment = 0;
+ static unsigned int max_pipelines = 0;
+
+-#ifndef OPENSSL_NO_ENGINE
+-static char *engine_id = NULL;
+-#endif
+ static const char *session_id_prefix = NULL;
+
+ #ifndef OPENSSL_NO_DTLS
+@@ -402,9 +302,6 @@ static void s_server_init(void)
+ async = 0;
+ split_send_fragment = 0;
+ max_pipelines = 0;
+-#ifndef OPENSSL_NO_ENGINE
+- engine_id = NULL;
+-#endif
+ }
+
+ static int local_argc = 0;
+@@ -420,17 +317,7 @@ static int ebcdic_gets(BIO *bp, char *buf, int size);
+ static int ebcdic_puts(BIO *bp, const char *str);
+
+ # define BIO_TYPE_EBCDIC_FILTER (18|0x0200)
+-static const BIO_METHOD methods_ebcdic = {
+- BIO_TYPE_EBCDIC_FILTER,
+- "EBCDIC/ASCII filter",
+- ebcdic_write,
+- ebcdic_read,
+- ebcdic_puts,
+- ebcdic_gets,
+- ebcdic_ctrl,
+- ebcdic_new,
+- ebcdic_free,
+-};
++static BIO_METHOD *methods_ebcdic = NULL;
+
+ /* This struct is "unwarranted chumminess with the compiler." */
+ typedef struct {
+@@ -438,9 +325,22 @@ typedef struct {
+ char buff[1];
+ } EBCDIC_OUTBUFF;
+
+-const BIO_METHOD *BIO_f_ebcdic_filter()
++static const BIO_METHOD *BIO_f_ebcdic_filter()
+ {
+- return (&methods_ebcdic);
++ if (methods_ebcdic == NULL) {
++ methods_ebcdic = BIO_meth_new(BIO_TYPE_EBCDIC_FILTER,
++ "EBCDIC/ASCII filter");
++ if ( methods_ebcdic == NULL
++ || !BIO_meth_set_write(methods_ebcdic, ebcdic_write)
++ || !BIO_meth_set_read(methods_ebcdic, ebcdic_read)
++ || !BIO_meth_set_puts(methods_ebcdic, ebcdic_puts)
++ || !BIO_meth_set_gets(methods_ebcdic, ebcdic_gets)
++ || !BIO_meth_set_ctrl(methods_ebcdic, ebcdic_ctrl)
++ || !BIO_meth_set_create(methods_ebcdic, ebcdic_new)
++ || !BIO_meth_set_destroy(methods_ebcdic, ebcdic_free))
++ return NULL;
++ }
++ return methods_ebcdic;
+ }
+
+ static int ebcdic_new(BIO *bi)
+@@ -451,68 +351,71 @@ static int ebcdic_new(BIO *bi)
+ wbuf->alloced = 1024;
+ wbuf->buff[0] = '\0';
+
+- bi->ptr = (char *)wbuf;
+- bi->init = 1;
+- bi->flags = 0;
+- return (1);
++ BIO_set_data(bi, wbuf);
++ BIO_set_init(bi, 1);
++ return 1;
+ }
+
+ static int ebcdic_free(BIO *a)
+ {
++ EBCDIC_OUTBUFF *wbuf;
++
+ if (a == NULL)
+- return (0);
+- OPENSSL_free(a->ptr);
+- a->ptr = NULL;
+- a->init = 0;
+- a->flags = 0;
+- return (1);
++ return 0;
++ wbuf = BIO_get_data(a);
++ OPENSSL_free(wbuf);
++ BIO_set_data(a, NULL);
++ BIO_set_init(a, 0);
++
++ return 1;
+ }
+
+ static int ebcdic_read(BIO *b, char *out, int outl)
+ {
+ int ret = 0;
++ BIO *next = BIO_next(b);
+
+ if (out == NULL || outl == 0)
+ return (0);
+- if (b->next_bio == NULL)
++ if (next == NULL)
+ return (0);
+
+- ret = BIO_read(b->next_bio, out, outl);
++ ret = BIO_read(next, out, outl);
+ if (ret > 0)
+ ascii2ebcdic(out, out, ret);
+- return (ret);
++ return ret;
+ }
+
+ static int ebcdic_write(BIO *b, const char *in, int inl)
+ {
+ EBCDIC_OUTBUFF *wbuf;
++ BIO *next = BIO_next(b);
+ int ret = 0;
+ int num;
+- unsigned char n;
+
+ if ((in == NULL) || (inl <= 0))
+ return (0);
+- if (b->next_bio == NULL)
+- return (0);
++ if (next == NULL)
++ return 0;
+
+- wbuf = (EBCDIC_OUTBUFF *) b->ptr;
++ wbuf = (EBCDIC_OUTBUFF *) BIO_get_data(b);
+
+ if (inl > (num = wbuf->alloced)) {
+ num = num + num; /* double the size */
+ if (num < inl)
+ num = inl;
++ OPENSSL_free(wbuf);
+ wbuf = app_malloc(sizeof(*wbuf) + num, "grow ebcdic wbuf");
+- OPENSSL_free(b->ptr);
+
+ wbuf->alloced = num;
+ wbuf->buff[0] = '\0';
+
+- b->ptr = (char *)wbuf;
++ BIO_set_data(b, wbuf);
+ }
+
+ ebcdic2ascii(wbuf->buff, in, inl);
+
+- ret = BIO_write(b->next_bio, wbuf->buff, inl);
++ ret = BIO_write(next, wbuf->buff, inl);
+
+ return (ret);
+ }
+@@ -520,15 +423,16 @@ static int ebcdic_write(BIO *b, const char *in, int inl)
+ static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
+ {
+ long ret;
++ BIO *next = BIO_next(b);
+
+- if (b->next_bio == NULL)
++ if (next == NULL)
+ return (0);
+ switch (cmd) {
+ case BIO_CTRL_DUP:
+ ret = 0L;
+ break;
+ default:
+- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
++ ret = BIO_ctrl(next, cmd, num, ptr);
+ break;
+ }
+ return (ret);
+@@ -537,8 +441,10 @@ static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
+ static int ebcdic_gets(BIO *bp, char *buf, int size)
+ {
+ int i, ret = 0;
+- if (bp->next_bio == NULL)
+- return (0);
++ BIO *next = BIO_next(bp);
++
++ if (next == NULL)
++ return 0;
+ /* return(BIO_gets(bp->next_bio,buf,size));*/
+ for (i = 0; i < size - 1; ++i) {
+ ret = ebcdic_read(bp, &buf[i], 1);
+@@ -556,8 +462,8 @@ static int ebcdic_gets(BIO *bp, char *buf, int size)
+
+ static int ebcdic_puts(BIO *bp, const char *str)
+ {
+- if (bp->next_bio == NULL)
+- return (0);
++ if (BIO_next(bp) == NULL)
++ return 0;
+ return ebcdic_write(bp, str, strlen(str));
+ }
+ #endif
+@@ -664,8 +570,8 @@ static int cert_status_cb(SSL *s, void *arg)
+ SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
+ NULL, NULL))
+ goto err;
+- obj = X509_STORE_get_X509_by_subject(inctx, X509_LU_X509,
+- X509_get_issuer_name(x));
++ obj = X509_STORE_CTX_get_obj_by_subject(inctx, X509_LU_X509,
++ X509_get_issuer_name(x));
+ if (obj == NULL) {
+ BIO_puts(bio_err, "cert_status: Can't retrieve issuer certificate.\n");
+ goto done;
+@@ -1007,12 +913,12 @@ OPTIONS s_server_options[] = {
+ #ifndef OPENSSL_NO_ENGINE
+ {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
+ #endif
+- {NULL}
++ {NULL, OPT_EOF, 0, NULL}
+ };
+
+ int s_server_main(int argc, char *argv[])
+ {
+- ENGINE *e = NULL;
++ ENGINE *engine = NULL;
+ EVP_PKEY *s_key = NULL, *s_dkey = NULL;
+ SSL_CONF_CTX *cctx = NULL;
+ const SSL_METHOD *meth = TLS_server_method();
+@@ -1484,7 +1390,7 @@ int s_server_main(int argc, char *argv[])
+ session_id_prefix = opt_arg();
+ break;
+ case OPT_ENGINE:
+- e = setup_engine(opt_arg(), 1);
++ engine = setup_engine(opt_arg(), 1);
+ break;
+ case OPT_RAND:
+ inrand = opt_arg();
+@@ -1590,7 +1496,7 @@ int s_server_main(int argc, char *argv[])
+ goto end;
+
+ if (nocert == 0) {
+- s_key = load_key(s_key_file, s_key_format, 0, pass, e,
++ s_key = load_key(s_key_file, s_key_format, 0, pass, engine,
+ "server certificate private key file");
+ if (!s_key) {
+ ERR_print_errors(bio_err);
+@@ -1611,7 +1517,7 @@ int s_server_main(int argc, char *argv[])
+ }
+
+ if (tlsextcbp.servername) {
+- s_key2 = load_key(s_key_file2, s_key_format, 0, pass, e,
++ s_key2 = load_key(s_key_file2, s_key_format, 0, pass, engine,
+ "second server certificate private key file");
+ if (!s_key2) {
+ ERR_print_errors(bio_err);
+@@ -1670,7 +1576,7 @@ int s_server_main(int argc, char *argv[])
+ s_dkey_file = s_dcert_file;
+
+ s_dkey = load_key(s_dkey_file, s_dkey_format,
+- 0, dpass, e, "second certificate private key file");
++ 0, dpass, engine, "second certificate private key file");
+ if (!s_dkey) {
+ ERR_print_errors(bio_err);
+ goto end;
+@@ -1854,9 +1760,10 @@ int s_server_main(int argc, char *argv[])
+ if (async)
+ SSL_CTX_set_mode(ctx2, SSL_MODE_ASYNC);
+
+- if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
+- (!SSL_CTX_set_default_verify_paths(ctx2))) {
++ if (!ctx_set_verify_locations(ctx2, CAfile, CApath, noCAfile,
++ noCApath)) {
+ ERR_print_errors(bio_err);
++ goto end;
+ }
+ if (vpmtouched && !SSL_CTX_set1_param(ctx2, vpm)) {
+ BIO_printf(bio_err, "Error setting verify params\n");
+@@ -2079,6 +1986,9 @@ int s_server_main(int argc, char *argv[])
+ bio_s_out = NULL;
+ BIO_free(bio_s_msg);
+ bio_s_msg = NULL;
++#ifdef CHARSET_EBCDIC
++ BIO_meth_free(methods_ebcdic);
++#endif
+ return (ret);
+ }
+
+@@ -2257,10 +2167,10 @@ static int sv_body(int s, int stype, unsigned char *context)
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ i = select(width, (void *)&readfds, NULL, NULL, &tv);
+- if ((i < 0) || (!i && !_kbhit()))
+- continue;
+- if (_kbhit())
++ if (has_stdin_waiting())
+ read_from_terminal = 1;
++ if ((i < 0) || (!i && !read_from_terminal))
++ continue;
+ #else
+ if ((SSL_version(con) == DTLS1_VERSION) &&
+ DTLSv1_get_timeout(con, &timeout))
+@@ -2399,13 +2309,19 @@ static int sv_body(int s, int stype, unsigned char *context)
+ break;
+ case SSL_ERROR_WANT_ASYNC:
+ BIO_printf(bio_s_out, "Write BLOCK (Async)\n");
++ (void)BIO_flush(bio_s_out);
+ wait_for_async(con);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_printf(bio_s_out, "Write BLOCK\n");
++ (void)BIO_flush(bio_s_out);
+ break;
++ case SSL_ERROR_WANT_ASYNC_JOB:
++ /*
++ * This shouldn't ever happen in s_server. Treat as an error
++ */
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ BIO_printf(bio_s_out, "ERROR\n");
+@@ -2469,17 +2385,24 @@ static int sv_body(int s, int stype, unsigned char *context)
+ ascii2ebcdic(buf, buf, i);
+ #endif
+ raw_write_stdout(buf, (unsigned int)i);
++ (void)BIO_flush(bio_s_out);
+ if (SSL_has_pending(con))
+ goto again;
+ break;
+ case SSL_ERROR_WANT_ASYNC:
+ BIO_printf(bio_s_out, "Read BLOCK (Async)\n");
++ (void)BIO_flush(bio_s_out);
+ wait_for_async(con);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ BIO_printf(bio_s_out, "Read BLOCK\n");
++ (void)BIO_flush(bio_s_out);
+ break;
++ case SSL_ERROR_WANT_ASYNC_JOB:
++ /*
++ * This shouldn't ever happen in s_server. Treat as an error
++ */
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ BIO_printf(bio_s_out, "ERROR\n");
+@@ -2530,6 +2453,7 @@ static int init_ssl_connection(SSL *con)
+ unsigned next_proto_neg_len;
+ #endif
+ unsigned char *exportedkeymat;
++ int retry = 0;
+
+ #ifndef OPENSSL_NO_DTLS
+ if(dtlslisten) {
+@@ -2564,6 +2488,8 @@ static int init_ssl_connection(SSL *con)
+ do {
+ i = SSL_accept(con);
+
++ if (i <= 0)
++ retry = BIO_sock_should_retry(i);
+ #ifdef CERT_CB_TEST_RETRY
+ {
+ while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP
+@@ -2571,6 +2497,8 @@ static int init_ssl_connection(SSL *con)
+ BIO_printf(bio_err,
+ "LOOKUP from certificate callback during accept\n");
+ i = SSL_accept(con);
++ if (i <= 0)
++ retry = BIO_sock_should_retry(i);
+ }
+ }
+ #endif
+@@ -2589,13 +2517,15 @@ static int init_ssl_connection(SSL *con)
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ i = SSL_accept(con);
++ if (i <= 0)
++ retry = BIO_sock_should_retry(i);
+ }
+ #endif
+ } while (i < 0 && SSL_waiting_for_async(con));
+
+ if (i <= 0) {
+ if ((dtlslisten && i == 0)
+- || (!dtlslisten && BIO_sock_should_retry(i))) {
++ || (!dtlslisten && retry)) {
+ BIO_printf(bio_s_out, "DELAY\n");
+ return (1);
+ }
+@@ -2681,6 +2611,7 @@ static int init_ssl_connection(SSL *con)
+ OPENSSL_free(exportedkeymat);
+ }
+
++ (void)BIO_flush(bio_s_out);
+ return (1);
+ }
+
+diff --git a/apps/s_socket.c b/apps/s_socket.c
+index 4653217..d16f5ad 100644
+--- a/apps/s_socket.c
++++ b/apps/s_socket.c
+@@ -1,106 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 199-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* socket-related functions used by s_client and s_server */
+@@ -195,6 +99,8 @@ int init_client(int *sock, const char *host, const char *port,
+ if (*sock == INVALID_SOCKET) {
+ ERR_print_errors(bio_err);
+ } else {
++ /* Remove any stale errors from previous connection attempts */
++ ERR_clear_error();
+ ret = 1;
+ }
+ BIO_ADDRINFO_free(res);
+diff --git a/apps/s_time.c b/apps/s_time.c
+index 6890bc1..ecab515 100644
+--- a/apps/s_time.c
++++ b/apps/s_time.c
+@@ -1,67 +1,14 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #define NO_SHUTDOWN
+
+-/* ----------------------------------------
+- s_time - SSL client connection timer program
+- Written and donated by Larry Streepy <streepy at healthcare.com>
+- -----------------------------------------*/
+-
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+diff --git a/apps/sess_id.c b/apps/sess_id.c
+index f40f131..2b63e69 100644
+--- a/apps/sess_id.c
++++ b/apps/sess_id.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/apps/smime.c b/apps/smime.c
+index 60daeb4..f9f3d23 100644
+--- a/apps/smime.c
++++ b/apps/smime.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* S/MIME utility function */
+@@ -115,15 +66,15 @@ OPTIONS smime_options[] = {
+ {"noattr", OPT_NOATTR, '-', "Don't include any signed attributes"},
+ {"binary", OPT_BINARY, '-', "Don't translate message to text"},
+ {"certfile", OPT_CERTFILE, '<', "Other certificates file"},
+- {"signer", OPT_SIGNER, '<', "Signer certificate file"},
++ {"signer", OPT_SIGNER, 's', "Signer certificate file"},
+ {"recip", OPT_RECIP, '<', "Recipient certificate file for decryption"},
+ {"in", OPT_IN, '<', "Input file"},
+- {"inform", OPT_INFORM, 'F', "Input format SMIME (default), PEM or DER"},
++ {"inform", OPT_INFORM, 'c', "Input format SMIME (default), PEM or DER"},
+ {"inkey", OPT_INKEY, '<',
+ "Input private key (if not signer or recipient)"},
+ {"keyform", OPT_KEYFORM, 'f', "Input private key format (PEM or ENGINE)"},
+ {"out", OPT_OUT, '>', "Output file"},
+- {"outform", OPT_OUTFORM, 'F',
++ {"outform", OPT_OUTFORM, 'c',
+ "Output format SMIME (default), PEM or DER"},
+ {"content", OPT_CONTENT, '<',
+ "Supply or override content for detached signature"},
+@@ -148,7 +99,7 @@ OPTIONS smime_options[] = {
+ {"rand", OPT_RAND, 's',
+ "Load the file(s) into the random number generator"},
+ {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+- {"md", OPT_MD, 's'},
++ {"md", OPT_MD, 's', "Digest algorithm to use when signing or resigning"},
+ {"", OPT_CIPHER, '-', "Any supported cipher"},
+ OPT_V_OPTIONS,
+ #ifndef OPENSSL_NO_ENGINE
+@@ -183,6 +134,7 @@ int smime_main(int argc, char **argv)
+ FORMAT_PEM;
+ int vpmtouched = 0, rv = 0;
+ ENGINE *e = NULL;
++ const char *mime_eol = "\n";
+
+ if ((vpm = X509_VERIFY_PARAM_new()) == NULL)
+ return 1;
+@@ -200,14 +152,14 @@ int smime_main(int argc, char **argv)
+ ret = 0;
+ goto end;
+ case OPT_INFORM:
+- if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
++ if (!opt_format(opt_arg(), OPT_FMT_PDS, &informat))
+ goto opthelp;
+ break;
+ case OPT_IN:
+ infile = opt_arg();
+ break;
+ case OPT_OUTFORM:
+- if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
++ if (!opt_format(opt_arg(), OPT_FMT_PDS, &outformat))
+ goto opthelp;
+ break;
+ case OPT_OUT:
+@@ -273,6 +225,7 @@ int smime_main(int argc, char **argv)
+ break;
+ case OPT_CRLFEOL:
+ flags |= PKCS7_CRLFEOL;
++ mime_eol = "\r\n";
+ break;
+ case OPT_RAND:
+ inrand = opt_arg();
+@@ -623,11 +576,11 @@ int smime_main(int argc, char **argv)
+ PEM_write_bio_PKCS7(out, p7);
+ else {
+ if (to)
+- BIO_printf(out, "To: %s\n", to);
++ BIO_printf(out, "To: %s%s", to, mime_eol);
+ if (from)
+- BIO_printf(out, "From: %s\n", from);
++ BIO_printf(out, "From: %s%s", from, mime_eol);
+ if (subject)
+- BIO_printf(out, "Subject: %s\n", subject);
++ BIO_printf(out, "Subject: %s%s", subject, mime_eol);
+ if (outformat == FORMAT_SMIME) {
+ if (operation == SMIME_RESIGN)
+ rv = SMIME_write_PKCS7(out, p7, indata, flags);
+diff --git a/apps/speed.c b/apps/speed.c
+index 160841d..139295c 100644
+--- a/apps/speed.c
++++ b/apps/speed.c
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -2650,20 +2603,20 @@ int speed_main(int argc, char **argv)
+ break;
+ }
+ }
+- if (ecdh_checks != 0) {
+- pkey_print_message("", "ecdh",
+- ecdh_c[testnum][0],
+- test_curves_bits[testnum], ECDH_SECONDS);
+- Time_F(START);
+- count = run_benchmark(async_jobs, ECDH_compute_key_loop, loopargs);
+- d = Time_F(STOP);
+- BIO_printf(bio_err,
+- mr ? "+R7:%ld:%d:%.2f\n" :
+- "%ld %d-bit ECDH ops in %.2fs\n", count,
+- test_curves_bits[testnum], d);
+- ecdh_results[testnum][0] = d / (double)count;
+- rsa_count = count;
+- }
++ }
++ if (ecdh_checks != 0) {
++ pkey_print_message("", "ecdh",
++ ecdh_c[testnum][0],
++ test_curves_bits[testnum], ECDH_SECONDS);
++ Time_F(START);
++ count = run_benchmark(async_jobs, ECDH_compute_key_loop, loopargs);
++ d = Time_F(STOP);
++ BIO_printf(bio_err,
++ mr ? "+R7:%ld:%d:%.2f\n" :
++ "%ld %d-bit ECDH ops in %.2fs\n", count,
++ test_curves_bits[testnum], d);
++ ecdh_results[testnum][0] = d / (double)count;
++ rsa_count = count;
+ }
+ }
+
+diff --git a/apps/spkac.c b/apps/spkac.c
+index 07f36d3..b6fc46d 100644
+--- a/apps/spkac.c
++++ b/apps/spkac.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999. Based on an original idea by Massimiliano Pala (madwolf at openca.org).
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+diff --git a/apps/srp.c b/apps/srp.c
+index 1bf2ee2..d81346d 100644
+--- a/apps/srp.c
++++ b/apps/srp.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Peter Sylvester (peter.sylvester at edelweb.fr) for the EdelKey
+- * project and contributed to the OpenSSL project 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -256,13 +207,12 @@ OPTIONS srp_options[] = {
+ int srp_main(int argc, char **argv)
+ {
+ CA_DB *db = NULL;
+- DB_ATTR db_attr;
+ CONF *conf = NULL;
+ int gNindex = -1, maxgN = -1, ret = 1, errors = 0, verbose = 0, i;
+ int doupdatedb = 0, mode = OPT_ERR;
+ char *user = NULL, *passinarg = NULL, *passoutarg = NULL;
+ char *passin = NULL, *passout = NULL, *gN = NULL, *userinfo = NULL;
+- char *randfile = NULL, *tofree = NULL, *section = NULL;
++ char *randfile = NULL, *section = NULL;
+ char **gNrow = NULL, *configfile = NULL;
+ char *srpvfile = NULL, **pp, *prog;
+ OPTION_CHOICE o;
+@@ -360,7 +310,7 @@ int srp_main(int argc, char **argv)
+ conf = app_load_config(configfile);
+ if (conf == NULL)
+ goto end;
+- if (!app_load_modules(conf))
++ if (configfile != default_config_file && !app_load_modules(conf))
+ goto end;
+
+ /* Lets get the config section we are using */
+@@ -401,7 +351,7 @@ int srp_main(int argc, char **argv)
+ BIO_printf(bio_err, "Trying to read SRP verifier file \"%s\"\n",
+ srpvfile);
+
+- db = load_index(srpvfile, &db_attr);
++ db = load_index(srpvfile, NULL);
+ if (db == NULL)
+ goto end;
+
+@@ -646,7 +596,7 @@ int srp_main(int argc, char **argv)
+
+ if (verbose)
+ BIO_printf(bio_err, "SRP terminating with code %d.\n", ret);
+- OPENSSL_free(tofree);
++
+ if (ret)
+ ERR_print_errors(bio_err);
+ if (randfile)
+diff --git a/apps/testdsa.h b/apps/testdsa.h
+index c72c71e..1e4502a 100644
+--- a/apps/testdsa.h
++++ b/apps/testdsa.h
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 199-2015 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* used by speed.c */
+diff --git a/apps/testrsa.h b/apps/testrsa.h
+index b163313..1350ce5 100644
+--- a/apps/testrsa.h
++++ b/apps/testrsa.h
+@@ -1,59 +1,10 @@
+-/* used by apps/speed.c */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ static unsigned char test512[] = {
+diff --git a/apps/timeouts.h b/apps/timeouts.h
+index dc83e9d..e023b0a 100644
+--- a/apps/timeouts.h
++++ b/apps/timeouts.h
+@@ -1,59 +1,10 @@
+ /*
+- * DTLS implementation written by Nagendra Modadugu
+- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef INCLUDED_TIMEOUTS_H
+diff --git a/apps/ts.c b/apps/ts.c
+index 70a9013..ec83aac 100644
+--- a/apps/ts.c
++++ b/apps/ts.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -154,7 +105,7 @@ OPTIONS ts_options[] = {
+ {"text", OPT_TEXT, '-', "Output text (not DER)"},
+ {"reply", OPT_REPLY, '-', "Generate a TS reply"},
+ {"queryfile", OPT_QUERYFILE, '<', "File containing a TS query"},
+- {"passin", OPT_PASSIN, 's'},
++ {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+ {"inkey", OPT_INKEY, '<', "File with private key for reply"},
+ {"signer", OPT_SIGNER, 's'},
+ {"chain", OPT_CHAIN, '<', "File with signer CA chain"},
+@@ -187,9 +138,9 @@ static char* opt_helplist[] = {
+ " [-chain certs_file.pem] [-tspolicy oid]",
+ " [-in file] [-token_in] [-out file] [-token_out]",
+ # ifndef OPENSSL_NO_ENGINE
+- " [-text]",
+-# else
+ " [-text] [-engine id]",
++# else
++ " [-text]",
+ # endif
+ " or",
+ "ts -verify -CApath dir -CAfile file.pem -untrusted file.pem",
+@@ -319,9 +270,7 @@ int ts_main(int argc, char **argv)
+ break;
+ }
+ }
+- argc = opt_num_rest();
+- argv = opt_rest();
+- if (mode == OPT_ERR || argc != 0)
++ if (mode == OPT_ERR || opt_num_rest() != 0)
+ goto opthelp;
+
+ /* Seed the random number generator if it is going to be used. */
+@@ -341,7 +290,7 @@ int ts_main(int argc, char **argv)
+ }
+
+ conf = load_config_file(configfile);
+- if (!app_load_modules(conf))
++ if (configfile != default_config_file && !app_load_modules(conf))
+ goto end;
+
+ /* Check parameter consistency and execute the appropriate function. */
+diff --git a/apps/verify.c b/apps/verify.c
+index fa51783..86d1b2a 100644
+--- a/apps/verify.c
++++ b/apps/verify.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/apps/version.c b/apps/version.c
+index 0a252e7..e3c8299 100644
+--- a/apps/version.c
++++ b/apps/version.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/apps/vms_decc_init.c b/apps/vms_decc_init.c
+index ecf21af..f83f716 100644
+--- a/apps/vms_decc_init.c
++++ b/apps/vms_decc_init.c
+@@ -1,53 +1,10 @@
+ /*
+- * Written by sms and contributed to the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #if defined( __VMS) && !defined( OPENSSL_NO_DECC_INIT) && \
+diff --git a/apps/winrand.c b/apps/winrand.c
+index a5fe791..e65605e 100644
+--- a/apps/winrand.c
++++ b/apps/winrand.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*-
+diff --git a/apps/x509.c b/apps/x509.c
+index 6e6ee08..56c6fcc 100644
+--- a/apps/x509.c
++++ b/apps/x509.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -116,7 +68,7 @@ OPTIONS x509_options[] = {
+ "Output format - default PEM (one of DER, NET or PEM)"},
+ {"out", OPT_OUT, '>', "Output file - default stdout"},
+ {"keyform", OPT_KEYFORM, 'F', "Private key format - default PEM"},
+- {"passin", OPT_PASSIN, 's', "Private key password source"},
++ {"passin", OPT_PASSIN, 's', "Private key password/pass-phrase source"},
+ {"serial", OPT_SERIAL, '-', "Print serial number value"},
+ {"subject_hash", OPT_HASH, '-', "Print subject hash value"},
+ {"issuer_hash", OPT_ISSUER_HASH, '-', "Print issuer hash value"},
+@@ -172,11 +124,11 @@ OPTIONS x509_options[] = {
+ {"checkip", OPT_CHECKIP, 's', "Check certificate matches ipaddr"},
+ {"CAform", OPT_CAFORM, 'F', "CA format - default PEM"},
+ {"CAkeyform", OPT_CAKEYFORM, 'F', "CA key format - default PEM"},
+- {"sigopt", OPT_SIGOPT, 's'},
++ {"sigopt", OPT_SIGOPT, 's', "Signature parameter in n:v form"},
+ {"force_pubkey", OPT_FORCE_PUBKEY, '<'},
+ {"next_serial", OPT_NEXT_SERIAL, '-'},
+ {"clrreject", OPT_CLRREJECT, '-'},
+- {"badsig", OPT_BADSIG, '-'},
++ {"badsig", OPT_BADSIG, '-', "Corrupt last byte of certificate signature (for test)"},
+ {"", OPT_MD, '-', "Any supported digest"},
+ #ifndef OPENSSL_NO_MD5
+ {"subject_hash_old", OPT_SUBJECT_HASH_OLD, '-',
+@@ -763,7 +715,7 @@ int x509_main(int argc, char **argv)
+ BIO_printf(out, "/*\n"
+ " * Subject: %s\n", buf);
+
+- m = X509_NAME_oneline(X509_get_issuer_name(x), buf, sizeof buf);
++ X509_NAME_oneline(X509_get_issuer_name(x), buf, sizeof buf);
+ BIO_printf(out, " * Issuer: %s\n"
+ " */\n", buf);
+
+@@ -991,6 +943,10 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
+ EVP_PKEY *upkey;
+
+ upkey = X509_get0_pubkey(xca);
++ if (upkey == NULL) {
++ BIO_printf(bio_err, "Error obtaining CA X509 public key\n");
++ goto end;
++ }
+ EVP_PKEY_copy_parameters(upkey, pkey);
+
+ xsc = X509_STORE_CTX_new();
+diff --git a/build.info b/build.info
+index ab941f8..6bc70c6 100644
+--- a/build.info
++++ b/build.info
+@@ -2,8 +2,8 @@
+ LIBS=libcrypto libssl
+ ORDINALS[libcrypto]=crypto
+ ORDINALS[libssl]=ssl
+-INCLUDE[libcrypto]={- rel2abs(catdir($builddir,"include")) -} . crypto/include include
+-INCLUDE[libssl]={- rel2abs(catdir($builddir,"include")) -} . include
++INCLUDE[libcrypto]="{- rel2abs(catdir($builddir,"include")) -}" . crypto/include include
++INCLUDE[libssl]="{- rel2abs(catdir($builddir,"include")) -}" . include
+ DEPEND[libssl]=libcrypto
+
+ IF[{- $config{target} =~ /^Cygwin/ -}]
+diff --git a/config b/config
+index 9dfe1c3..dfdca4d 100755
+--- a/config
++++ b/config
+@@ -134,10 +134,6 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
+ esac
+ ;;
+
+- IRIX:5.*)
+- echo "mips2-sgi-irix"; exit 0
+- ;;
+-
+ IRIX:6.*)
+ echo "mips3-sgi-irix"; exit 0
+ ;;
+@@ -265,6 +261,9 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
+ Power*)
+ echo "ppc-apple-darwin${VERSION}"
+ ;;
++ x86_64)
++ echo "x86_64-apple-darwin${VERSION}"
++ ;;
+ *)
+ echo "i686-apple-darwin${VERSION}"
+ ;;
+@@ -461,14 +460,6 @@ case "$GUESSOS" in
+ uClinux*)
+ OUT=uClinux-dist
+ ;;
+- mips2-sgi-irix)
+- CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
+- CPU=${CPU:-0}
+- if [ $CPU -ge 4000 ]; then
+- options="$options -mips2"
+- fi
+- OUT="irix-$CC"
+- ;;
+ mips3-sgi-irix)
+ #CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
+ #CPU=${CPU:-0}
+@@ -515,7 +506,7 @@ case "$GUESSOS" in
+ ISA64=`(sysctl -n hw.optional.x86_64) 2>/dev/null`
+ if [ "$ISA64" = "1" -a -z "$KERNEL_BITS" ]; then
+ echo "WARNING! If you wish to build 64-bit library, then you have to"
+- echo " invoke '$THERE/Configure darwin64-x86_64-cc $options' *manually*."
++ echo " invoke 'KERNEL_BITS=64 $THERE/config $options'."
+ if [ "$TEST" = "false" -a -t 1 ]; then
+ echo " You have about 5 seconds to press Ctrl-C to abort."
+ # The stty technique used elsewhere doesn't work on
+@@ -528,6 +519,22 @@ case "$GUESSOS" in
+ else
+ OUT="darwin-i386-cc"
+ fi ;;
++ x86_64-apple-darwin*)
++ if [ -z "$KERNEL_BITS" ]; then
++ echo "WARNING! If you wish to build 32-bit library, then you have to"
++ echo " invoke 'KERNEL_BITS=32 $THERE/config $options'."
++ if [ "$TEST" = "false" -a -t 1 ]; then
++ echo " You have about 5 seconds to press Ctrl-C to abort."
++ # The stty technique used elsewhere doesn't work on
++ # MacOS. At least, right now on this Mac.
++ sleep 5
++ fi
++ fi
++ if [ "$KERNEL_BITS" = "32" ]; then
++ OUT="darwin-i386-cc"
++ else
++ OUT="darwin64-x86_64-cc"
++ fi ;;
+ armv6+7-*-iphoneos)
+ options="$options -arch%20armv6 -arch%20armv7"
+ OUT="iphoneos-cross" ;;
+diff --git a/crypto/LPdir_nyi.c b/crypto/LPdir_nyi.c
+index 283d5b0..18566fd 100644
+--- a/crypto/LPdir_nyi.c
++++ b/crypto/LPdir_nyi.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * $LP: LPlib/source/LPdir_win.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $
+ */
+ /*
+diff --git a/crypto/LPdir_unix.c b/crypto/LPdir_unix.c
+index 1428cd1..8f27f70 100644
+--- a/crypto/LPdir_unix.c
++++ b/crypto/LPdir_unix.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp
+ * $
+ */
+diff --git a/crypto/LPdir_vms.c b/crypto/LPdir_vms.c
+index 362918d..1a5b60f 100644
+--- a/crypto/LPdir_vms.c
++++ b/crypto/LPdir_vms.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Copyright (c) 2004, Richard Levitte <richard at levitte.org>
+ * All rights reserved.
+ *
+diff --git a/crypto/LPdir_win.c b/crypto/LPdir_win.c
+index 4ff514f..71103da 100644
+--- a/crypto/LPdir_win.c
++++ b/crypto/LPdir_win.c
+@@ -1,28 +1,12 @@
+ /*
+- * Copyright (c) 2004, Richard Levitte <richard at levitte.org>
+- * All rights reserved.
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <windows.h>
+ #include <tchar.h>
+ #ifndef LPDIR_H
+diff --git a/crypto/LPdir_win32.c b/crypto/LPdir_win32.c
+index b1c983d..8f6d6ad 100644
+--- a/crypto/LPdir_win32.c
++++ b/crypto/LPdir_win32.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * $LP: LPlib/source/LPdir_win32.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp
+ * $
+ */
+diff --git a/crypto/LPdir_wince.c b/crypto/LPdir_wince.c
+index ae8a56f..163479e 100644
+--- a/crypto/LPdir_wince.c
++++ b/crypto/LPdir_wince.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * $LP: LPlib/source/LPdir_wince.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp
+ * $
+ */
+diff --git a/crypto/Makefile.in b/crypto/Makefile.in
+deleted file mode 100644
+index 60304ac..0000000
+--- a/crypto/Makefile.in
++++ /dev/null
+@@ -1,117 +0,0 @@
+-#
+-# OpenSSL/crypto/Makefile
+-#
+-
+-DIR= crypto
+-TOP= ..
+-CC= cc
+-INCLUDE= -I. -I$(TOP) -I../include -Iinclude $(ZLIB_INCLUDE)
+-# INCLUDES targets sudbirs!
+-INCLUDES= -I.. -I../.. -I../modes -I../include -I../../include $(ZLIB_INCLUDE)
+-CFLAG= -g
+-MAKEFILE= Makefile
+-RM= rm -f
+-AR= ar r
+-
+-RECURSIVE_MAKE= [ -n "$(SDIRS)" ] && for i in $(SDIRS) ; do \
+- (cd $$i && echo "making $$target in $(DIR)/$$i..." && \
+- $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='$(INCLUDES)' $$target ) || exit 1; \
+- done;
+-
+-PLIB_LDFLAG=
+-EX_LIBS=
+-
+-CFLAGS= $(INCLUDE) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDE) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS=$(ASFLAGS)
+-CPUID_OBJ=mem_clr.o
+-UPLINK_OBJ=
+-
+-LIBS=
+-
+-GENERAL=Makefile README crypto-lib.com install.com
+-
+-LIB= $(TOP)/libcrypto.a
+-SHARED_LIB= libcrypto$(SHLIB_EXT)
+-LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
+- ebcdic.c uid.c o_time.c o_str.c o_dir.c \
+- threads_pthread.c threads_win.c threads_none.c \
+- o_init.c o_fips.c mem_sec.c init.c
+-LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o \
+- ebcdic.o uid.o o_time.o o_str.o o_dir.o \
+- threads_pthread.o threads_win.o threads_none.o \
+- o_init.o o_fips.o mem_sec.o init.o $(CPUID_OBJ) $(UPLINK_OBJ)
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= buildinf.h arm_arch.h ppc_arch.h sparc_arch.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- @(cd ..; $(MAKE) DIRS=$(DIR) all)
+-
+-all: shared
+-
+-fips: cryptlib.o thr_id.o uid.o $(CPUID_OBJ)
+- [ -n "$(SDIRS)" ] && for i in $(SDIRS) ; do \
+- ( obj=`$(PERL) $(TOP)/util/fipsobj.pl $$i` && \
+- cd $$i && echo "making fips in $(DIR)/$$i..." && \
+- $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='$(INCLUDES)' $$obj ) || exit 1; \
+- done;
+-
+-buildinf.h: ../Makefile
+- $(PERL) $(TOP)/util/mkbuildinf.pl "$(CC) $(CFLAGS_Q)" "$(PLATFORM)" >buildinf.h
+-
+-x86cpuid.s: x86cpuid.pl perlasm/x86asm.pl
+- $(PERL) x86cpuid.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-
+-applink.o: $(TOP)/ms/applink.c
+- $(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/applink.c
+-
+-uplink.o: $(TOP)/ms/uplink.c applink.o
+- $(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/uplink.c
+-
+-uplink-x86.s: $(TOP)/ms/uplink-x86.pl
+- $(PERL) $(TOP)/ms/uplink-x86.pl $(PERLASM_SCHEME) $@
+-
+-x86_64cpuid.s: x86_64cpuid.pl; $(PERL) x86_64cpuid.pl $(PERLASM_SCHEME) $@
+-ia64cpuid.s: ia64cpuid.S; $(CC) $(CFLAGS) -E ia64cpuid.S > $@
+-ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
+-pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@
+-alphacpuid.s: alphacpuid.pl
+- (preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+- $(PERL) alphacpuid.pl $$preproc && \
+- $(CC) -E -P $$preproc > $@ && rm $$preproc)
+-arm64cpuid.S: arm64cpuid.pl; $(PERL) arm64cpuid.pl $(PERLASM_SCHEME) $@
+-armv4cpuid.S: armv4cpuid.pl; $(PERL) armv4cpuid.pl $(PERLASM_SCHEME) $@
+-
+-subdirs:
+- @target=all; $(RECURSIVE_MAKE)
+-
+-# lib: $(LIB): are splitted to avoid end-less loop
+-lib: $(LIB)
+- @touch lib
+-$(LIB): $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+-
+-shared: buildinf.h lib subdirs
+- if [ -n "$(SHARED_LIBS)" ]; then \
+- (cd ..; $(MAKE) $(SHARED_LIB)); \
+- fi
+-
+-libs:
+- @target=lib; $(RECURSIVE_MAKE)
+-
+-depend:
+- @[ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist
+- @[ -z "$(THIS)" ] || $(TOP)/util/domd $(CFLAG) $(INCLUDE) -- $(PROGS) $(LIBSRC)
+- @[ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h
+- @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
+- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+-clean:
+- rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+- @target=clean; $(RECURSIVE_MAKE)
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/aes/Makefile.in b/crypto/aes/Makefile.in
+deleted file mode 100644
+index 0dc96e4..0000000
+--- a/crypto/aes/Makefile.in
++++ /dev/null
+@@ -1,106 +0,0 @@
+-#
+-# crypto/aes/Makefile
+-#
+-
+-DIR= aes
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-AES_ENC=aes_core.o aes_cbc.o
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c \
+- aes_ige.c aes_wrap.c
+-LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ige.o aes_wrap.o \
+- $(AES_ENC)
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= aes_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-aes-ia64.s: asm/aes-ia64.S
+- $(CC) $(CFLAGS) -E asm/aes-ia64.S > $@
+-
+-aes-586.s: asm/aes-586.pl ../perlasm/x86asm.pl
+- $(PERL) asm/aes-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-vpaes-x86.s: asm/vpaes-x86.pl ../perlasm/x86asm.pl
+- $(PERL) asm/vpaes-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-aesni-x86.s: asm/aesni-x86.pl ../perlasm/x86asm.pl
+- $(PERL) asm/aesni-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-
+-aes-x86_64.s: asm/aes-x86_64.pl
+- $(PERL) asm/aes-x86_64.pl $(PERLASM_SCHEME) $@
+-vpaes-x86_64.s: asm/vpaes-x86_64.pl
+- $(PERL) asm/vpaes-x86_64.pl $(PERLASM_SCHEME) $@
+-bsaes-x86_64.s: asm/bsaes-x86_64.pl
+- $(PERL) asm/bsaes-x86_64.pl $(PERLASM_SCHEME) $@
+-aesni-x86_64.s: asm/aesni-x86_64.pl
+- $(PERL) asm/aesni-x86_64.pl $(PERLASM_SCHEME) $@
+-aesni-sha1-x86_64.s: asm/aesni-sha1-x86_64.pl
+- $(PERL) asm/aesni-sha1-x86_64.pl $(PERLASM_SCHEME) $@
+-aesni-sha256-x86_64.s: asm/aesni-sha256-x86_64.pl
+- $(PERL) asm/aesni-sha256-x86_64.pl $(PERLASM_SCHEME) $@
+-aesni-mb-x86_64.s: asm/aesni-mb-x86_64.pl
+- $(PERL) asm/aesni-mb-x86_64.pl $(PERLASM_SCHEME) $@
+-
+-aes-sparcv9.S: asm/aes-sparcv9.pl
+- $(PERL) asm/aes-sparcv9.pl $(PERLASM_SCHEME) $@
+-aest4-sparcv9.S: asm/aest4-sparcv9.pl ../perlasm/sparcv9_modes.pl
+- $(PERL) asm/aest4-sparcv9.pl $(PERLASM_SCHEME) $@
+-
+-aes-ppc.s: asm/aes-ppc.pl
+- $(PERL) asm/aes-ppc.pl $(PERLASM_SCHEME) $@
+-vpaes-ppc.s: asm/vpaes-ppc.pl
+- $(PERL) asm/vpaes-ppc.pl $(PERLASM_SCHEME) $@
+-aesp8-ppc.s: asm/aesp8-ppc.pl
+- $(PERL) asm/aesp8-ppc.pl $(PERLASM_SCHEME) $@
+-
+-aes-parisc.s: asm/aes-parisc.pl
+- $(PERL) asm/aes-parisc.pl $(PERLASM_SCHEME) $@
+-
+-aes-mips.S: asm/aes-mips.pl
+- $(PERL) asm/aes-mips.pl $(PERLASM_SCHEME) $@
+-
+-aesv8-armx.S: asm/aesv8-armx.pl
+- $(PERL) asm/aesv8-armx.pl $(PERLASM_SCHEME) $@
+-aesv8-armx.o: aesv8-armx.S
+-vpaes-armv8.S: asm/vpaes-armv8.pl
+- $(PERL) asm/vpaes-armv8.pl $(PERLASM_SCHEME) $@
+-vpaes-armv8.o: vpaes-armv8.S
+-
+-# GNU make "catch all"
+-aes-%.S: asm/aes-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-aes-armv4.o: aes-armv4.S
+-bsaes-%.S: asm/bsaes-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-bsaes-armv7.o: bsaes-armv7.S
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/aes/aes_cbc.c b/crypto/aes/aes_cbc.c
+index 826de68..342841f 100644
+--- a/crypto/aes/aes_cbc.c
++++ b/crypto/aes/aes_cbc.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/aes.h>
+diff --git a/crypto/aes/aes_cfb.c b/crypto/aes/aes_cfb.c
+index 3962c3e..f010e3c 100644
+--- a/crypto/aes/aes_cfb.c
++++ b/crypto/aes/aes_cfb.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/aes.h>
+diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c
+index 837d4fe..ef0fc51 100644
+--- a/crypto/aes/aes_core.c
++++ b/crypto/aes/aes_core.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /**
+ * rijndael-alg-fst.c
+ *
+diff --git a/crypto/aes/aes_ecb.c b/crypto/aes/aes_ecb.c
+index 6639c78..29bfc1a 100644
+--- a/crypto/aes/aes_ecb.c
++++ b/crypto/aes/aes_ecb.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <assert.h>
+diff --git a/crypto/aes/aes_ige.c b/crypto/aes/aes_ige.c
+index f8f4ba5..9125264 100644
+--- a/crypto/aes/aes_ige.c
++++ b/crypto/aes/aes_ige.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/aes/aes_locl.h b/crypto/aes/aes_locl.h
+index e49f357..adee29d 100644
+--- a/crypto/aes/aes_locl.h
++++ b/crypto/aes/aes_locl.h
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_AES_LOCL_H
+diff --git a/crypto/aes/aes_misc.c b/crypto/aes/aes_misc.c
+index ca84a6c..7403c84 100644
+--- a/crypto/aes/aes_misc.c
++++ b/crypto/aes/aes_misc.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslv.h>
+diff --git a/crypto/aes/aes_ofb.c b/crypto/aes/aes_ofb.c
+index bc24038..215b538 100644
+--- a/crypto/aes/aes_ofb.c
++++ b/crypto/aes/aes_ofb.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/aes.h>
+diff --git a/crypto/aes/aes_wrap.c b/crypto/aes/aes_wrap.c
+index c9cd3d3..cae0b21 100644
+--- a/crypto/aes/aes_wrap.c
++++ b/crypto/aes/aes_wrap.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/aes/aes_x86core.c b/crypto/aes/aes_x86core.c
+index 1b64f5b..dd7e905 100644
+--- a/crypto/aes/aes_x86core.c
++++ b/crypto/aes/aes_x86core.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /**
+ * rijndael-alg-fst.c
+ *
+diff --git a/crypto/aes/asm/aes-586.pl b/crypto/aes/asm/aes-586.pl
+index 5a7f1b4..1ba3565 100755
+--- a/crypto/aes/asm/aes-586.pl
++++ b/crypto/aes/asm/aes-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/aes/asm/aes-armv4.pl b/crypto/aes/asm/aes-armv4.pl
+index 3efe415..16d79aa 100644
+--- a/crypto/aes/asm/aes-armv4.pl
++++ b/crypto/aes/asm/aes-armv4.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/aes/asm/aes-c64xplus.pl b/crypto/aes/asm/aes-c64xplus.pl
+index 54426f7..19d2cc1 100644
+--- a/crypto/aes/asm/aes-c64xplus.pl
++++ b/crypto/aes/asm/aes-c64xplus.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/aes/asm/aes-mips.pl b/crypto/aes/asm/aes-mips.pl
+index 77dfe1a..439578d 100644
+--- a/crypto/aes/asm/aes-mips.pl
++++ b/crypto/aes/asm/aes-mips.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+@@ -57,6 +64,7 @@
+ $flavour = shift || "o32"; # supported flavours are o32,n32,64,nubi32,nubi64
+
+ if ($flavour =~ /64|n32/i) {
++ $PTR_LA="dla";
+ $PTR_ADD="dadd"; # incidentally works even on n32
+ $PTR_SUB="dsub"; # incidentally works even on n32
+ $PTR_INS="dins";
+@@ -65,6 +73,7 @@ if ($flavour =~ /64|n32/i) {
+ $PTR_SLL="dsll"; # incidentally works even on n32
+ $SZREG=8;
+ } else {
++ $PTR_LA="la";
+ $PTR_ADD="add";
+ $PTR_SUB="sub";
+ $PTR_INS="ins";
+@@ -110,7 +119,7 @@ ___
+ �
+ {{{
+ my $FRAMESIZE=16*$SZREG;
+-my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
++my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? "0xc0fff008" : "0xc0ff0000";
+
+ my ($inp,$out,$key,$Tbl,$s0,$s1,$s2,$s3)=($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7);
+ my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2);
+@@ -646,7 +655,7 @@ $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
+ ___
+ $code.=<<___;
+ .set reorder
+- la $Tbl,AES_Te # PIC-ified 'load address'
++ $PTR_LA $Tbl,AES_Te # PIC-ified 'load address'
+
+ lwl $s0,0+$MSB($inp)
+ lwl $s1,4+$MSB($inp)
+@@ -1217,7 +1226,7 @@ $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
+ ___
+ $code.=<<___;
+ .set reorder
+- la $Tbl,AES_Td # PIC-ified 'load address'
++ $PTR_LA $Tbl,AES_Td # PIC-ified 'load address'
+
+ lwl $s0,0+$MSB($inp)
+ lwl $s1,4+$MSB($inp)
+@@ -1267,7 +1276,7 @@ ___
+ �
+ {{{
+ my $FRAMESIZE=8*$SZREG;
+-my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc000f008 : 0xc0000000;
++my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? "0xc000f008" : "0xc0000000";
+
+ my ($inp,$bits,$key,$Tbl)=($a0,$a1,$a2,$a3);
+ my ($rk0,$rk1,$rk2,$rk3,$rk4,$rk5,$rk6,$rk7)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3);
+@@ -1556,7 +1565,7 @@ $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
+ ___
+ $code.=<<___;
+ .set reorder
+- la $Tbl,AES_Te4 # PIC-ified 'load address'
++ $PTR_LA $Tbl,AES_Te4 # PIC-ified 'load address'
+
+ bal _mips_AES_set_encrypt_key
+
+@@ -1611,7 +1620,7 @@ $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
+ ___
+ $code.=<<___;
+ .set reorder
+- la $Tbl,AES_Te4 # PIC-ified 'load address'
++ $PTR_LA $Tbl,AES_Te4 # PIC-ified 'load address'
+
+ bal _mips_AES_set_encrypt_key
+
+diff --git a/crypto/aes/asm/aes-parisc.pl b/crypto/aes/asm/aes-parisc.pl
+index 714dcfb..2c785bc 100644
+--- a/crypto/aes/asm/aes-parisc.pl
++++ b/crypto/aes/asm/aes-parisc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/aes/asm/aes-ppc.pl b/crypto/aes/asm/aes-ppc.pl
+index 5b83016..d02dde5 100644
+--- a/crypto/aes/asm/aes-ppc.pl
++++ b/crypto/aes/asm/aes-ppc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl
+index 4aacf1b..a93d601 100644
+--- a/crypto/aes/asm/aes-s390x.pl
++++ b/crypto/aes/asm/aes-s390x.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+@@ -818,13 +825,9 @@ $code.=<<___ if (!$softonly);
+ tmhl %r0,0x4000 # check for message-security assist
+ jz .Lekey_internal
+
+- lghi %r0,0 # query capability vector
+- la %r1,16($sp)
+- .long 0xb92f0042 # kmc %r4,%r2
+-
+- llihh %r1,0x8000
+- srlg %r1,%r1,0(%r5)
+- ng %r1,16($sp)
++ llihh %r0,0x8000
++ srlg %r0,%r0,0(%r5)
++ ng %r0,48(%r1) # check kmc capability vector
+ jz .Lekey_internal
+
+ lmg %r0,%r1,0($inp) # just copy 128 bits...
+@@ -1444,13 +1447,10 @@ $code.=<<___ if (0); ######### kmctr code was measured to be ~12% slower
+
+ llgfr $s0,%r0
+ lgr $s1,%r1
+- lghi %r0,0
+- la %r1,16($sp)
+- .long 0xb92d2042 # kmctr %r4,%r2,%r2
+-
++ larl %r1,OPENSSL_s390xcap_P
+ llihh %r0,0x8000 # check if kmctr supports the function code
+ srlg %r0,%r0,0($s0)
+- ng %r0,16($sp)
++ ng %r0,64(%r1) # check kmctr capability vector
+ lgr %r0,$s0
+ lgr %r1,$s1
+ jz .Lctr32_km_loop
+@@ -1597,12 +1597,10 @@ $code.=<<___ if(1);
+ llgfr $s0,%r0 # put aside the function code
+ lghi $s1,0x7f
+ nr $s1,%r0
+- lghi %r0,0 # query capability vector
+- la %r1,$tweak-16($sp)
+- .long 0xb92e0042 # km %r4,%r2
+- llihh %r1,0x8000
+- srlg %r1,%r1,32($s1) # check for 32+function code
+- ng %r1,$tweak-16($sp)
++ larl %r1,OPENSSL_s390xcap_P
++ llihh %r0,0x8000
++ srlg %r0,%r0,32($s1) # check for 32+function code
++ ng %r0,32(%r1) # check km capability vector
+ lgr %r0,$s0 # restore the function code
+ la %r1,0($key1) # restore $key1
+ jz .Lxts_km_vanilla
+@@ -2229,7 +2227,7 @@ ___
+ }
+ $code.=<<___;
+ .string "AES for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+-.comm OPENSSL_s390xcap_P,16,8
++.comm OPENSSL_s390xcap_P,80,8
+ ___
+
+ $code =~ s/\`([^\`]*)\`/eval $1/gem;
+diff --git a/crypto/aes/asm/aes-sparcv9.pl b/crypto/aes/asm/aes-sparcv9.pl
+index 9eb0c3d..883fae8 100755
+--- a/crypto/aes/asm/aes-sparcv9.pl
++++ b/crypto/aes/asm/aes-sparcv9.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/aes/asm/aes-x86_64.pl b/crypto/aes/asm/aes-x86_64.pl
+index e95593e..aef440f 100755
+--- a/crypto/aes/asm/aes-x86_64.pl
++++ b/crypto/aes/asm/aes-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/aes/asm/aesfx-sparcv9.pl b/crypto/aes/asm/aesfx-sparcv9.pl
+new file mode 100755
+index 0000000..1483a68
+--- /dev/null
++++ b/crypto/aes/asm/aesfx-sparcv9.pl
+@@ -0,0 +1,442 @@
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++#
++# ====================================================================
++# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
++# project. The module is, however, dual licensed under OpenSSL and
++# CRYPTOGAMS licenses depending on where you obtain it. For further
++# details see http://www.openssl.org/~appro/cryptogams/.
++# ====================================================================
++
++# March 2016
++#
++# Initial support for Fujitsu SPARC64 X/X+ comprises minimally
++# required key setup and single-block procedures.
++
++$output = pop;
++open STDOUT,">$output";
++
++{
++my ($inp,$out,$key,$rounds,$tmp,$mask) = map("%o$_",(0..5));
++
++$code.=<<___;
++.text
++
++.globl aes_fx_encrypt
++.align 32
++aes_fx_encrypt:
++ and $inp, 7, $tmp ! is input aligned?
++ alignaddr $inp, %g0, $inp
++ ld [$key + 240], $rounds
++ ldd [$key + 0], %f6
++ ldd [$key + 8], %f8
++
++ ldd [$inp + 0], %f0 ! load input
++ brz,pt $tmp, .Lenc_inp_aligned
++ ldd [$inp + 8], %f2
++
++ ldd [$inp + 16], %f4
++ faligndata %f0, %f2, %f0
++ faligndata %f2, %f4, %f2
++
++.Lenc_inp_aligned:
++ ldd [$key + 16], %f10
++ ldd [$key + 24], %f12
++ add $key, 32, $key
++
++ fxor %f0, %f6, %f0 ! ^=round[0]
++ fxor %f2, %f8, %f2
++ ldd [$key + 0], %f6
++ ldd [$key + 8], %f8
++ sub $rounds, 4, $rounds
++
++.Loop_enc:
++ fmovd %f0, %f4
++ faesencx %f2, %f10, %f0
++ faesencx %f4, %f12, %f2
++ ldd [$key + 16], %f10
++ ldd [$key + 24], %f12
++ add $key, 32, $key
++
++ fmovd %f0, %f4
++ faesencx %f2, %f6, %f0
++ faesencx %f4, %f8, %f2
++ ldd [$key + 0], %f6
++ ldd [$key + 8], %f8
++
++ brnz,a $rounds, .Loop_enc
++ sub $rounds, 2, $rounds
++
++ andcc $out, 7, $tmp ! is output aligned?
++ mov 0xff, $mask
++ alignaddrl $out, %g0, $out
++ srl $mask, $tmp, $mask
++
++ fmovd %f0, %f4
++ faesencx %f2, %f10, %f0
++ faesencx %f4, %f12, %f2
++ fmovd %f0, %f4
++ faesenclx %f2, %f6, %f0
++ faesenclx %f4, %f8, %f2
++
++ bnz,pn %icc, .Lenc_out_unaligned
++ nop
++
++ std %f0, [$out + 0]
++ retl
++ std %f2, [$out + 8]
++
++.Lenc_out_unaligned:
++ faligndata %f0, %f0, %f4
++ faligndata %f0, %f2, %f6
++ faligndata %f2, %f2, %f8
++
++ stda %f4, [$out + $mask]0xc0 ! partial store
++ std %f6, [$out + 8]
++ add $out, 16, $out
++ orn %g0, $mask, $mask
++ retl
++ stda %f8, [$out + $mask]0xc0 ! partial store
++.size aes_fx_encrypt,.-aes_fx_encrypt
++
++.globl aes_fx_decrypt
++.align 32
++aes_fx_decrypt:
++ and $inp, 7, $tmp ! is input aligned?
++ alignaddr $inp, %g0, $inp
++ ld [$key + 240], $rounds
++ ldd [$key + 0], %f6
++ ldd [$key + 8], %f8
++
++ ldd [$inp + 0], %f0 ! load input
++ brz,pt $tmp, .Ldec_inp_aligned
++ ldd [$inp + 8], %f2
++
++ ldd [$inp + 16], %f4
++ faligndata %f0, %f2, %f0
++ faligndata %f2, %f4, %f2
++
++.Ldec_inp_aligned:
++ ldd [$key + 16], %f10
++ ldd [$key + 24], %f12
++ add $key, 32, $key
++
++ fxor %f0, %f6, %f0 ! ^=round[0]
++ fxor %f2, %f8, %f2
++ ldd [$key + 0], %f6
++ ldd [$key + 8], %f8
++ sub $rounds, 4, $rounds
++
++.Loop_dec:
++ fmovd %f0, %f4
++ faesdecx %f2, %f10, %f0
++ faesdecx %f4, %f12, %f2
++ ldd [$key + 16], %f10
++ ldd [$key + 24], %f12
++ add $key, 32, $key
++
++ fmovd %f0, %f4
++ faesdecx %f2, %f6, %f0
++ faesdecx %f4, %f8, %f2
++ ldd [$key + 0], %f6
++ ldd [$key + 8], %f8
++
++ brnz,a $rounds, .Loop_dec
++ sub $rounds, 2, $rounds
++
++ andcc $out, 7, $tmp ! is output aligned?
++ mov 0xff, $mask
++ alignaddrl $out, %g0, $out
++ srl $mask, $tmp, $mask
++
++ fmovd %f0, %f4
++ faesdecx %f2, %f10, %f0
++ faesdecx %f4, %f12, %f2
++ fmovd %f0, %f4
++ faesdeclx %f2, %f6, %f0
++ faesdeclx %f4, %f8, %f2
++
++ bnz,pn %icc, .Ldec_out_unaligned
++ nop
++
++ std %f0, [$out + 0]
++ retl
++ std %f2, [$out + 8]
++
++.Ldec_out_unaligned:
++ faligndata %f0, %f0, %f4
++ faligndata %f0, %f2, %f6
++ faligndata %f2, %f2, %f8
++
++ stda %f4, [$out + $mask]0xc0 ! partial store
++ std %f6, [$out + 8]
++ add $out, 16, $out
++ orn %g0, $mask, $mask
++ retl
++ stda %f8, [$out + $mask]0xc0 ! partial store
++.size aes_fx_decrypt,.-aes_fx_decrypt
++___
++}
++{
++my ($inp,$bits,$out,$tmp,$inc) = map("%o$_",(0..5));
++$code.=<<___;
++.globl aes_fx_set_decrypt_key
++.align 32
++aes_fx_set_decrypt_key:
++ b .Lset_encrypt_key
++ mov -1, $inc
++ retl
++ nop
++.size aes_fx_set_decrypt_key,.-aes_fx_set_decrypt_key
++
++.globl aes_fx_set_encrypt_key
++.align 32
++aes_fx_set_encrypt_key:
++ mov 1, $inc
++.Lset_encrypt_key:
++ and $inp, 7, $tmp
++ alignaddr $inp, %g0, $inp
++ nop
++
++ cmp $bits, 192
++ ldd [$inp + 0], %f0
++ bl,pt %icc, .L128
++ ldd [$inp + 8], %f2
++
++ be,pt %icc, .L192
++ ldd [$inp + 16], %f4
++ brz,pt $tmp, .L256aligned
++ ldd [$inp + 24], %f6
++
++ ldd [$inp + 32], %f8
++ faligndata %f0, %f2, %f0
++ faligndata %f2, %f4, %f2
++ faligndata %f4, %f6, %f4
++ faligndata %f6, %f8, %f6
++
++.L256aligned:
++ mov 14, $bits
++ and $inc, `14*16`, $tmp
++ st $bits, [$out + 240] ! store rounds
++ add $out, $tmp, $out ! start or end of key schedule
++ sllx $inc, 4, $inc ! 16 or -16
++___
++for ($i=0; $i<6; $i++) {
++ $code.=<<___;
++ std %f0, [$out + 0]
++ faeskeyx %f6, `0x10+$i`, %f0
++ std %f2, [$out + 8]
++ add $out, $inc, $out
++ faeskeyx %f0, 0x00, %f2
++ std %f4, [$out + 0]
++ faeskeyx %f2, 0x01, %f4
++ std %f6, [$out + 8]
++ add $out, $inc, $out
++ faeskeyx %f4, 0x00, %f6
++___
++}
++$code.=<<___;
++ std %f0, [$out + 0]
++ faeskeyx %f6, `0x10+$i`, %f0
++ std %f2, [$out + 8]
++ add $out, $inc, $out
++ faeskeyx %f0, 0x00, %f2
++ std %f4,[$out+0]
++ std %f6,[$out+8]
++ add $out, $inc, $out
++ std %f0,[$out+0]
++ std %f2,[$out+8]
++ retl
++ xor %o0, %o0, %o0 ! return 0
++
++.align 16
++.L192:
++ brz,pt $tmp, .L192aligned
++ nop
++
++ ldd [$inp + 24], %f6
++ faligndata %f0, %f2, %f0
++ faligndata %f2, %f4, %f2
++ faligndata %f4, %f6, %f4
++
++.L192aligned:
++ mov 12, $bits
++ and $inc, `12*16`, $tmp
++ st $bits, [$out + 240] ! store rounds
++ add $out, $tmp, $out ! start or end of key schedule
++ sllx $inc, 4, $inc ! 16 or -16
++___
++for ($i=0; $i<8; $i+=2) {
++ $code.=<<___;
++ std %f0, [$out + 0]
++ faeskeyx %f4, `0x10+$i`, %f0
++ std %f2, [$out + 8]
++ add $out, $inc, $out
++ faeskeyx %f0, 0x00, %f2
++ std %f4, [$out + 0]
++ faeskeyx %f2, 0x00, %f4
++ std %f0, [$out + 8]
++ add $out, $inc, $out
++ faeskeyx %f4, `0x10+$i+1`, %f0
++ std %f2, [$out + 0]
++ faeskeyx %f0, 0x00, %f2
++ std %f4, [$out + 8]
++ add $out, $inc, $out
++___
++$code.=<<___ if ($i<6);
++ faeskeyx %f2, 0x00, %f4
++___
++}
++$code.=<<___;
++ std %f0, [$out + 0]
++ std %f2, [$out + 8]
++ retl
++ xor %o0, %o0, %o0 ! return 0
++
++.align 16
++.L128:
++ brz,pt $tmp, .L128aligned
++ nop
++
++ ldd [$inp + 16], %f4
++ faligndata %f0, %f2, %f0
++ faligndata %f2, %f4, %f2
++
++.L128aligned:
++ mov 10, $bits
++ and $inc, `10*16`, $tmp
++ st $bits, [$out + 240] ! store rounds
++ add $out, $tmp, $out ! start or end of key schedule
++ sllx $inc, 4, $inc ! 16 or -16
++___
++for ($i=0; $i<10; $i++) {
++ $code.=<<___;
++ std %f0, [$out + 0]
++ faeskeyx %f2, `0x10+$i`, %f0
++ std %f2, [$out + 8]
++ add $out, $inc, $out
++ faeskeyx %f0, 0x00, %f2
++___
++}
++$code.=<<___;
++ std %f0, [$out + 0]
++ std %f2, [$out + 8]
++ retl
++ xor %o0, %o0, %o0 ! return 0
++.size aes_fx_set_encrypt_key,.-aes_fx_set_encrypt_key
++___
++}
++
++# Purpose of these subroutines is to explicitly encode VIS instructions,
++# so that one can compile the module without having to specify VIS
++# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
++# Idea is to reserve for option to produce "universal" binary and let
++# programmer detect if current CPU is VIS capable at run-time.
++sub unvis {
++my ($mnemonic,$rs1,$rs2,$rd)=@_;
++my ($ref,$opf);
++my %visopf = ( "faligndata" => 0x048,
++ "bshuffle" => 0x04c,
++ "fxor" => 0x06c,
++ "fsrc2" => 0x078 );
++
++ $ref = "$mnemonic\t$rs1,$rs2,$rd";
++
++ if ($opf=$visopf{$mnemonic}) {
++ foreach ($rs1,$rs2,$rd) {
++ return $ref if (!/%f([0-9]{1,2})/);
++ $_=$1;
++ if ($1>=32) {
++ return $ref if ($1&1);
++ # re-encode for upper double register addressing
++ $_=($1|$1>>5)&31;
++ }
++ }
++
++ return sprintf ".word\t0x%08x !%s",
++ 0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
++ $ref;
++ } else {
++ return $ref;
++ }
++}
++
++sub unvis3 {
++my ($mnemonic,$rs1,$rs2,$rd)=@_;
++my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
++my ($ref,$opf);
++my %visopf = ( "alignaddr" => 0x018,
++ "bmask" => 0x019,
++ "alignaddrl" => 0x01a );
++
++ $ref = "$mnemonic\t$rs1,$rs2,$rd";
++
++ if ($opf=$visopf{$mnemonic}) {
++ foreach ($rs1,$rs2,$rd) {
++ return $ref if (!/%([goli])([0-9])/);
++ $_=$bias{$1}+$2;
++ }
++
++ return sprintf ".word\t0x%08x !%s",
++ 0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
++ $ref;
++ } else {
++ return $ref;
++ }
++}
++
++sub unfx {
++my ($mnemonic,$rs1,$rs2,$rd)=@_;
++my ($ref,$opf);
++my %aesopf = ( "faesencx" => 0x90,
++ "faesdecx" => 0x91,
++ "faesenclx" => 0x92,
++ "faesdeclx" => 0x93,
++ "faeskeyx" => 0x94 );
++
++ $ref = "$mnemonic\t$rs1,$rs2,$rd";
++
++ if (defined($opf=$aesopf{$mnemonic})) {
++ $rs2 = ($rs2 =~ /%f([0-6]*[02468])/) ? (($1|$1>>5)&31) : $rs2;
++ $rs2 = oct($rs2) if ($rs2 =~ /^0/);
++
++ foreach ($rs1,$rd) {
++ return $ref if (!/%f([0-9]{1,2})/);
++ $_=$1;
++ if ($1>=32) {
++ return $ref if ($1&1);
++ # re-encode for upper double register addressing
++ $_=($1|$1>>5)&31;
++ }
++ }
++
++ return sprintf ".word\t0x%08x !%s",
++ 2<<30|$rd<<25|0x36<<19|$rs1<<14|$opf<<5|$rs2,
++ $ref;
++ } else {
++ return $ref;
++ }
++}
++
++foreach (split("\n",$code)) {
++ s/\`([^\`]*)\`/eval $1/ge;
++
++ s/\b(faes[^x]{3,4}x)\s+(%f[0-9]{1,2}),\s*([%fx0-9]+),\s*(%f[0-9]{1,2})/
++ &unfx($1,$2,$3,$4,$5)
++ /ge or
++ s/\b([fb][^\s]*)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})/
++ &unvis($1,$2,$3,$4)
++ /ge or
++ s/\b(alignaddr[l]*)\s+(%[goli][0-7]),\s*(%[goli][0-7]),\s*(%[goli][0-7])/
++ &unvis3($1,$2,$3,$4)
++ /ge;
++ print $_,"\n";
++}
++
++close STDOUT;
+diff --git a/crypto/aes/asm/aesni-mb-x86_64.pl b/crypto/aes/asm/aesni-mb-x86_64.pl
+index d7ad788..b12e535 100644
+--- a/crypto/aes/asm/aesni-mb-x86_64.pl
++++ b/crypto/aes/asm/aesni-mb-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/aes/asm/aesni-sha1-x86_64.pl b/crypto/aes/asm/aesni-sha1-x86_64.pl
+index 4a746e9..873b2b3 100644
+--- a/crypto/aes/asm/aesni-sha1-x86_64.pl
++++ b/crypto/aes/asm/aesni-sha1-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/aes/asm/aesni-sha256-x86_64.pl b/crypto/aes/asm/aesni-sha256-x86_64.pl
+index 6d195a4..12e53e7 100644
+--- a/crypto/aes/asm/aesni-sha256-x86_64.pl
++++ b/crypto/aes/asm/aesni-sha256-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/aes/asm/aesni-x86.pl b/crypto/aes/asm/aesni-x86.pl
+index b85d0c4..ed1a47c 100644
+--- a/crypto/aes/asm/aesni-x86.pl
++++ b/crypto/aes/asm/aesni-x86.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/aes/asm/aesni-x86_64.pl b/crypto/aes/asm/aesni-x86_64.pl
+index 6e41a1a..7b68d5b 100644
+--- a/crypto/aes/asm/aesni-x86_64.pl
++++ b/crypto/aes/asm/aesni-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/aes/asm/aesp8-ppc.pl b/crypto/aes/asm/aesp8-ppc.pl
+index a1891cc..ad54204 100755
+--- a/crypto/aes/asm/aesp8-ppc.pl
++++ b/crypto/aes/asm/aesp8-ppc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/aes/asm/aest4-sparcv9.pl b/crypto/aes/asm/aest4-sparcv9.pl
+index 5b0159e..bf479c6 100644
+--- a/crypto/aes/asm/aest4-sparcv9.pl
++++ b/crypto/aes/asm/aest4-sparcv9.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by David S. Miller <davem at devemloft.net> and Andy Polyakov
+diff --git a/crypto/aes/asm/aesv8-armx.pl b/crypto/aes/asm/aesv8-armx.pl
+index 9844ca1..aa36ed2 100755
+--- a/crypto/aes/asm/aesv8-armx.pl
++++ b/crypto/aes/asm/aesv8-armx.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/aes/asm/bsaes-armv7.pl b/crypto/aes/asm/bsaes-armv7.pl
+index 58d0173..4ccdc82 100644
+--- a/crypto/aes/asm/bsaes-armv7.pl
++++ b/crypto/aes/asm/bsaes-armv7.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/aes/asm/bsaes-x86_64.pl b/crypto/aes/asm/bsaes-x86_64.pl
+index 3f7d33c..73d1b2e 100644
+--- a/crypto/aes/asm/bsaes-x86_64.pl
++++ b/crypto/aes/asm/bsaes-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ ###################################################################
+ ### AES-128 [originally in CTR mode] ###
+diff --git a/crypto/aes/asm/vpaes-armv8.pl b/crypto/aes/asm/vpaes-armv8.pl
+index f44c62a..776a9b7 100755
+--- a/crypto/aes/asm/vpaes-armv8.pl
++++ b/crypto/aes/asm/vpaes-armv8.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ ######################################################################
+ ## Constant-time SSSE3 AES core implementation.
+diff --git a/crypto/aes/asm/vpaes-ppc.pl b/crypto/aes/asm/vpaes-ppc.pl
+index 1759ae9..7f81209 100644
+--- a/crypto/aes/asm/vpaes-ppc.pl
++++ b/crypto/aes/asm/vpaes-ppc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ ######################################################################
+ ## Constant-time SSSE3 AES core implementation.
+diff --git a/crypto/aes/asm/vpaes-x86.pl b/crypto/aes/asm/vpaes-x86.pl
+index 4fcd561..47615c0 100644
+--- a/crypto/aes/asm/vpaes-x86.pl
++++ b/crypto/aes/asm/vpaes-x86.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ ######################################################################
+ ## Constant-time SSSE3 AES core implementation.
+diff --git a/crypto/aes/asm/vpaes-x86_64.pl b/crypto/aes/asm/vpaes-x86_64.pl
+index f2ef318..6039582 100644
+--- a/crypto/aes/asm/vpaes-x86_64.pl
++++ b/crypto/aes/asm/vpaes-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ ######################################################################
+ ## Constant-time SSSE3 AES core implementation.
+diff --git a/crypto/aes/build.info b/crypto/aes/build.info
+index 08c3afe..cf6cb5e 100644
+--- a/crypto/aes/build.info
++++ b/crypto/aes/build.info
+@@ -25,6 +25,8 @@ INCLUDE[aes-sparcv9.o]=..
+ GENERATE[aest4-sparcv9.S]=asm/aest4-sparcv9.pl $(PERLASM_SCHEME)
+ INCLUDE[aest4-sparcv9.o]=..
+ DEPEND[aest4-sparcv9.S]=../perlasm/sparcv9_modes.pl
++GENERATE[aesfx-sparcv9.S]=asm/aesfx-sparcv9.pl $(PERLASM_SCHEME)
++INCLUDE[aesfx-sparcv9.o]=..
+
+ GENERATE[aes-ppc.s]=asm/aes-ppc.pl $(PERLASM_SCHEME)
+ GENERATE[vpaes-ppc.s]=asm/vpaes-ppc.pl $(PERLASM_SCHEME)
+diff --git a/crypto/alphacpuid.pl b/crypto/alphacpuid.pl
+index 8af0f09..6c7fd4c 100644
+--- a/crypto/alphacpuid.pl
++++ b/crypto/alphacpuid.pl
+@@ -1,7 +1,14 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $output = pop;
+-open STDOUT,">$stdout";
++open STDOUT,">$output";
+
+ print <<'___';
+ .text
+@@ -127,6 +134,34 @@ OPENSSL_cleanse:
+ bne $17,.Little
+ .Ldone: ret ($26)
+ .end OPENSSL_cleanse
++
++.globl CRYPTO_memcmp
++.ent CRYPTO_memcmp
++CRYPTO_memcmp:
++ .frame $30,0,$26
++ .prologue 0
++ xor $0,$0,$0
++ beq $18,.Lno_data
++
++ xor $1,$1,$1
++ nop
++.Loop_cmp:
++ ldq_u $2,0($16)
++ subq $18,1,$18
++ ldq_u $3,0($17)
++ extbl $2,$16,$2
++ lda $16,1($16)
++ extbl $3,$17,$3
++ lda $17,1($17)
++ xor $3,$2,$2
++ or $2,$0,$0
++ bne $18,.Loop_cmp
++
++ subq $31,$0,$0
++ srl $0,63,$0
++.Lno_data:
++ ret ($26)
++.end CRYPTO_memcmp
+ ___
+ {
+ my ($out,$cnt,$max)=("\$16","\$17","\$18");
+diff --git a/crypto/arm64cpuid.pl b/crypto/arm64cpuid.pl
+index bfec664..caa3387 100755
+--- a/crypto/arm64cpuid.pl
++++ b/crypto/arm64cpuid.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $flavour = shift;
+ $output = shift;
+@@ -62,6 +69,57 @@ _armv8_pmull_probe:
+ pmull v0.1q, v0.1d, v0.1d
+ ret
+ .size _armv8_pmull_probe,.-_armv8_pmull_probe
++
++.globl OPENSSL_cleanse
++.type OPENSSL_cleanse,%function
++.align 5
++OPENSSL_cleanse:
++ cbz x1,.Lret // len==0?
++ cmp x1,#15
++ b.hi .Lot // len>15
++ nop
++.Little:
++ strb wzr,[x0],#1 // store byte-by-byte
++ subs x1,x1,#1
++ b.ne .Little
++.Lret: ret
++
++.align 4
++.Lot: tst x0,#7
++ b.eq .Laligned // inp is aligned
++ strb wzr,[x0],#1 // store byte-by-byte
++ sub x1,x1,#1
++ b .Lot
++
++.align 4
++.Laligned:
++ str xzr,[x0],#8 // store word-by-word
++ sub x1,x1,#8
++ tst x1,#-8
++ b.ne .Laligned // len>=8
++ cbnz x1,.Little // len!=0?
++ ret
++.size OPENSSL_cleanse,.-OPENSSL_cleanse
++
++.globl CRYPTO_memcmp
++.type CRYPTO_memcmp,%function
++.align 4
++CRYPTO_memcmp:
++ eor w3,w3,w3
++ cbz x2,.Lno_data // len==0?
++.Loop_cmp:
++ ldrb w4,[x0],#1
++ ldrb w5,[x1],#1
++ eor w4,w4,w5
++ orr w3,w3,w4
++ subs x2,x2,#1
++ b.ne .Loop_cmp
++
++.Lno_data:
++ neg w0,w3
++ lsr w0,w0,#31
++ ret
++.size CRYPTO_memcmp,.-CRYPTO_memcmp
+ ___
+
+ print $code;
+diff --git a/crypto/arm_arch.h b/crypto/arm_arch.h
+index 31dbd3a..3fc9e69 100644
+--- a/crypto/arm_arch.h
++++ b/crypto/arm_arch.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #ifndef __ARM_ARCH_H__
+ # define __ARM_ARCH_H__
+
+diff --git a/crypto/armcap.c b/crypto/armcap.c
+index 1afbc9f..4215766 100644
+--- a/crypto/armcap.c
++++ b/crypto/armcap.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+diff --git a/crypto/armv4cpuid.pl b/crypto/armv4cpuid.pl
+index c669623..33c893d 100644
+--- a/crypto/armv4cpuid.pl
++++ b/crypto/armv4cpuid.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $flavour = shift;
+ $output = shift;
+@@ -98,6 +105,36 @@ OPENSSL_cleanse:
+ #endif
+ .size OPENSSL_cleanse,.-OPENSSL_cleanse
+
++.global CRYPTO_memcmp
++.type CRYPTO_memcmp,%function
++.align 4
++CRYPTO_memcmp:
++ eor ip,ip,ip
++ cmp r2,#0
++ beq .Lno_data
++ stmdb sp!,{r4,r5}
++
++.Loop_cmp:
++ ldrb r4,[r0],#1
++ ldrb r5,[r1],#1
++ eor r4,r4,r5
++ orr ip,ip,r4
++ subs r2,r2,#1
++ bne .Loop_cmp
++
++ ldmia sp!,{r4,r5}
++.Lno_data:
++ neg r0,ip
++ mov r0,r0,lsr#31
++#if __ARM_ARCH__>=5
++ bx lr
++#else
++ tst lr,#1
++ moveq pc,lr
++ .word 0xe12fff1e @ bx lr
++#endif
++.size CRYPTO_memcmp,.-CRYPTO_memcmp
++
+ #if __ARM_MAX_ARCH__>=7
+ .arch armv7-a
+ .fpu neon
+diff --git a/crypto/asn1/Makefile.in b/crypto/asn1/Makefile.in
+deleted file mode 100644
+index 282bd45..0000000
+--- a/crypto/asn1/Makefile.in
++++ /dev/null
+@@ -1,78 +0,0 @@
+-#
+-# OpenSSL/crypto/asn1/Makefile
+-#
+-
+-DIR= asn1
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile README
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
+- a_print.c a_type.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+- a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
+- x_algor.c x_val.c x_sig.c x_bignum.c \
+- x_long.c x_info.c x_spki.c nsseq.c \
+- d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
+- t_pkey.c t_spki.c t_bitst.c \
+- tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
+- tasn_prn.c tasn_scn.c ameth_lib.c \
+- f_int.c f_string.c n_pkey.c \
+- x_pkey.c bio_asn1.c bio_ndef.c asn_mime.c \
+- asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_strnid.c \
+- evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p5_scrypt.c p8_pkey.c \
+- asn_moid.c asn_mstbl.c
+-LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
+- a_print.o a_type.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+- a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
+- x_algor.o x_val.o x_sig.o x_bignum.o \
+- x_long.o x_info.o x_spki.o nsseq.o \
+- d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
+- t_pkey.o t_spki.o t_bitst.o \
+- tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
+- tasn_prn.o tasn_scn.o ameth_lib.o \
+- f_int.o f_string.o n_pkey.o \
+- x_pkey.o bio_asn1.o bio_ndef.o asn_mime.o \
+- asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_strnid.o \
+- evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p5_scrypt.o p8_pkey.o \
+- asn_moid.o asn_mstbl.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= asn1_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-test: test.c
+- cc -g -I../../include -c test.c
+- cc -g -I../../include -o test test.o -L../.. -lcrypto
+-
+-pk: pk.c
+- cc -g -I../../include -c pk.c
+- cc -g -I../../include -o pk pk.o -L../.. -lcrypto
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
+index 00b0854..33be907 100644
+--- a/crypto/asn1/a_bitstr.c
++++ b/crypto/asn1/a_bitstr.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -114,10 +66,11 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
+
+ *(p++) = (unsigned char)bits;
+ d = a->data;
+- memcpy(p, d, len);
+- p += len;
+- if (len > 0)
++ if (len > 0) {
++ memcpy(p, d, len);
++ p += len;
+ p[-1] &= (0xff << bits);
++ }
+ *pp = p;
+ return (ret);
+ }
+diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c
+index 5ba6e1d..9676ab7 100644
+--- a/crypto/asn1/a_d2i_fp.c
++++ b/crypto/asn1/a_d2i_fp.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -138,6 +90,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
+ #endif
+
+ #define HEADER_SIZE 8
++#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024)
+ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
+ {
+ BUF_MEM *b;
+@@ -216,29 +169,44 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
+ /* suck in slen bytes of data */
+ want = slen;
+ if (want > (len - off)) {
++ size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE;
++
+ want -= (len - off);
+ if (want > INT_MAX /* BIO_read takes an int length */ ||
+ len + want < len) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
+ goto err;
+ }
+- if (!BUF_MEM_grow_clean(b, len + want)) {
+- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
+- goto err;
+- }
+ while (want > 0) {
+- i = BIO_read(in, &(b->data[len]), want);
+- if (i <= 0) {
+- ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
+- ASN1_R_NOT_ENOUGH_DATA);
++ /*
++ * Read content in chunks of increasing size
++ * so we can return an error for EOF without
++ * having to allocate the entire content length
++ * in one go.
++ */
++ size_t chunk = want > chunk_max ? chunk_max : want;
++
++ if (!BUF_MEM_grow_clean(b, len + chunk)) {
++ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
++ want -= chunk;
++ while (chunk > 0) {
++ i = BIO_read(in, &(b->data[len]), chunk);
++ if (i <= 0) {
++ ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
++ ASN1_R_NOT_ENOUGH_DATA);
++ goto err;
++ }
+ /*
+ * This can't overflow because |len+want| didn't
+ * overflow.
+ */
+- len += i;
+- want -= i;
++ len += i;
++ chunk -= i;
++ }
++ if (chunk_max < INT_MAX/2)
++ chunk_max *= 2;
+ }
+ }
+ if (off + slen < off) {
+diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c
+index a2c837c..2f9b63b 100644
+--- a/crypto/asn1/a_digest.c
++++ b/crypto/asn1/a_digest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c
+index 569fcee..d9a57b2 100644
+--- a/crypto/asn1/a_dup.c
++++ b/crypto/asn1/a_dup.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
+index 7ba5e52..2f60d6c 100644
+--- a/crypto/asn1/a_gentm.c
++++ b/crypto/asn1/a_gentm.c
+@@ -1,62 +1,14 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+- * GENERALIZEDTIME implementation, written by Steve Henson. Based on UTCTIME
++ * GENERALIZEDTIME implementation. Based on UTCTIME
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c
+index 68eedc4..1514ede 100644
+--- a/crypto/asn1/a_i2d_fp.c
++++ b/crypto/asn1/a_i2d_fp.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
+index ec623f7..9c28c02 100644
+--- a/crypto/asn1/a_int.c
++++ b/crypto/asn1/a_int.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -249,18 +201,18 @@ static size_t c2i_ibuf(unsigned char *b, int *pneg,
+ /* Must be negative: calculate twos complement */
+ if (b) {
+ const unsigned char *from = p + plen - 1 + pad;
+- unsigned char *to = b + plen - 1;
++ unsigned char *to = b + plen;
+ i = plen;
+ while (*from == 0 && i) {
+- *to-- = 0;
++ *--to = 0;
+ i--;
+ from--;
+ }
+- *to-- = (*from-- ^ 0xff) + 1;
++ *--to = (*from-- ^ 0xff) + 1;
+ OPENSSL_assert(i != 0);
+ i--;
+ for (; i > 0; i--)
+- *to-- = *from-- ^ 0xff;
++ *--to = *from-- ^ 0xff;
+ }
+ return plen;
+ }
+diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c
+index 8c38e19..5578e92 100644
+--- a/crypto/asn1/a_mbstr.c
++++ b/crypto/asn1/a_mbstr.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
+index 5d3ebd6..4cca7a0 100644
+--- a/crypto/asn1/a_object.c
++++ b/crypto/asn1/a_object.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c
+index 7b5bf6f..2e1205c 100644
+--- a/crypto/asn1/a_octet.c
++++ b/crypto/asn1/a_octet.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c
+index 9c70891..1aafe7c 100644
+--- a/crypto/asn1/a_print.c
++++ b/crypto/asn1/a_print.c
+@@ -1,61 +1,14 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
++#include <ctype.h>
+ #include "internal/cryptlib.h"
+ #include <openssl/asn1.h>
+
+diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
+index 616f979..7e21a5e 100644
+--- a/crypto/asn1/a_sign.c
++++ b/crypto/asn1/a_sign.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
+index 977f523..59d5121 100644
+--- a/crypto/asn1/a_strex.c
++++ b/crypto/asn1/a_strex.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -74,6 +25,7 @@
+ #define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
+
+ #define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
++ ASN1_STRFLGS_ESC_2254 | \
+ ASN1_STRFLGS_ESC_QUOTE | \
+ ASN1_STRFLGS_ESC_CTRL | \
+ ASN1_STRFLGS_ESC_MSB)
+@@ -113,7 +65,8 @@ typedef int char_io (void *arg, const void *buf, int len);
+ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
+ char_io *io_ch, void *arg)
+ {
+- unsigned char chflgs, chtmp;
++ unsigned short chflgs;
++ unsigned char chtmp;
+ char tmphex[HEX_SIZE(long) + 3];
+
+ if (c > 0xffffffffL)
+@@ -150,7 +103,9 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
+ return -1;
+ return 2;
+ }
+- if (chflgs & (ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB)) {
++ if (chflgs & (ASN1_STRFLGS_ESC_CTRL
++ | ASN1_STRFLGS_ESC_MSB
++ | ASN1_STRFLGS_ESC_2254)) {
+ BIO_snprintf(tmphex, 11, "\\%02X", chtmp);
+ if (!io_ch(arg, tmphex, 3))
+ return -1;
+@@ -180,11 +135,12 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
+ */
+
+ static int do_buf(unsigned char *buf, int buflen,
+- int type, unsigned char flags, char *quotes, char_io *io_ch,
++ int type, unsigned short flags, char *quotes, char_io *io_ch,
+ void *arg)
+ {
+ int i, outlen, len;
+- unsigned char orflags, *p, *q;
++ unsigned short orflags;
++ unsigned char *p, *q;
+ unsigned long c;
+ p = buf;
+ q = buf + buflen;
+@@ -234,7 +190,7 @@ static int do_buf(unsigned char *buf, int buflen,
+ * character will never be escaped on first and last.
+ */
+ len =
+- do_esc_char(utfbuf[i], (unsigned char)(flags | orflags),
++ do_esc_char(utfbuf[i], (unsigned short)(flags | orflags),
+ quotes, io_ch, arg);
+ if (len < 0)
+ return -1;
+@@ -242,7 +198,7 @@ static int do_buf(unsigned char *buf, int buflen,
+ }
+ } else {
+ len =
+- do_esc_char(c, (unsigned char)(flags | orflags), quotes,
++ do_esc_char(c, (unsigned short)(flags | orflags), quotes,
+ io_ch, arg);
+ if (len < 0)
+ return -1;
+@@ -344,10 +300,10 @@ static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags,
+ int outlen, len;
+ int type;
+ char quotes;
+- unsigned char flags;
++ unsigned short flags;
+ quotes = 0;
+ /* Keep a copy of escape flags */
+- flags = (unsigned char)(lflags & ESC_FLAGS);
++ flags = (unsigned short)(lflags & ESC_FLAGS);
+
+ type = str->type;
+
+diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c
+index 79748bf..118e0cb 100644
+--- a/crypto/asn1/a_strnid.c
++++ b/crypto/asn1/a_strnid.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -167,6 +118,10 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
+ #define ub_email_address 128
+ #define ub_serial_number 64
+
++/* From RFC4524 */
++
++#define ub_rfc822_mailbox 256
++
+ /* This table must be kept in NID order */
+
+ static const ASN1_STRING_TABLE tbl_standard[] = {
+@@ -192,6 +147,8 @@ static const ASN1_STRING_TABLE tbl_standard[] = {
+ {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
+ {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
+ {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
++ {NID_rfc822Mailbox, 1, ub_rfc822_mailbox, B_ASN1_IA5STRING,
++ STABLE_NO_MASK},
+ {NID_INN, 1, 12, B_ASN1_NUMERICSTRING, STABLE_NO_MASK},
+ {NID_OGRN, 1, 13, B_ASN1_NUMERICSTRING, STABLE_NO_MASK},
+ {NID_SNILS, 1, 11, B_ASN1_NUMERICSTRING, STABLE_NO_MASK}
+diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c
+index ef429da..3f82c2b 100644
+--- a/crypto/asn1/a_time.c
++++ b/crypto/asn1/a_time.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*-
+@@ -57,7 +12,6 @@
+ * Time ::= CHOICE {
+ * utcTime UTCTime,
+ * generalTime GeneralizedTime }
+- * written by Steve Henson.
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c
+index 8dea2e0..8547513 100644
+--- a/crypto/asn1/a_type.c
++++ b/crypto/asn1/a_type.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -122,9 +74,7 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
+ result = 0; /* They do not have content. */
+ break;
+ case V_ASN1_INTEGER:
+- case V_ASN1_NEG_INTEGER:
+ case V_ASN1_ENUMERATED:
+- case V_ASN1_NEG_ENUMERATED:
+ case V_ASN1_BIT_STRING:
+ case V_ASN1_OCTET_STRING:
+ case V_ASN1_SEQUENCE:
+diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
+index 432125b..eadc31a 100644
+--- a/crypto/asn1/a_utctm.c
++++ b/crypto/asn1/a_utctm.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_utf8.c b/crypto/asn1/a_utf8.c
+index 64e983e..e2dc09f 100644
+--- a/crypto/asn1/a_utf8.c
++++ b/crypto/asn1/a_utf8.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
+index 211689b..00ab136 100644
+--- a/crypto/asn1/a_verify.c
++++ b/crypto/asn1/a_verify.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c
+index a0c6320..577e205 100644
+--- a/crypto/asn1/ameth_lib.c
++++ b/crypto/asn1/ameth_lib.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
+index 465b263..a363fdb 100644
+--- a/crypto/asn1/asn1_err.c
++++ b/crypto/asn1/asn1_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -70,14 +20,12 @@
+
+ static ERR_STRING_DATA ASN1_str_functs[] = {
+ {ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT), "a2d_ASN1_OBJECT"},
+- {ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"},
+ {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"},
+ {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"},
+ {ERR_FUNC(ASN1_F_APPEND_EXP), "append_exp"},
+ {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"},
+ {ERR_FUNC(ASN1_F_ASN1_CB), "asn1_cb"},
+ {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "asn1_check_tlen"},
+- {ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"},
+ {ERR_FUNC(ASN1_F_ASN1_COLLECT), "asn1_collect"},
+ {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "asn1_d2i_ex_primitive"},
+ {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"},
+@@ -85,21 +33,15 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
+ {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"},
+ {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "asn1_do_adb"},
+ {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"},
+- {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"},
+- {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"},
+ {ERR_FUNC(ASN1_F_ASN1_EX_C2I), "asn1_ex_c2i"},
+ {ERR_FUNC(ASN1_F_ASN1_FIND_END), "asn1_find_end"},
+ {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"},
+- {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"},
+ {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"},
+ {ERR_FUNC(ASN1_F_ASN1_GET_INT64), "asn1_get_int64"},
+ {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
+ {ERR_FUNC(ASN1_F_ASN1_GET_UINT64), "asn1_get_uint64"},
+- {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"},
+ {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
+ {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
+- {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"},
+- {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"},
+ {ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"},
+ {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"},
+ {ERR_FUNC(ASN1_F_ASN1_ITEM_EMBED_D2I), "asn1_item_embed_d2i"},
+@@ -114,12 +56,8 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
+ {ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"},
+ {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"},
+ {ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "asn1_output_data"},
+- {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"},
+ {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"},
+- {ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"},
+ {ERR_FUNC(ASN1_F_ASN1_SCTX_NEW), "ASN1_SCTX_new"},
+- {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"},
+- {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"},
+ {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"},
+ {ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "asn1_str2type"},
+ {ERR_FUNC(ASN1_F_ASN1_STRING_GET_INT64), "asn1_string_get_int64"},
+@@ -132,49 +70,28 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
+ {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "asn1_template_new"},
+ {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "asn1_template_noexp_d2i"},
+ {ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"},
+- {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
+ {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING),
+ "ASN1_TYPE_get_int_octetstring"},
+ {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
+- {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
+ {ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"},
+- {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"},
+ {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"},
+ {ERR_FUNC(ASN1_F_B64_READ_ASN1), "b64_read_asn1"},
+ {ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_write_ASN1"},
+ {ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"},
+ {ERR_FUNC(ASN1_F_BITSTR_CB), "bitstr_cb"},
+- {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"},
+- {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"},
+ {ERR_FUNC(ASN1_F_BN_TO_ASN1_STRING), "bn_to_asn1_string"},
+ {ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"},
+ {ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"},
+ {ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"},
+ {ERR_FUNC(ASN1_F_C2I_IBUF), "c2i_ibuf"},
+ {ERR_FUNC(ASN1_F_COLLECT_DATA), "collect_data"},
+- {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"},
+- {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"},
+- {ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"},
+- {ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"},
+- {ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "D2I_ASN1_HEADER"},
+- {ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"},
+ {ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"},
+- {ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"},
+- {ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"},
+ {ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"},
+- {ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"},
+ {ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
+- {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"},
+- {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"},
+ {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
+ {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
+- {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
+- {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
+- {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
+ {ERR_FUNC(ASN1_F_DO_TCREATE), "do_tcreate"},
+ {ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
+- {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
+- {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
+ {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
+ {ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"},
+ {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},
+@@ -192,13 +109,11 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
+ {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
+ {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
+ {ERR_FUNC(ASN1_F_STBL_MODULE_INIT), "stbl_module_init"},
+- {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
+ {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
+ {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
+ {ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "x509_name_encode"},
+ {ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "x509_name_ex_d2i"},
+ {ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "x509_name_ex_new"},
+- {ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"},
+ {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"},
+ {0, NULL}
+ };
+@@ -208,10 +123,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
+ {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR), "asn1 parse error"},
+ {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR), "asn1 sig parse error"},
+ {ERR_REASON(ASN1_R_AUX_ERROR), "aux error"},
+- {ERR_REASON(ASN1_R_BAD_CLASS), "bad class"},
+ {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
+- {ERR_REASON(ASN1_R_BAD_PASSWORD_READ), "bad password read"},
+- {ERR_REASON(ASN1_R_BAD_TAG), "bad tag"},
+ {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
+ "bmpstring is wrong length"},
+ {ERR_REASON(ASN1_R_BN_LIB), "bn lib"},
+@@ -222,21 +134,16 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
+ {ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"},
+ {ERR_REASON(ASN1_R_DATA_IS_WRONG), "data is wrong"},
+ {ERR_REASON(ASN1_R_DECODE_ERROR), "decode error"},
+- {ERR_REASON(ASN1_R_DECODING_ERROR), "decoding error"},
+ {ERR_REASON(ASN1_R_DEPTH_EXCEEDED), "depth exceeded"},
+ {ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED),
+ "digest and key type not supported"},
+ {ERR_REASON(ASN1_R_ENCODE_ERROR), "encode error"},
+ {ERR_REASON(ASN1_R_ERROR_GETTING_TIME), "error getting time"},
+ {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"},
+- {ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT),
+- "error parsing set element"},
+ {ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS),
+ "error setting cipher params"},
+ {ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER), "expecting an integer"},
+ {ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT), "expecting an object"},
+- {ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN), "expecting a boolean"},
+- {ERR_REASON(ASN1_R_EXPECTING_A_TIME), "expecting a time"},
+ {ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH), "explicit length mismatch"},
+ {ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED),
+ "explicit tag not constructed"},
+@@ -278,13 +185,10 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
+ {ERR_REASON(ASN1_R_INVALID_SEPARATOR), "invalid separator"},
+ {ERR_REASON(ASN1_R_INVALID_STRING_TABLE_VALUE),
+ "invalid string table value"},
+- {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT), "invalid time format"},
+ {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),
+ "invalid universalstring length"},
+ {ERR_REASON(ASN1_R_INVALID_UTF8STRING), "invalid utf8string"},
+ {ERR_REASON(ASN1_R_INVALID_VALUE), "invalid value"},
+- {ERR_REASON(ASN1_R_IV_TOO_LARGE), "iv too large"},
+- {ERR_REASON(ASN1_R_LENGTH_ERROR), "length error"},
+ {ERR_REASON(ASN1_R_LIST_ERROR), "list error"},
+ {ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
+ {ERR_REASON(ASN1_R_MIME_PARSE_ERROR), "mime parse error"},
+@@ -299,7 +203,6 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
+ {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
+ {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
+ {ERR_REASON(ASN1_R_NO_CONTENT_TYPE), "no content type"},
+- {ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST), "no default digest"},
+ {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"},
+ {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),
+ "no multipart body failure"},
+@@ -308,8 +211,6 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
+ {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH), "null is wrong length"},
+ {ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT), "object not ascii format"},
+ {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS), "odd number of chars"},
+- {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),
+- "private key header missing"},
+ {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE), "second number too large"},
+ {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH), "sequence length mismatch"},
+ {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED), "sequence not constructed"},
+@@ -320,7 +221,6 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
+ {ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED), "streaming not supported"},
+ {ERR_REASON(ASN1_R_STRING_TOO_LONG), "string too long"},
+ {ERR_REASON(ASN1_R_STRING_TOO_SHORT), "string too short"},
+- {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH), "tag value too high"},
+ {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
+ "the asn1 object identifier is not known for this md"},
+ {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"},
+@@ -329,9 +229,6 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
+ {ERR_REASON(ASN1_R_TOO_SMALL), "too small"},
+ {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED), "type not constructed"},
+ {ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE), "type not primitive"},
+- {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"},
+- {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),
+- "unable to decode rsa private key"},
+ {ERR_REASON(ASN1_R_UNEXPECTED_EOC), "unexpected eoc"},
+ {ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),
+ "universalstring is wrong length"},
+@@ -345,16 +242,12 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
+ {ERR_REASON(ASN1_R_UNKNOWN_TAG), "unknown tag"},
+ {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),
+ "unsupported any defined by type"},
+- {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+- {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),
+- "unsupported encryption algorithm"},
+ {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
+ "unsupported public key type"},
+ {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE), "unsupported type"},
+ {ERR_REASON(ASN1_R_WRONG_INTEGER_TYPE), "wrong integer type"},
+ {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
+ {ERR_REASON(ASN1_R_WRONG_TAG), "wrong tag"},
+- {ERR_REASON(ASN1_R_WRONG_TYPE), "wrong type"},
+ {0, NULL}
+ };
+
+diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c
+index 59a99ed..a2e1c64 100644
+--- a/crypto/asn1/asn1_gen.c
++++ b/crypto/asn1/asn1_gen.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
+index 938984d..aecb4ad 100644
+--- a/crypto/asn1/asn1_lib.c
++++ b/crypto/asn1/asn1_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_locl.h
+index ea3d20a..56c9954 100644
+--- a/crypto/asn1/asn1_locl.h
++++ b/crypto/asn1/asn1_locl.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Internal ASN1 structures and functions: not for application use */
+diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
+index e412820..51da014 100644
+--- a/crypto/asn1/asn1_par.c
++++ b/crypto/asn1/asn1_par.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
+index 851fb91..a588fbd 100644
+--- a/crypto/asn1/asn_mime.c
++++ b/crypto/asn1/asn_mime.c
+@@ -1,55 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -187,7 +142,7 @@ static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
+ if (!val)
+ ASN1err(ASN1_F_B64_READ_ASN1, ASN1_R_DECODE_ERROR);
+ (void)BIO_flush(bio);
+- bio = BIO_pop(bio);
++ BIO_pop(bio);
+ BIO_free(b64);
+ return val;
+ }
+diff --git a/crypto/asn1/asn_moid.c b/crypto/asn1/asn_moid.c
+index a5c8601..9bffee6 100644
+--- a/crypto/asn1/asn_moid.c
++++ b/crypto/asn1/asn_moid.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Stephen Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/asn_mstbl.c b/crypto/asn1/asn_mstbl.c
+index f90b442..196dd56 100644
+--- a/crypto/asn1/asn_mstbl.c
++++ b/crypto/asn1/asn_mstbl.c
+@@ -1,55 +1,10 @@
+ /*
+- * Written by Stephen Henson (steve at openssl.org) for the OpenSSL project
+- * 2012.
+- */
+-/* ====================================================================
+- * Copyright (c) 2012 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c
+index 93b7b90..7c30202 100644
+--- a/crypto/asn1/asn_pack.c
++++ b/crypto/asn1/asn_pack.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/bio_asn1.c b/crypto/asn1/bio_asn1.c
+index 1657ac7..664b682 100644
+--- a/crypto/asn1/bio_asn1.c
++++ b/crypto/asn1/bio_asn1.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/asn1/bio_ndef.c b/crypto/asn1/bio_ndef.c
+index 9a6eaf6..beeda9f 100644
+--- a/crypto/asn1/bio_ndef.c
++++ b/crypto/asn1/bio_ndef.c
+@@ -1,55 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/asn1.h>
+@@ -119,7 +74,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
+ BIO_asn1_set_suffix(asn_bio, ndef_suffix, ndef_suffix_free);
+
+ /*
+- * Now let callback prepend any digest, cipher etc BIOs ASN1 structure
++ * Now let callback prepends any digest, cipher etc BIOs ASN1 structure
+ * needs.
+ */
+
+diff --git a/crypto/asn1/charmap.h b/crypto/asn1/charmap.h
+index 3305ad1..6e42f86 100644
+--- a/crypto/asn1/charmap.h
++++ b/crypto/asn1/charmap.h
+@@ -1,15 +1,26 @@
+ /*
+- * Auto generated with chartype.pl script. Mask of various character
+- * properties
++ * WARNING: do not edit!
++ * Generated by crypto/asn1/charmap.pl
++ *
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+-static const unsigned char char_type[] = {
+- 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+- 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+- 120, 0, 1, 40, 0, 0, 0, 16, 16, 16, 0, 25, 25, 16, 16, 16,
+- 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 9, 9, 16, 9, 16,
+- 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
+- 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 1, 0, 0, 0,
+- 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
+- 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 2
++/*
++ * Mask of various character properties
++ */
++
++static const unsigned short char_type[] = {
++ 1026, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
++ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
++ 120, 0, 1, 40, 0, 0, 0, 16, 1040, 1040, 1024, 25, 25, 16, 16, 16,
++ 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 9, 9, 16, 9, 16,
++ 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
++ 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 1025, 0, 0, 0,
++ 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
++ 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 2
+ };
+diff --git a/crypto/asn1/charmap.pl b/crypto/asn1/charmap.pl
+index 878504f..a3511da 100644
+--- a/crypto/asn1/charmap.pl
++++ b/crypto/asn1/charmap.pl
+@@ -1,7 +1,10 @@
+-#!/usr/local/bin/perl -w
+-
+-# Written by Dr Stephen N Henson (steve at openssl.org).
+-# Licensed under the terms of the OpenSSL license.
++#! /usr/bin/env perl
++# Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+
+@@ -18,6 +21,7 @@ my $NOESC_QUOTE = 8; # Not escaped if quoted
+ my $PSTRING_CHAR = 0x10; # Valid PrintableString character
+ my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character
+ my $RFC2253_LAST_ESC = 0x40; # Escaped with \ if last character
++my $RFC2254_ESC = 0x400; # Character escaped \XX
+
+ for($i = 0; $i < 128; $i++) {
+ # Set the RFC2253 escape characters (control)
+@@ -49,6 +53,14 @@ $arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC;
+ $arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC;
+ $arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC;
+
++# Remaining RFC2254 characters
++
++$arr[0] |= $RFC2254_ESC;
++$arr[ord("(")] |= $RFC2254_ESC;
++$arr[ord(")")] |= $RFC2254_ESC;
++$arr[ord("*")] |= $RFC2254_ESC;
++$arr[ord("\\")] |= $RFC2254_ESC;
++
+ # Remaining PrintableString characters
+
+ $arr[ord(" ")] |= $PSTRING_CHAR;
+@@ -67,17 +79,30 @@ $arr[ord("?")] |= $PSTRING_CHAR;
+ # Now generate the C code
+
+ print <<EOF;
+-/* Auto generated with chartype.pl script.
++/*
++ * WARNING: do not edit!
++ * Generated by crypto/asn1/charmap.pl
++ *
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Mask of various character properties
+ */
+
+-static const unsigned char char_type[] = {
++static const unsigned short char_type[] = {
+ EOF
+
++print " ";
+ for($i = 0; $i < 128; $i++) {
+- print("\n") if($i && (($i % 16) == 0));
+- printf("%2d", $arr[$i]);
++ print("\n ") if($i && (($i % 16) == 0));
++ printf(" %2d", $arr[$i]);
+ print(",") if ($i != 127);
+ }
+-print("\n};\n\n");
++print("\n};\n");
+
+diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
+index 85567ce..e311b90 100644
+--- a/crypto/asn1/d2i_pr.c
++++ b/crypto/asn1/d2i_pr.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -93,15 +45,17 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+ if (!ret->ameth->old_priv_decode ||
+ !ret->ameth->old_priv_decode(ret, &p, length)) {
+ if (ret->ameth->priv_decode) {
++ EVP_PKEY *tmp;
+ PKCS8_PRIV_KEY_INFO *p8 = NULL;
+ p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
+ if (!p8)
+ goto err;
+- EVP_PKEY_free(ret);
+- ret = EVP_PKCS82PKEY(p8);
++ tmp = EVP_PKCS82PKEY(p8);
+ PKCS8_PRIV_KEY_INFO_free(p8);
+- if (ret == NULL)
++ if (tmp == NULL)
+ goto err;
++ EVP_PKEY_free(ret);
++ ret = tmp;
+ } else {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
+ goto err;
+diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c
+index 3ebdb5d..dfdc1a6 100644
+--- a/crypto/asn1/d2i_pu.c
++++ b/crypto/asn1/d2i_pu.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c
+index 79e7121..f7416e5 100644
+--- a/crypto/asn1/evp_asn1.c
++++ b/crypto/asn1/evp_asn1.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c
+index 0feb7a1..15aece9 100644
+--- a/crypto/asn1/f_int.c
++++ b/crypto/asn1/f_int.c
+@@ -1,61 +1,14 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
++#include <ctype.h>
+ #include "internal/cryptlib.h"
+ #include <openssl/buffer.h>
+ #include <openssl/asn1.h>
+@@ -174,14 +127,8 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
+ }
+ for (j = 0; j < i; j++, k += 2) {
+ for (n = 0; n < 2; n++) {
+- m = bufp[k + n];
+- if ((m >= '0') && (m <= '9'))
+- m -= '0';
+- else if ((m >= 'a') && (m <= 'f'))
+- m = m - 'a' + 10;
+- else if ((m >= 'A') && (m <= 'F'))
+- m = m - 'A' + 10;
+- else {
++ m = OPENSSL_hexchar2int(bufp[k + n]);
++ if (m < 0) {
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER,
+ ASN1_R_NON_HEX_CHARACTERS);
+ goto err;
+diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c
+index 7d9eb14..f9a77a2 100644
+--- a/crypto/asn1/f_string.c
++++ b/crypto/asn1/f_string.c
+@@ -1,61 +1,14 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
++#include <ctype.h>
+ #include "internal/cryptlib.h"
+ #include <openssl/buffer.h>
+ #include <openssl/asn1.h>
+@@ -166,14 +119,8 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
+ }
+ for (j = 0; j < i; j++, k += 2) {
+ for (n = 0; n < 2; n++) {
+- m = bufp[k + n];
+- if ((m >= '0') && (m <= '9'))
+- m -= '0';
+- else if ((m >= 'a') && (m <= 'f'))
+- m = m - 'a' + 10;
+- else if ((m >= 'A') && (m <= 'F'))
+- m = m - 'A' + 10;
+- else {
++ m = OPENSSL_hexchar2int(bufp[k + n]);
++ if (m < 0) {
+ ASN1err(ASN1_F_A2I_ASN1_STRING,
+ ASN1_R_NON_HEX_CHARACTERS);
+ return 0;
+diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c
+index 7ca643f..445b0c8 100644
+--- a/crypto/asn1/i2d_pr.c
++++ b/crypto/asn1/i2d_pr.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -69,10 +21,13 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
+ }
+ if (a->ameth && a->ameth->priv_encode) {
+ PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
+- int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
+- PKCS8_PRIV_KEY_INFO_free(p8);
++ int ret = 0;
++ if (p8 != NULL) {
++ ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
++ PKCS8_PRIV_KEY_INFO_free(p8);
++ }
+ return ret;
+ }
+ ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+- return (-1);
++ return -1;
+ }
+diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c
+index c1504d8..8986c43 100644
+--- a/crypto/asn1/i2d_pu.c
++++ b/crypto/asn1/i2d_pu.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c
+index c7382bd..267ce60 100644
+--- a/crypto/asn1/n_pkey.c
++++ b/crypto/asn1/n_pkey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "openssl/opensslconf.h"
+diff --git a/crypto/asn1/nsseq.c b/crypto/asn1/nsseq.c
+index 550fc8e..c7baf40 100644
+--- a/crypto/asn1/nsseq.c
++++ b/crypto/asn1/nsseq.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c
+index e75ab7e..92da23e 100644
+--- a/crypto/asn1/p5_pbe.c
++++ b/crypto/asn1/p5_pbe.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c
+index 244706a..9687057 100644
+--- a/crypto/asn1/p5_pbev2.c
++++ b/crypto/asn1/p5_pbev2.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999-2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -140,7 +91,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+ if ((prf_nid == -1) &&
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
+ ERR_clear_error();
+- prf_nid = NID_hmacWithSHA1;
++ prf_nid = NID_hmacWithSHA256;
+ }
+ EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
+diff --git a/crypto/asn1/p5_scrypt.c b/crypto/asn1/p5_scrypt.c
+index 6ee7ef4..cc1f76c 100644
+--- a/crypto/asn1/p5_scrypt.c
++++ b/crypto/asn1/p5_scrypt.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2015.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c
+index 1e062a9..ebee6b5 100644
+--- a/crypto/asn1/p8_pkey.c
++++ b/crypto/asn1/p8_pkey.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/t_bitst.c b/crypto/asn1/t_bitst.c
+index 2b38e05..0c3a239 100644
+--- a/crypto/asn1/t_bitst.c
++++ b/crypto/asn1/t_bitst.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c
+index b17862c..5ae19ed 100644
+--- a/crypto/asn1/t_pkey.c
++++ b/crypto/asn1/t_pkey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c
+index bc20c14..51b56d0 100644
+--- a/crypto/asn1/t_spki.c
++++ b/crypto/asn1/t_spki.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
+index 5715921..64bbe40 100644
+--- a/crypto/asn1/tasn_dec.c
++++ b/crypto/asn1/tasn_dec.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+@@ -584,7 +535,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
+ } else if (ret == -1)
+ return -1;
+ if (!*val)
+- *val = (ASN1_VALUE *)sk_new_null();
++ *val = (ASN1_VALUE *)OPENSSL_sk_new_null();
+ else {
+ /*
+ * We've got a valid STACK: free up any items present
+@@ -858,9 +809,7 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+ break;
+
+ case V_ASN1_INTEGER:
+- case V_ASN1_NEG_INTEGER:
+ case V_ASN1_ENUMERATED:
+- case V_ASN1_NEG_ENUMERATED:
+ tint = (ASN1_INTEGER **)pval;
+ if (!c2i_ASN1_INTEGER(tint, &cont, len))
+ goto err;
+diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c
+index 0d25cf9..9526cff 100644
+--- a/crypto/asn1/tasn_enc.c
++++ b/crypto/asn1/tasn_enc.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+@@ -600,9 +551,7 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
+ cout ? &cout : NULL);
+
+ case V_ASN1_INTEGER:
+- case V_ASN1_NEG_INTEGER:
+ case V_ASN1_ENUMERATED:
+- case V_ASN1_NEG_ENUMERATED:
+ /*
+ * These are all have the same content format as ASN1_INTEGER
+ */
+diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c
+index 2fc036f..9b623d9 100644
+--- a/crypto/asn1/tasn_fre.c
++++ b/crypto/asn1/tasn_fre.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+@@ -151,9 +102,11 @@ static void asn1_item_embed_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
+ * field and we wont be able to determine the type of the field it
+ * defines. So free up in reverse order.
+ */
+- tt = it->templates + it->tcount - 1;
+- for (i = 0; i < it->tcount; tt--, i++) {
++ tt = it->templates + it->tcount;
++ for (i = 0; i < it->tcount; i++) {
+ ASN1_VALUE **pseqval;
++
++ tt--;
+ seqtt = asn1_do_adb(pval, tt, 0);
+ if (!seqtt)
+ continue;
+diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
+index 9e8ba9c..455a88a 100644
+--- a/crypto/asn1/tasn_new.c
++++ b/crypto/asn1/tasn_new.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
+index f6bd218..425810b 100644
+--- a/crypto/asn1/tasn_prn.c
++++ b/crypto/asn1/tasn_prn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000,2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+@@ -314,6 +265,7 @@ int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+ {
+ int i, flags;
+ const char *sname, *fname;
++ ASN1_VALUE *tfld;
+ flags = tt->flags;
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME)
+ sname = ASN1_ITEM_ptr(tt->item)->sname;
+@@ -323,6 +275,16 @@ int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+ fname = NULL;
+ else
+ fname = tt->field_name;
++
++ /*
++ * If field is embedded then fld needs fixing so it is a pointer to
++ * a pointer to a field.
++ */
++ if (flags & ASN1_TFLG_EMBED) {
++ tfld = (ASN1_VALUE *)fld;
++ fld = &tfld;
++ }
++
+ if (flags & ASN1_TFLG_SK_MASK) {
+ char *tname;
+ ASN1_VALUE *skitem;
+diff --git a/crypto/asn1/tasn_scn.c b/crypto/asn1/tasn_scn.c
+index a775839..1bdd2df 100644
+--- a/crypto/asn1/tasn_scn.c
++++ b/crypto/asn1/tasn_scn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2010.
+- */
+-/* ====================================================================
+- * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+diff --git a/crypto/asn1/tasn_typ.c b/crypto/asn1/tasn_typ.c
+index da9a80a..98d9879 100644
+--- a/crypto/asn1/tasn_typ.c
++++ b/crypto/asn1/tasn_typ.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <openssl/asn1.h>
+ #include <openssl/asn1t.h>
+diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c
+index 41f2fc2..cb24593 100644
+--- a/crypto/asn1/tasn_utl.c
++++ b/crypto/asn1/tasn_utl.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c
+index 30c59d8..dfebf68 100644
+--- a/crypto/asn1/x_algor.c
++++ b/crypto/asn1/x_algor.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c
+index c8072e3..db6ce82 100644
+--- a/crypto/asn1/x_bignum.c
++++ b/crypto/asn1/x_bignum.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c
+index b49c787..8d99f07 100644
+--- a/crypto/asn1/x_info.c
++++ b/crypto/asn1/x_info.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c
+index f804282..9d27ba4 100644
+--- a/crypto/asn1/x_long.c
++++ b/crypto/asn1/x_long.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c
+index 1e80d9e..593049f 100644
+--- a/crypto/asn1/x_pkey.c
++++ b/crypto/asn1/x_pkey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c
+index b880e24..d5b0b69 100644
+--- a/crypto/asn1/x_sig.c
++++ b/crypto/asn1/x_sig.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/asn1/x_spki.c b/crypto/asn1/x_spki.c
+index 636f69b..c45400b 100644
+--- a/crypto/asn1/x_spki.c
++++ b/crypto/asn1/x_spki.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/asn1/x_val.c b/crypto/asn1/x_val.c
+index d9ebfe1..d1f1d3b 100644
+--- a/crypto/asn1/x_val.c
++++ b/crypto/asn1/x_val.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/async/Makefile.in b/crypto/async/Makefile.in
+deleted file mode 100644
+index aa85749..0000000
+--- a/crypto/async/Makefile.in
++++ /dev/null
+@@ -1,63 +0,0 @@
+-#
+-# OpenSSL/crypto/async/Makefile
+-#
+-
+-DIR= async
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-TEST=
+-APPS=
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=async.c async_wait.c async_err.c arch/async_posix.c arch/async_win.c arch/async_null.c
+-LIBOBJ=async.o async_wait.o async_err.o arch/async_posix.o arch/async_win.o arch/async_null.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= async_locl.h arch/async_posix.h arch/async_win.h arch/async_null.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-links:
+- @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+- @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+- @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+-
+-install:
+- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+- @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+- do \
+- (cp $$i $(DESTDIR)$(INSTALLTOP)/include/openssl/$$i; \
+- chmod 644 $(DESTDIR)$(INSTALLTOP)/include/openssl/$$i ); \
+- done;
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+- rm -f arch/*.o arch/*.obj arch/lib arch/tags arch/core arch/.pure arch/.nfs* arch/*.old arch/*.bak arch/fluff
+-
+-# Different flavours of make disagree on where output goes
+-.c.o:
+- $(CC) $(CFLAGS) -c $< -o $@
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/async/arch/async_null.c b/crypto/async/arch/async_null.c
+index 19fb72c..a9ae35d 100644
+--- a/crypto/async/arch/async_null.c
++++ b/crypto/async/arch/async_null.c
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* This must be the first #include file */
+diff --git a/crypto/async/arch/async_null.h b/crypto/async/arch/async_null.h
+index a965bdb..aef40b5 100644
+--- a/crypto/async/arch/async_null.h
++++ b/crypto/async/arch/async_null.h
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/async.h>
+diff --git a/crypto/async/arch/async_posix.c b/crypto/async/arch/async_posix.c
+index 33f2a3f..02c342d 100644
+--- a/crypto/async/arch/async_posix.c
++++ b/crypto/async/arch/async_posix.c
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* This must be the first #include file */
+diff --git a/crypto/async/arch/async_posix.h b/crypto/async/arch/async_posix.h
+index de80f95..e0099c3 100644
+--- a/crypto/async/arch/async_posix.h
++++ b/crypto/async/arch/async_posix.h
+@@ -1,59 +1,17 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #ifndef OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H
+ #define OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H
+ #include <openssl/e_os2.h>
+
+-#if (defined(OPENSSL_SYS_UNIX) || defined(OPENSSL_SYS_CYGWIN)) && defined(OPENSSL_THREADS) && !defined(OPENSSL_NO_ASYNC)
++#if (defined(OPENSSL_SYS_UNIX) || defined(OPENSSL_SYS_CYGWIN)) && defined(OPENSSL_THREADS) && !defined(OPENSSL_NO_ASYNC) && !defined(__ANDROID__)
+
+ # include <unistd.h>
+
+diff --git a/crypto/async/arch/async_win.c b/crypto/async/arch/async_win.c
+index 4f4c799..37a3111 100644
+--- a/crypto/async/arch/async_win.c
++++ b/crypto/async/arch/async_win.c
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* This must be the first #include file */
+diff --git a/crypto/async/arch/async_win.h b/crypto/async/arch/async_win.h
+index 4287330..61cfdd7 100644
+--- a/crypto/async/arch/async_win.h
++++ b/crypto/async/arch/async_win.h
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/async/async.c b/crypto/async/async.c
+index b4ba561..965a195 100644
+--- a/crypto/async/async.c
++++ b/crypto/async/async.c
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+@@ -61,7 +18,6 @@
+ /* This must be the first #include file */
+ #include "async_locl.h"
+
+-#include <internal/threads.h>
+ #include <openssl/err.h>
+ #include <internal/cryptlib_int.h>
+ #include <string.h>
+diff --git a/crypto/async/async_err.c b/crypto/async/async_err.c
+index 26b34d4..13c41cd 100644
+--- a/crypto/async/async_err.c
++++ b/crypto/async/async_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -79,12 +29,10 @@ static ERR_STRING_DATA ASYNC_str_functs[] = {
+ };
+
+ static ERR_STRING_DATA ASYNC_str_reasons[] = {
+- {ERR_REASON(ASYNC_R_CANNOT_CREATE_WAIT_PIPE), "cannot create wait pipe"},
+ {ERR_REASON(ASYNC_R_FAILED_TO_SET_POOL), "failed to set pool"},
+ {ERR_REASON(ASYNC_R_FAILED_TO_SWAP_CONTEXT), "failed to swap context"},
+ {ERR_REASON(ASYNC_R_INIT_FAILED), "init failed"},
+ {ERR_REASON(ASYNC_R_INVALID_POOL_SIZE), "invalid pool size"},
+- {ERR_REASON(ASYNC_R_POOL_ALREADY_INITED), "pool already inited"},
+ {0, NULL}
+ };
+
+diff --git a/crypto/async/async_locl.h b/crypto/async/async_locl.h
+index 7fa1f26..786cf00 100644
+--- a/crypto/async/async_locl.h
++++ b/crypto/async/async_locl.h
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/async/async_wait.c b/crypto/async/async_wait.c
+index ece995f..e5ecaeb 100644
+--- a/crypto/async/async_wait.c
++++ b/crypto/async/async_wait.c
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* This must be the first #include file */
+diff --git a/crypto/bf/Makefile.in b/crypto/bf/Makefile.in
+deleted file mode 100644
+index a41b9d1..0000000
+--- a/crypto/bf/Makefile.in
++++ /dev/null
+@@ -1,51 +0,0 @@
+-#
+-# OpenSSL/crypto/blowfish/Makefile
+-#
+-
+-DIR= bf
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-BF_ENC= bf_enc.o
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
+-LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= bf_pi.h bf_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-bf-586.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+- $(PERL) asm/bf-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/bf/asm/bf-586.pl b/crypto/bf/asm/bf-586.pl
+index 319a638..ebc24f4 100644
+--- a/crypto/bf/asm/bf-586.pl
++++ b/crypto/bf/asm/bf-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+ push(@INC,"${dir}","${dir}../../perlasm");
+diff --git a/crypto/bf/bf_cbc.c b/crypto/bf/bf_cbc.c
+index b052951..6ed6257 100644
+--- a/crypto/bf/bf_cbc.c
++++ b/crypto/bf/bf_cbc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/blowfish.h>
+diff --git a/crypto/bf/bf_cfb64.c b/crypto/bf/bf_cfb64.c
+index cab8bf8..ce6e13b 100644
+--- a/crypto/bf/bf_cfb64.c
++++ b/crypto/bf/bf_cfb64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/blowfish.h>
+diff --git a/crypto/bf/bf_ecb.c b/crypto/bf/bf_ecb.c
+index a7640d8..aa73540 100644
+--- a/crypto/bf/bf_ecb.c
++++ b/crypto/bf/bf_ecb.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/blowfish.h>
+diff --git a/crypto/bf/bf_enc.c b/crypto/bf/bf_enc.c
+index 04eb391..9f80c56 100644
+--- a/crypto/bf/bf_enc.c
++++ b/crypto/bf/bf_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/blowfish.h>
+diff --git a/crypto/bf/bf_locl.h b/crypto/bf/bf_locl.h
+index 5ad9ec2..7e5f92c 100644
+--- a/crypto/bf/bf_locl.h
++++ b/crypto/bf/bf_locl.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_BF_LOCL_H
+diff --git a/crypto/bf/bf_ofb64.c b/crypto/bf/bf_ofb64.c
+index 97a58ce..6418217 100644
+--- a/crypto/bf/bf_ofb64.c
++++ b/crypto/bf/bf_ofb64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/blowfish.h>
+diff --git a/crypto/bf/bf_pi.h b/crypto/bf/bf_pi.h
+index c3e1873..a054b03 100644
+--- a/crypto/bf/bf_pi.h
++++ b/crypto/bf/bf_pi.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ static const BF_KEY bf_init = {
+diff --git a/crypto/bf/bf_skey.c b/crypto/bf/bf_skey.c
+index 3cfc6a1..a4903a2 100644
+--- a/crypto/bf/bf_skey.c
++++ b/crypto/bf/bf_skey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/bf/build.info b/crypto/bf/build.info
+index b8f9820..37a004e 100644
+--- a/crypto/bf/build.info
++++ b/crypto/bf/build.info
+@@ -1,5 +1,6 @@
+ LIBS=../../libcrypto
+-SOURCE[../../libcrypto]=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
++SOURCE[../../libcrypto]=bf_skey.c bf_ecb.c bf_cfb64.c bf_ofb64.c \
++ {- $target{bf_asm_src} -}
+
+ GENERATE[bf-586.s]=asm/bf-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR)
+ DEPEND[bf-586.s]=../perlasm/x86asm.pl ../perlasm/cbc.pl
+diff --git a/crypto/bio/Makefile.in b/crypto/bio/Makefile.in
+deleted file mode 100644
+index f57d357..0000000
+--- a/crypto/bio/Makefile.in
++++ /dev/null
+@@ -1,55 +0,0 @@
+-#
+-# OpenSSL/crypto/bio/Makefile
+-#
+-
+-DIR= bio
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= bio_lib.c bio_cb.c bio_err.c \
+- bss_mem.c bss_null.c bss_fd.c \
+- bss_file.c bss_sock.c bss_conn.c \
+- bf_null.c bf_buff.c b_print.c b_dump.c b_addr.c \
+- b_sock.c b_sock2.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c \
+- bss_dgram.c bio_meth.c
+-# bf_lbuf.c
+-LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
+- bss_mem.o bss_null.o bss_fd.o \
+- bss_file.o bss_sock.o bss_conn.o \
+- bf_null.o bf_buff.o b_print.o b_dump.o b_addr.o \
+- b_sock.o b_sock2.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o \
+- bss_dgram.o bio_meth.o
+-# bf_lbuf.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= bio_lcl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c
+index eed40bf..3a9a00c 100644
+--- a/crypto/bio/b_addr.c
++++ b/crypto/bio/b_addr.c
+@@ -1,61 +1,16 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+
+ #include "bio_lcl.h"
+-#include "internal/threads.h"
++#include <openssl/crypto.h>
+
+ #ifndef OPENSSL_NO_SOCK
+ #include <openssl/err.h>
+@@ -83,6 +38,11 @@ BIO_ADDR *BIO_ADDR_new(void)
+ {
+ BIO_ADDR *ret = OPENSSL_zalloc(sizeof(*ret));
+
++ if (ret == NULL) {
++ BIOerr(BIO_F_BIO_ADDR_NEW, ERR_R_MALLOC_FAILURE);
++ return NULL;
++ }
++
+ ret->sa.sa_family = AF_UNSPEC;
+ return ret;
+ }
+@@ -268,21 +228,35 @@ static int addr_strings(const BIO_ADDR *ap, int numeric,
+ ntohs(BIO_ADDR_rawport(ap)));
+ }
+
+- if (hostname)
++ if (hostname != NULL)
+ *hostname = OPENSSL_strdup(host);
+- if (service)
++ if (service != NULL)
+ *service = OPENSSL_strdup(serv);
+ } else {
+ #endif
+- if (hostname)
++ if (hostname != NULL)
+ *hostname = OPENSSL_strdup(inet_ntoa(ap->s_in.sin_addr));
+- if (service) {
++ if (service != NULL) {
+ char serv[6]; /* port is 16 bits => max 5 decimal digits */
+ BIO_snprintf(serv, sizeof(serv), "%d", ntohs(ap->s_in.sin_port));
+ *service = OPENSSL_strdup(serv);
+ }
+ }
+
++ if ((hostname != NULL && *hostname == NULL)
++ || (service != NULL && *service == NULL)) {
++ if (hostname != NULL) {
++ OPENSSL_free(*hostname);
++ *hostname = NULL;
++ }
++ if (service != NULL) {
++ OPENSSL_free(*service);
++ *service = NULL;
++ }
++ BIOerr(BIO_F_ADDR_STRINGS, ERR_R_MALLOC_FAILURE);
++ return 0;
++ }
++
+ return 1;
+ }
+
+@@ -583,7 +557,7 @@ int BIO_parse_hostserv(const char *hostserv, char **host, char **service,
+ * family, such as AF_UNIX
+ *
+ * the return value is 1 on success, or 0 on failure, which
+- * only happens if a memory allocation error occured.
++ * only happens if a memory allocation error occurred.
+ */
+ static int addrinfo_wrap(int family, int socktype,
+ const void *where, size_t wherelen,
+@@ -749,7 +723,7 @@ int BIO_lookup(const char *host, const char *service,
+ #endif
+
+ struct servent *se;
+- /* Apprently, on WIN64, s_proto and s_port have traded places... */
++ /* Apparently, on WIN64, s_proto and s_port have traded places... */
+ #ifdef _WIN64
+ struct servent se_fallback = { NULL, NULL, NULL, 0 };
+ #else
+diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c
+index c586b76..a27954f 100644
+--- a/crypto/bio/b_dump.c
++++ b/crypto/bio/b_dump.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
+index 72a2ee8..545c469 100644
+--- a/crypto/bio/b_print.c
++++ b/crypto/bio/b_print.c
+@@ -1,69 +1,16 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-
+ /*
+- * Stolen from tjh's ssl/ssl_trc.c stuff.
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+ #include <string.h>
+ #include <ctype.h>
+-#include <assert.h>
+-#include <limits.h>
++#include "internal/numbers.h"
+ #include "internal/cryptlib.h"
+ #ifndef NO_SYS_TYPES_H
+ # include <sys/types.h>
+@@ -77,8 +24,6 @@
+ # endif
+ #endif
+
+-/***************************************************************************/
+-
+ /*
+ * Copyright Patrick Powell 1995
+ * This code is based on code written by Patrick Powell <papowell at astart.com>
+@@ -86,21 +31,6 @@
+ * on all source code distributions.
+ */
+
+-/*-
+- * This code contains numerious changes and enhancements which were
+- * made by lots of contributors over the last years to Patrick Powell's
+- * original code:
+- *
+- * o Patrick Powell <papowell at astart.com> (1995)
+- * o Brandon Long <blong at fiction.net> (1996, for Mutt)
+- * o Thomas Roessler <roessler at guug.de> (1998, for Mutt)
+- * o Michael Elkins <me at cs.hmc.edu> (1998, for Mutt)
+- * o Andrew Tridgell <tridge at samba.org> (1998, for Samba)
+- * o Luke Mewburn <lukem at netbsd.org> (1999, for LukemFTP)
+- * o Ralf S. Engelschall <rse at engelschall.com> (1999, for Pth)
+- * o ... (for OpenSSL)
+- */
+-
+ #ifdef HAVE_LONG_DOUBLE
+ # define LDOUBLE long double
+ #else
+@@ -122,7 +52,7 @@ static int fmtstr(char **, char **, size_t *, size_t *,
+ static int fmtint(char **, char **, size_t *, size_t *,
+ LLONG, int, int, int, int);
+ static int fmtfp(char **, char **, size_t *, size_t *,
+- LDOUBLE, int, int, int);
++ LDOUBLE, int, int, int, int);
+ static int doapr_outch(char **, char **, size_t *, size_t *, int);
+ static int _dopr(char **sbuffer, char **buffer,
+ size_t *maxlen, size_t *retlen, int *truncated,
+@@ -139,12 +69,19 @@ static int _dopr(char **sbuffer, char **buffer,
+ #define DP_S_DONE 7
+
+ /* format flags - Bits */
++/* left-aligned padding */
+ #define DP_F_MINUS (1 << 0)
++/* print an explicit '+' for a value with positive sign */
+ #define DP_F_PLUS (1 << 1)
++/* print an explicit ' ' for a value with positive sign */
+ #define DP_F_SPACE (1 << 2)
++/* print 0/0x prefix for octal/hex and decimal point for floating point */
+ #define DP_F_NUM (1 << 3)
++/* print leading zeroes */
+ #define DP_F_ZERO (1 << 4)
++/* print HEX in UPPPERcase */
+ #define DP_F_UP (1 << 5)
++/* treat value as unsigned */
+ #define DP_F_UNSIGNED (1 << 6)
+
+ /* conversion flags */
+@@ -153,6 +90,11 @@ static int _dopr(char **sbuffer, char **buffer,
+ #define DP_C_LDOUBLE 3
+ #define DP_C_LLONG 4
+
++/* Floating point formats */
++#define F_FORMAT 0
++#define E_FORMAT 1
++#define G_FORMAT 2
++
+ /* some handy macros */
+ #define char_to_int(p) (p - '0')
+ #define OSSL_MAX(p,q) ((p >= q) ? p : q)
+@@ -331,7 +273,7 @@ _dopr(char **sbuffer,
+ else
+ fvalue = va_arg(args, double);
+ if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
+- flags))
++ flags, F_FORMAT))
+ return 0;
+ break;
+ case 'E':
+@@ -341,6 +283,9 @@ _dopr(char **sbuffer,
+ fvalue = va_arg(args, LDOUBLE);
+ else
+ fvalue = va_arg(args, double);
++ if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
++ flags, E_FORMAT))
++ return 0;
+ break;
+ case 'G':
+ flags |= DP_F_UP;
+@@ -349,6 +294,9 @@ _dopr(char **sbuffer,
+ fvalue = va_arg(args, LDOUBLE);
+ else
+ fvalue = va_arg(args, double);
++ if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
++ flags, G_FORMAT))
++ return 0;
+ break;
+ case 'c':
+ if(!doapr_outch(sbuffer, buffer, &currlen, maxlen,
+@@ -437,28 +385,29 @@ fmtstr(char **sbuffer,
+ if (value == 0)
+ value = "<NULL>";
+
+- strln = strlen(value);
+- if (strln > INT_MAX)
+- strln = INT_MAX;
++ strln = OPENSSL_strnlen(value, max < 0 ? SIZE_MAX : (size_t)max);
+
+ padlen = min - strln;
+ if (min < 0 || padlen < 0)
+ padlen = 0;
++ if (max >= 0)
++ max += padlen; /* The maximum output including padding */
+ if (flags & DP_F_MINUS)
+ padlen = -padlen;
+
+- while ((padlen > 0) && (cnt < max)) {
++ while ((padlen > 0) && (max < 0 || cnt < max)) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ --padlen;
+ ++cnt;
+ }
+- while (*value && (cnt < max)) {
++ while (strln > 0 && (max < 0 || cnt < max)) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++))
+ return 0;
++ --strln;
+ ++cnt;
+ }
+- while ((padlen < 0) && (cnt < max)) {
++ while ((padlen < 0) && (max < 0 || cnt < max)) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ ++padlen;
+@@ -599,23 +548,28 @@ static int
+ fmtfp(char **sbuffer,
+ char **buffer,
+ size_t *currlen,
+- size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags)
++ size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags, int style)
+ {
+ int signvalue = 0;
+ LDOUBLE ufvalue;
++ LDOUBLE tmpvalue;
+ char iconvert[20];
+ char fconvert[20];
++ char econvert[20];
+ int iplace = 0;
+ int fplace = 0;
++ int eplace = 0;
+ int padlen = 0;
+ int zpadlen = 0;
+- long intpart;
+- long fracpart;
+- long max10;
++ long exp = 0;
++ unsigned long intpart;
++ unsigned long fracpart;
++ unsigned long max10;
++ int realstyle;
+
+ if (max < 0)
+ max = 6;
+- ufvalue = abs_val(fvalue);
++
+ if (fvalue < 0)
+ signvalue = '-';
+ else if (flags & DP_F_PLUS)
+@@ -623,7 +577,73 @@ fmtfp(char **sbuffer,
+ else if (flags & DP_F_SPACE)
+ signvalue = ' ';
+
+- intpart = (long)ufvalue;
++ /*
++ * G_FORMAT sometimes prints like E_FORMAT and sometimes like F_FORMAT
++ * depending on the number to be printed. Work out which one it is and use
++ * that from here on.
++ */
++ if (style == G_FORMAT) {
++ if (fvalue == 0.0) {
++ realstyle = F_FORMAT;
++ } else if (fvalue < 0.0001) {
++ realstyle = E_FORMAT;
++ } else if ((max == 0 && fvalue >= 10)
++ || (max > 0 && fvalue >= pow_10(max))) {
++ realstyle = E_FORMAT;
++ } else {
++ realstyle = F_FORMAT;
++ }
++ } else {
++ realstyle = style;
++ }
++
++ if (style != F_FORMAT) {
++ tmpvalue = fvalue;
++ /* Calculate the exponent */
++ if (fvalue != 0.0) {
++ while (tmpvalue < 1) {
++ tmpvalue *= 10;
++ exp--;
++ }
++ while (tmpvalue > 10) {
++ tmpvalue /= 10;
++ exp++;
++ }
++ }
++ if (style == G_FORMAT) {
++ /*
++ * In G_FORMAT the "precision" represents significant digits. We
++ * always have at least 1 significant digit.
++ */
++ if (max == 0)
++ max = 1;
++ /* Now convert significant digits to decimal places */
++ if (realstyle == F_FORMAT) {
++ max -= (exp + 1);
++ if (max < 0) {
++ /*
++ * Should not happen. If we're in F_FORMAT then exp < max?
++ */
++ return 0;
++ }
++ } else {
++ /*
++ * In E_FORMAT there is always one significant digit in front
++ * of the decimal point, so:
++ * significant digits == 1 + decimal places
++ */
++ max--;
++ }
++ }
++ if (realstyle == E_FORMAT)
++ fvalue = tmpvalue;
++ }
++ ufvalue = abs_val(fvalue);
++ if (ufvalue > ULONG_MAX) {
++ /* Number too big */
++ return 0;
++ }
++ intpart = (unsigned long)ufvalue;
+
+ /*
+ * sorry, we only support 9 digits past the decimal because of our
+@@ -654,16 +674,51 @@ fmtfp(char **sbuffer,
+ iconvert[iplace] = 0;
+
+ /* convert fractional part */
+- do {
++ while (fplace < max) {
++ if (style == G_FORMAT && fplace == 0 && (fracpart % 10) == 0) {
++ /* We strip trailing zeros in G_FORMAT */
++ max--;
++ fracpart = fracpart / 10;
++ if (fplace < max)
++ continue;
++ break;
++ }
+ fconvert[fplace++] = "0123456789"[fracpart % 10];
+ fracpart = (fracpart / 10);
+- } while (fplace < max);
++ }
++
+ if (fplace == sizeof fconvert)
+ fplace--;
+ fconvert[fplace] = 0;
+
+- /* -1 for decimal point, another -1 if we are printing a sign */
+- padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
++ /* convert exponent part */
++ if (realstyle == E_FORMAT) {
++ int tmpexp;
++ if (exp < 0)
++ tmpexp = -exp;
++ else
++ tmpexp = exp;
++
++ do {
++ econvert[eplace++] = "0123456789"[tmpexp % 10];
++ tmpexp = (tmpexp / 10);
++ } while (tmpexp > 0 && eplace < (int)sizeof(econvert));
++ /* Exponent is huge!! Too big to print */
++ if (tmpexp > 0)
++ return 0;
++ /* Add a leading 0 for single digit exponents */
++ if (eplace == 1)
++ econvert[eplace++] = '0';
++ }
++
++ /*
++ * -1 for decimal point (if we have one, i.e. max > 0),
++ * another -1 if we are printing a sign
++ */
++ padlen = min - iplace - max - (max > 0 ? 1 : 0) - ((signvalue) ? 1 : 0);
++ /* Take some off for exponent prefix "+e" and exponent */
++ if (realstyle == E_FORMAT)
++ padlen -= 2 + eplace;
+ zpadlen = max - fplace;
+ if (zpadlen < 0)
+ zpadlen = 0;
+@@ -717,6 +772,28 @@ fmtfp(char **sbuffer,
+ return 0;
+ --zpadlen;
+ }
++ if (realstyle == E_FORMAT) {
++ char ech;
++
++ if ((flags & DP_F_UP) == 0)
++ ech = 'e';
++ else
++ ech = 'E';
++ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ech))
++ return 0;
++ if (exp < 0) {
++ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '-'))
++ return 0;
++ } else {
++ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '+'))
++ return 0;
++ }
++ while (eplace > 0) {
++ if (!doapr_outch(sbuffer, buffer, currlen, maxlen,
++ econvert[--eplace]))
++ return 0;
++ }
++ }
+
+ while (padlen < 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+@@ -733,10 +810,10 @@ doapr_outch(char **sbuffer,
+ char **buffer, size_t *currlen, size_t *maxlen, int c)
+ {
+ /* If we haven't at least one buffer, someone has doe a big booboo */
+- assert(*sbuffer != NULL || buffer != NULL);
++ OPENSSL_assert(*sbuffer != NULL || buffer != NULL);
+
+ /* |currlen| must always be <= |*maxlen| */
+- assert(*currlen <= *maxlen);
++ OPENSSL_assert(*currlen <= *maxlen);
+
+ if (buffer && *currlen == *maxlen) {
+ if (*maxlen > INT_MAX - BUFFER_INC)
+@@ -748,7 +825,7 @@ doapr_outch(char **sbuffer,
+ if (*buffer == NULL)
+ return 0;
+ if (*currlen > 0) {
+- assert(*sbuffer != NULL);
++ OPENSSL_assert(*sbuffer != NULL);
+ memcpy(*buffer, *sbuffer, *currlen);
+ }
+ *sbuffer = NULL;
+diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
+index a2d0100..ac2c2d1 100644
+--- a/crypto/bio/b_sock.c
++++ b/crypto/bio/b_sock.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -141,7 +93,7 @@ int BIO_get_port(const char *str, unsigned short *port_ptr)
+ int BIO_sock_error(int sock)
+ {
+ int j = 0, i;
+- socklen_t size = 0;
++ socklen_t size = sizeof(j);
+
+ /*
+ * Note: under Windows the third parameter is of type (char *) whereas
+@@ -151,7 +103,7 @@ int BIO_sock_error(int sock)
+ */
+ i = getsockopt(sock, SOL_SOCKET, SO_ERROR, (void *)&j, &size);
+ if (i < 0)
+- return (1);
++ return (get_last_socket_error());
+ else
+ return (j);
+ }
+@@ -311,10 +263,20 @@ int BIO_accept(int sock, char **ip_port)
+ if (ip_port != NULL) {
+ char *host = BIO_ADDR_hostname_string(&res, 1);
+ char *port = BIO_ADDR_service_string(&res, 1);
+- *ip_port = OPENSSL_zalloc(strlen(host) + strlen(port) + 2);
+- strcpy(*ip_port, host);
+- strcat(*ip_port, ":");
+- strcat(*ip_port, port);
++ if (host != NULL && port != NULL)
++ *ip_port = OPENSSL_zalloc(strlen(host) + strlen(port) + 2);
++ else
++ *ip_port = NULL;
++
++ if (*ip_port == NULL) {
++ BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
++ BIO_closesocket(ret);
++ ret = (int)INVALID_SOCKET;
++ } else {
++ strcpy(*ip_port, host);
++ strcat(*ip_port, ":");
++ strcat(*ip_port, port);
++ }
+ OPENSSL_free(host);
+ OPENSSL_free(port);
+ }
+diff --git a/crypto/bio/b_sock2.c b/crypto/bio/b_sock2.c
+index 9f092fc..726b062 100644
+--- a/crypto/bio/b_sock2.c
++++ b/crypto/bio/b_sock2.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -294,8 +249,10 @@ int BIO_accept_ex(int accept_sock, BIO_ADDR *addr_, int options)
+ return INVALID_SOCKET;
+ }
+
+- if (!BIO_socket_nbio(accepted_sock, (options & BIO_SOCK_NONBLOCK) != 0))
++ if (!BIO_socket_nbio(accepted_sock, (options & BIO_SOCK_NONBLOCK) != 0)) {
++ closesocket(accepted_sock);
+ return INVALID_SOCKET;
++ }
+
+ return accepted_sock;
+ }
+diff --git a/crypto/bio/bf_buff.c b/crypto/bio/bf_buff.c
+index 361d26a..702581e 100644
+--- a/crypto/bio/bf_buff.c
++++ b/crypto/bio/bf_buff.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/bio/bf_lbuf.c b/crypto/bio/bf_lbuf.c
+index d8c90f5..ed25b1f 100644
+--- a/crypto/bio/bf_lbuf.c
++++ b/crypto/bio/bf_lbuf.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/bio/bf_nbio.c b/crypto/bio/bf_nbio.c
+index cefd35f..364d9fb 100644
+--- a/crypto/bio/bf_nbio.c
++++ b/crypto/bio/bf_nbio.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/bio/bf_null.c b/crypto/bio/bf_null.c
+index 162e250..0736b3f 100644
+--- a/crypto/bio/bf_null.c
++++ b/crypto/bio/bf_null.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/bio/bio_cb.c b/crypto/bio/bio_cb.c
+index 552b66e..860208b 100644
+--- a/crypto/bio/bio_cb.c
++++ b/crypto/bio/bio_cb.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/bio/bio_err.c b/crypto/bio/bio_err.c
+index 36b9dfe..7553182 100644
+--- a/crypto/bio/bio_err.c
++++ b/crypto/bio/bio_err.c
+@@ -1,62 +1,11 @@
+-/* crypto/bio/bio_err.c */
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -74,13 +23,11 @@ static ERR_STRING_DATA BIO_str_functs[] = {
+ {ERR_FUNC(BIO_F_ADDR_STRINGS), "addr_strings"},
+ {ERR_FUNC(BIO_F_BIO_ACCEPT), "BIO_accept"},
+ {ERR_FUNC(BIO_F_BIO_ACCEPT_EX), "BIO_accept_ex"},
+- {ERR_FUNC(BIO_F_BIO_BER_GET_HEADER), "BIO_BER_GET_HEADER"},
++ {ERR_FUNC(BIO_F_BIO_ADDR_NEW), "BIO_ADDR_new"},
+ {ERR_FUNC(BIO_F_BIO_CALLBACK_CTRL), "BIO_callback_ctrl"},
+ {ERR_FUNC(BIO_F_BIO_CONNECT), "BIO_connect"},
+ {ERR_FUNC(BIO_F_BIO_CTRL), "BIO_ctrl"},
+- {ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME), "BIO_gethostbyname"},
+ {ERR_FUNC(BIO_F_BIO_GETS), "BIO_gets"},
+- {ERR_FUNC(BIO_F_BIO_GET_ACCEPT_SOCKET), "BIO_get_accept_socket"},
+ {ERR_FUNC(BIO_F_BIO_GET_HOST_IP), "BIO_get_host_ip"},
+ {ERR_FUNC(BIO_F_BIO_GET_PORT), "BIO_get_port"},
+ {ERR_FUNC(BIO_F_BIO_LISTEN), "BIO_listen"},
+@@ -96,6 +43,7 @@ static ERR_STRING_DATA BIO_str_functs[] = {
+ {ERR_FUNC(BIO_F_BIO_PARSE_HOSTSERV), "BIO_parse_hostserv"},
+ {ERR_FUNC(BIO_F_BIO_PUTS), "BIO_puts"},
+ {ERR_FUNC(BIO_F_BIO_READ), "BIO_read"},
++ {ERR_FUNC(BIO_F_BIO_SET), "BIO_set"},
+ {ERR_FUNC(BIO_F_BIO_SOCKET), "BIO_socket"},
+ {ERR_FUNC(BIO_F_BIO_SOCKET_NBIO), "BIO_socket_nbio"},
+ {ERR_FUNC(BIO_F_BIO_SOCK_INFO), "BIO_sock_info"},
+@@ -109,10 +57,8 @@ static ERR_STRING_DATA BIO_str_functs[] = {
+ {ERR_FUNC(BIO_F_FILE_CTRL), "file_ctrl"},
+ {ERR_FUNC(BIO_F_FILE_READ), "file_read"},
+ {ERR_FUNC(BIO_F_LINEBUFFER_CTRL), "linebuffer_ctrl"},
+- {ERR_FUNC(BIO_F_MEM_READ), "MEM_READ"},
+ {ERR_FUNC(BIO_F_MEM_WRITE), "mem_write"},
+ {ERR_FUNC(BIO_F_SSL_NEW), "SSL_new"},
+- {ERR_FUNC(BIO_F_WSASTARTUP), "WSASTARTUP"},
+ {0, NULL}
+ };
+
+@@ -120,17 +66,11 @@ static ERR_STRING_DATA BIO_str_reasons[] = {
+ {ERR_REASON(BIO_R_ACCEPT_ERROR), "accept error"},
+ {ERR_REASON(BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET),
+ "addrinfo addr is not af inet"},
+- {ERR_REASON(BIO_R_AMBIGUOUS_HOST_OR_SERVICE), "ambiguous host or service"},
++ {ERR_REASON(BIO_R_AMBIGUOUS_HOST_OR_SERVICE),
++ "ambiguous host or service"},
+ {ERR_REASON(BIO_R_BAD_FOPEN_MODE), "bad fopen mode"},
+- {ERR_REASON(BIO_R_BAD_HOSTNAME_LOOKUP), "bad hostname lookup"},
+ {ERR_REASON(BIO_R_BROKEN_PIPE), "broken pipe"},
+ {ERR_REASON(BIO_R_CONNECT_ERROR), "connect error"},
+- {ERR_REASON(BIO_R_EOF_ON_MEMORY_BIO), "EOF on memory BIO"},
+- {ERR_REASON(BIO_R_ERROR_SETTING_NBIO), "error setting nbio"},
+- {ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET),
+- "error setting nbio on accepted socket"},
+- {ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET),
+- "error setting nbio on accept socket"},
+ {ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET),
+ "gethostbyname addr is not af inet"},
+ {ERR_REASON(BIO_R_GETSOCKNAME_ERROR), "getsockname error"},
+@@ -138,25 +78,20 @@ static ERR_STRING_DATA BIO_str_reasons[] = {
+ "getsockname truncated address"},
+ {ERR_REASON(BIO_R_GETTING_SOCKTYPE), "getting socktype"},
+ {ERR_REASON(BIO_R_INVALID_ARGUMENT), "invalid argument"},
+- {ERR_REASON(BIO_R_INVALID_IP_ADDRESS), "invalid ip address"},
+ {ERR_REASON(BIO_R_INVALID_SOCKET), "invalid socket"},
+ {ERR_REASON(BIO_R_IN_USE), "in use"},
+- {ERR_REASON(BIO_R_KEEPALIVE), "keepalive"},
+ {ERR_REASON(BIO_R_LISTEN_V6_ONLY), "listen v6 only"},
+ {ERR_REASON(BIO_R_LOOKUP_RETURNED_NOTHING), "lookup returned nothing"},
+- {ERR_REASON(BIO_R_MALFORMED_HOST_OR_SERVICE), "malformed host or service"},
++ {ERR_REASON(BIO_R_MALFORMED_HOST_OR_SERVICE),
++ "malformed host or service"},
+ {ERR_REASON(BIO_R_NBIO_CONNECT_ERROR), "nbio connect error"},
+ {ERR_REASON(BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED),
+ "no accept addr or service specified"},
+- {ERR_REASON(BIO_R_NO_ACCEPT_PORT_SPECIFIED), "no accept port specified"},
+ {ERR_REASON(BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED),
+ "no hostname or service specified"},
+- {ERR_REASON(BIO_R_NO_HOSTNAME_SPECIFIED), "no hostname specified"},
+ {ERR_REASON(BIO_R_NO_PORT_DEFINED), "no port defined"},
+- {ERR_REASON(BIO_R_NO_SERVICE_SPECIFIED), "no service specified"},
+ {ERR_REASON(BIO_R_NO_SUCH_FILE), "no such file"},
+ {ERR_REASON(BIO_R_NULL_PARAMETER), "null parameter"},
+- {ERR_REASON(BIO_R_TAG_MISMATCH), "tag mismatch"},
+ {ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET), "unable to bind socket"},
+ {ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET), "unable to create socket"},
+ {ERR_REASON(BIO_R_UNABLE_TO_KEEPALIVE), "unable to keepalive"},
+diff --git a/crypto/bio/bio_lcl.h b/crypto/bio/bio_lcl.h
+index 52c9e79..f5a886c 100644
+--- a/crypto/bio/bio_lcl.h
++++ b/crypto/bio/bio_lcl.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #define USE_SOCKETS
+ #include "e_os.h"
+
+diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c
+index 94c97da..0b111c6 100644
+--- a/crypto/bio/bio_lib.c
++++ b/crypto/bio/bio_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -93,10 +45,12 @@ int BIO_set(BIO *bio, const BIO_METHOD *method)
+ bio->references = 1;
+ bio->num_read = 0L;
+ bio->num_write = 0L;
+- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data);
++ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data))
++ return 0;
+
+ bio->lock = CRYPTO_THREAD_lock_new();
+ if (bio->lock == NULL) {
++ BIOerr(BIO_F_BIO_SET, ERR_R_MALLOC_FAILURE);
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data);
+ return 0;
+ }
+@@ -130,13 +84,13 @@ int BIO_free(BIO *a)
+ ((i = (int)a->callback(a, BIO_CB_FREE, NULL, 0, 0L, 1L)) <= 0))
+ return i;
+
++ if ((a->method != NULL) && (a->method->destroy != NULL))
++ a->method->destroy(a);
++
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
+
+ CRYPTO_THREAD_lock_free(a->lock);
+
+- if ((a->method != NULL) && (a->method->destroy != NULL))
+- a->method->destroy(a);
+-
+ OPENSSL_free(a);
+
+ return 1;
+diff --git a/crypto/bio/bio_meth.c b/crypto/bio/bio_meth.c
+index 88ce8c3..d172047 100644
+--- a/crypto/bio/bio_meth.c
++++ b/crypto/bio/bio_meth.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "bio_lcl.h"
+diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
+index 8cd66fe..628da9e 100644
+--- a/crypto/bio/bss_acpt.c
++++ b/crypto/bio/bss_acpt.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -474,16 +426,17 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
+ data->param_serv = BUF_strdup(ptr);
+ b->init = 1;
+ } else if (num == 2) {
+- if (ptr != NULL)
+- data->bind_mode |= BIO_SOCK_NONBLOCK;
+- else
+- data->bind_mode &= ~BIO_SOCK_NONBLOCK;
++ data->bind_mode |= BIO_SOCK_NONBLOCK;
+ } else if (num == 3) {
+ BIO_free(data->bio_chain);
+ data->bio_chain = (BIO *)ptr;
+ } else if (num == 4) {
+ data->accept_family = *(int *)ptr;
+ }
++ } else {
++ if (num == 2) {
++ data->bind_mode &= ~BIO_SOCK_NONBLOCK;
++ }
+ }
+ break;
+ case BIO_C_SET_NBIO:
+diff --git a/crypto/bio/bss_bio.c b/crypto/bio/bss_bio.c
+index 2991c3a..394080d 100644
+--- a/crypto/bio/bss_bio.c
++++ b/crypto/bio/bss_bio.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+@@ -627,16 +582,15 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
+ break;
+
+ case BIO_CTRL_EOF:
+- {
+- BIO *other_bio = ptr;
+-
+- if (other_bio) {
+- struct bio_bio_st *other_b = other_bio->ptr;
++ if (b->peer != NULL) {
++ struct bio_bio_st *peer_b = b->peer->ptr;
+
+- assert(other_b != NULL);
+- ret = other_b->len == 0 && other_b->closed;
+- } else
++ if (peer_b->len == 0 && peer_b->closed)
+ ret = 1;
++ else
++ ret = 0;
++ } else {
++ ret = 1;
+ }
+ break;
+
+diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
+index a4949b3..dfd0988 100644
+--- a/crypto/bio/bss_conn.c
++++ b/crypto/bio/bss_conn.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -198,7 +150,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c)
+ ret = BIO_connect(b->num, BIO_ADDRINFO_address(c->addr_iter),
+ BIO_SOCK_KEEPALIVE | c->connect_mode);
+ b->retry_reason = 0;
+- if (ret < 0) {
++ if (ret == 0) {
+ if (BIO_sock_should_retry(ret)) {
+ BIO_set_retry_special(b);
+ c->state = BIO_CONN_S_BLOCKED_CONNECT;
+diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
+index cf2f9f6..6dfcc9b 100644
+--- a/crypto/bio/bss_dgram.c
++++ b/crypto/bio/bss_dgram.c
+@@ -1,59 +1,10 @@
+ /*
+- * DTLS implementation written by Nagendra Modadugu
+- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -94,12 +45,6 @@
+ ((a)->s6_addr32[2] == htonl(0x0000ffff)))
+ # endif
+
+-# ifdef WATT32
+-# define sock_write SockWrite /* Watt-32 uses same names */
+-# define sock_read SockRead
+-# define sock_puts SockPuts
+-# endif
+-
+ static int dgram_write(BIO *h, const char *buf, int num);
+ static int dgram_read(BIO *h, char *buf, int size);
+ static int dgram_puts(BIO *h, const char *str);
+diff --git a/crypto/bio/bss_fd.c b/crypto/bio/bss_fd.c
+index 983e9fe..1e56cb6 100644
+--- a/crypto/bio/bss_fd.c
++++ b/crypto/bio/bss_fd.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
+index a37e89d..36099f8 100644
+--- a/crypto/bio/bss_file.c
++++ b/crypto/bio/bss_file.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*-
+@@ -154,6 +106,36 @@ static FILE *file_fopen(const char *filename, const char *mode)
+ } else if (GetLastError() == ERROR_NO_UNICODE_TRANSLATION) {
+ file = fopen(filename, mode);
+ }
++# elif defined(__DJGPP__)
++ {
++ char *newname = NULL;
++
++ if (!HAS_LFN_SUPPORT(filename)) {
++ char *iterator;
++ char lastchar;
++
++ newname = OPENSSL_malloc(strlen(filename) + 1);
++ if (newname == NULL)
++ return NULL;
++
++ for(iterator = newname, lastchar = '\0';
++ *filename; filename++, iterator++) {
++ if (lastchar == '/' && filename[0] == '.'
++ && filename[1] != '.' && filename[1] != '/') {
++ /* Leading dots are not permitted in plain DOS. */
++ *iterator = '_';
++ } else {
++ *iterator = *filename;
++ }
++ lastchar = *filename;
++ }
++ *iterator = '\0';
++ filename = newname;
++ }
++ file = fopen(filename, mode);
++
++ OPENSSL_free(newname);
++ }
+ # else
+ file = fopen(filename, mode);
+ # endif
+diff --git a/crypto/bio/bss_log.c b/crypto/bio/bss_log.c
+index c2c8c79..6cbde4d 100644
+--- a/crypto/bio/bss_log.c
++++ b/crypto/bio/bss_log.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
+index 46bd034..80da3a1 100644
+--- a/crypto/bio/bss_mem.c
++++ b/crypto/bio/bss_mem.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -150,17 +102,22 @@ static int mem_init(BIO *bi, unsigned long flags)
+ BIO_BUF_MEM *bb = OPENSSL_zalloc(sizeof(*bb));
+
+ if (bb == NULL)
+- return(0);
+- if ((bb->buf = BUF_MEM_new_ex(flags)) == NULL)
+- return(0);
+- if ((bb->readp = OPENSSL_zalloc(sizeof(*bb->readp))) == NULL)
+- return(0);
++ return 0;
++ if ((bb->buf = BUF_MEM_new_ex(flags)) == NULL) {
++ OPENSSL_free(bb);
++ return 0;
++ }
++ if ((bb->readp = OPENSSL_zalloc(sizeof(*bb->readp))) == NULL) {
++ BUF_MEM_free(bb->buf);
++ OPENSSL_free(bb);
++ return 0;
++ }
+ *bb->readp = *bb->buf;
+ bi->shutdown = 1;
+ bi->init = 1;
+ bi->num = -1;
+ bi->ptr = (char *)bb;
+- return(1);
++ return 1;
+ }
+
+ static int mem_new(BIO *bi)
+diff --git a/crypto/bio/bss_null.c b/crypto/bio/bss_null.c
+index 29561c7..e5c4adc 100644
+--- a/crypto/bio/bss_null.c
++++ b/crypto/bio/bss_null.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/bio/bss_sock.c b/crypto/bio/bss_sock.c
+index c1f76a2..570e898 100644
+--- a/crypto/bio/bss_sock.c
++++ b/crypto/bio/bss_sock.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -66,7 +18,11 @@
+ # include <openssl/bio.h>
+
+ # ifdef WATT32
+-# define sock_write SockWrite /* Watt-32 uses same names */
++/* Watt-32 uses same names */
++# undef sock_write
++# undef sock_read
++# undef sock_puts
++# define sock_write SockWrite
+ # define sock_read SockRead
+ # define sock_puts SockPuts
+ # endif
+diff --git a/crypto/blake2/Makefile.in b/crypto/blake2/Makefile.in
+deleted file mode 100644
+index ebfaa04..0000000
+--- a/crypto/blake2/Makefile.in
++++ /dev/null
+@@ -1,41 +0,0 @@
+-DIR= blake2
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=blake2b.c blake2s.c m_blake2b.c m_blake2s.c
+-LIBOBJ=blake2b.o blake2s.o m_blake2b.o m_blake2s.o
+-
+-SRC= $(LIBSRC)
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-update: depend
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/blake2/blake2_impl.h b/crypto/blake2/blake2_impl.h
+index 335a383..8fe5c95 100644
+--- a/crypto/blake2/blake2_impl.h
++++ b/crypto/blake2/blake2_impl.h
+@@ -1,16 +1,15 @@
+ /*
+- * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>.
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ /*
+ * Derived from the BLAKE2 reference implementation written by Samuel Neves.
++ * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>
+ * More information about the BLAKE2 hash function and its implementations
+ * can be found at https://blake2.net.
+ */
+diff --git a/crypto/blake2/blake2_locl.h b/crypto/blake2/blake2_locl.h
+index 10334b1..fb7beb9 100644
+--- a/crypto/blake2/blake2_locl.h
++++ b/crypto/blake2/blake2_locl.h
+@@ -1,16 +1,15 @@
+ /*
+- * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>.
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ /*
+ * Derived from the BLAKE2 reference implementation written by Samuel Neves.
++ * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>
+ * More information about the BLAKE2 hash function and its implementations
+ * can be found at https://blake2.net.
+ */
+diff --git a/crypto/blake2/blake2b.c b/crypto/blake2/blake2b.c
+index 8e92a0a..e77bd9a 100644
+--- a/crypto/blake2/blake2b.c
++++ b/crypto/blake2/blake2b.c
+@@ -1,16 +1,15 @@
+ /*
+- * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>.
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ /*
+ * Derived from the BLAKE2 reference implementation written by Samuel Neves.
++ * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>
+ * More information about the BLAKE2 hash function and its implementations
+ * can be found at https://blake2.net.
+ */
+@@ -229,8 +228,8 @@ int BLAKE2b_Update(BLAKE2B_CTX *c, const void *data, size_t datalen)
+ if (datalen > BLAKE2B_BLOCKBYTES) {
+ size_t stashlen = datalen % BLAKE2B_BLOCKBYTES;
+ /*
+- * If |datalen| is a multiple of the blocksize, stash
+- * last complete block, it can be final one...
++ * If |datalen| is a multiple of the blocksize, stash
++ * last complete block, it can be final one...
+ */
+ stashlen = stashlen ? stashlen : BLAKE2B_BLOCKBYTES;
+ datalen -= stashlen;
+diff --git a/crypto/blake2/blake2s.c b/crypto/blake2/blake2s.c
+index 227fa10..0b3503e 100644
+--- a/crypto/blake2/blake2s.c
++++ b/crypto/blake2/blake2s.c
+@@ -1,16 +1,15 @@
+ /*
+- * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>.
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ /*
+ * Derived from the BLAKE2 reference implementation written by Samuel Neves.
++ * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>
+ * More information about the BLAKE2 hash function and its implementations
+ * can be found at https://blake2.net.
+ */
+@@ -223,8 +222,8 @@ int BLAKE2s_Update(BLAKE2S_CTX *c, const void *data, size_t datalen)
+ if (datalen > BLAKE2S_BLOCKBYTES) {
+ size_t stashlen = datalen % BLAKE2S_BLOCKBYTES;
+ /*
+- * If |datalen| is a multiple of the blocksize, stash
+- * last complete block, it can be final one...
++ * If |datalen| is a multiple of the blocksize, stash
++ * last complete block, it can be final one...
+ */
+ stashlen = stashlen ? stashlen : BLAKE2S_BLOCKBYTES;
+ datalen -= stashlen;
+diff --git a/crypto/blake2/m_blake2b.c b/crypto/blake2/m_blake2b.c
+index e06bb5b..82c6f6b 100644
+--- a/crypto/blake2/m_blake2b.c
++++ b/crypto/blake2/m_blake2b.c
+@@ -1,16 +1,15 @@
+ /*
+- * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>.
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ /*
+ * Derived from the BLAKE2 reference implementation written by Samuel Neves.
++ * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>
+ * More information about the BLAKE2 hash function and its implementations
+ * can be found at https://blake2.net.
+ */
+@@ -49,7 +48,7 @@ static const EVP_MD blake2b_md = {
+ final,
+ NULL,
+ NULL,
+- 0,
++ BLAKE2B_BLOCKBYTES,
+ sizeof(EVP_MD *) + sizeof(BLAKE2B_CTX),
+ };
+
+diff --git a/crypto/blake2/m_blake2s.c b/crypto/blake2/m_blake2s.c
+index 6150e98..467e91a 100644
+--- a/crypto/blake2/m_blake2s.c
++++ b/crypto/blake2/m_blake2s.c
+@@ -1,16 +1,15 @@
+ /*
+- * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>.
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ /*
+ * Derived from the BLAKE2 reference implementation written by Samuel Neves.
++ * Copyright 2012, Samuel Neves <sneves at dei.uc.pt>
+ * More information about the BLAKE2 hash function and its implementations
+ * can be found at https://blake2.net.
+ */
+@@ -49,7 +48,7 @@ static const EVP_MD blake2s_md = {
+ final,
+ NULL,
+ NULL,
+- 0,
++ BLAKE2S_BLOCKBYTES,
+ sizeof(EVP_MD *) + sizeof(BLAKE2S_CTX),
+ };
+
+diff --git a/crypto/bn/Makefile.in b/crypto/bn/Makefile.in
+deleted file mode 100644
+index 420eebb..0000000
+--- a/crypto/bn/Makefile.in
++++ /dev/null
+@@ -1,149 +0,0 @@
+-#
+-# OpenSSL/crypto/bn/Makefile
+-#
+-
+-DIR= bn
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES= -I.. -I$(TOP) -I../include -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-BN_ASM= bn_asm.o
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
+- bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
+- bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
+- bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
+- bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c bn_srp.c
+-
+-LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
+- bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
+- bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
+- bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
+- bn_depr.o bn_const.o bn_x931p.o bn_intern.o bn_dh.o bn_srp.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= bn_lcl.h bn_prime.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-bn_prime.h: bn_prime.pl
+- $(PERL) bn_prime.pl >bn_prime.h
+-
+-divtest: divtest.c ../../libcrypto.a
+- cc -I../../include divtest.c -o divtest ../../libcrypto.a
+-
+-bnbug: bnbug.c ../../libcrypto.a top
+- cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-bn-586.s: asm/bn-586.pl ../perlasm/x86asm.pl
+- $(PERL) asm/bn-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-co-586.s: asm/co-586.pl ../perlasm/x86asm.pl
+- $(PERL) asm/co-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-x86-mont.s: asm/x86-mont.pl ../perlasm/x86asm.pl
+- $(PERL) asm/x86-mont.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-x86-gf2m.s: asm/x86-gf2m.pl ../perlasm/x86asm.pl
+- $(PERL) asm/x86-gf2m.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-
+-sparcv8.o: asm/sparcv8.S
+- $(CC) $(CFLAGS) -c asm/sparcv8.S
+-bn-sparcv9.o: asm/sparcv8plus.S
+- $(CC) $(CFLAGS) -c -o $@ asm/sparcv8plus.S
+-sparcv9a-mont.S: asm/sparcv9a-mont.pl
+- $(PERL) asm/sparcv9a-mont.pl $(PERLASM_SCHEME) $@
+-sparcv9-mont.S: asm/sparcv9-mont.pl
+- $(PERL) asm/sparcv9-mont.pl $(PERLASM_SCHEME) $@
+-vis3-mont.S: asm/vis3-mont.pl
+- $(PERL) asm/vis3-mont.pl $(PERLASM_SCHEME) $@
+-sparct4-mont.S: asm/sparct4-mont.pl
+- $(PERL) asm/sparct4-mont.pl $(PERLASM_SCHEME) $@
+-sparcv9-gf2m.S: asm/sparcv9-gf2m.pl
+- $(PERL) asm/sparcv9-gf2m.pl $(PERLASM_SCHEME) $@
+-
+-bn-mips.s: asm/mips.pl
+- $(PERL) asm/mips.pl $(PERLASM_SCHEME) $@
+-mips-mont.s: asm/mips-mont.pl
+- $(PERL) asm/mips-mont.pl $(PERLASM_SCHEME) $@
+-
+-bn-s390x.o: asm/s390x.S
+- $(CC) $(CFLAGS) -c -o $@ asm/s390x.S
+-s390x-gf2m.s: asm/s390x-gf2m.pl
+- $(PERL) asm/s390x-gf2m.pl $(PERLASM_SCHEME) $@
+-
+-x86_64-gcc.o: asm/x86_64-gcc.c
+- $(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
+-x86_64-mont.s: asm/x86_64-mont.pl
+- $(PERL) asm/x86_64-mont.pl $(PERLASM_SCHEME) $@
+-x86_64-mont5.s: asm/x86_64-mont5.pl
+- $(PERL) asm/x86_64-mont5.pl $(PERLASM_SCHEME) $@
+-x86_64-gf2m.s: asm/x86_64-gf2m.pl
+- $(PERL) asm/x86_64-gf2m.pl $(PERLASM_SCHEME) $@
+-rsaz-x86_64.s: asm/rsaz-x86_64.pl
+- $(PERL) asm/rsaz-x86_64.pl $(PERLASM_SCHEME) $@
+-rsaz-avx2.s: asm/rsaz-avx2.pl
+- $(PERL) asm/rsaz-avx2.pl $(PERLASM_SCHEME) $@
+-
+-bn-ia64.s: asm/ia64.S
+- $(CC) $(CFLAGS) -E asm/ia64.S > $@
+-ia64-mont.s: asm/ia64-mont.pl
+- $(PERL) asm/ia64-mont.pl $(CFLAGS) $@
+-
+-parisc-mont.s: asm/parisc-mont.pl
+- $(PERL) asm/parisc-mont.pl $(PERLASM_SCHEME) $@
+-
+-# ppc - AIX, Linux, MacOS X...
+-bn-ppc.s: asm/ppc.pl; $(PERL) asm/ppc.pl $(PERLASM_SCHEME) $@
+-ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
+-ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
+-
+-alpha-mont.s: asm/alpha-mont.pl
+- (preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+- $(PERL) asm/alpha-mont.pl $$preproc && \
+- $(CC) -E -P $$preproc > $@ && rm $$preproc)
+-
+-# GNU make "catch all"
+-%-mont.S: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-%-gf2m.S: asm/%-gf2m.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-
+-armv4-mont.o: armv4-mont.S
+-armv4-gf2m.o: armv4-gf2m.S
+-armv8-mont.o: armv8-mont.S
+-
+-div:
+- rm -f a.out
+- gcc -I.. -g div.c ../../libcrypto.a
+-
+-generate: bn_prime.h
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# Different flavours of make disagree on where output goes
+-.c.o:
+- $(CC) $(CFLAGS) -c $< -o $@
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/bn/asm/alpha-mont.pl b/crypto/bn/asm/alpha-mont.pl
+index 2ac3532..1d68d6d 100644
+--- a/crypto/bn/asm/alpha-mont.pl
++++ b/crypto/bn/asm/alpha-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/bn/asm/armv4-gf2m.pl b/crypto/bn/asm/armv4-gf2m.pl
+index 36681ee..0bb5433 100644
+--- a/crypto/bn/asm/armv4-gf2m.pl
++++ b/crypto/bn/asm/armv4-gf2m.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/armv4-mont.pl b/crypto/bn/asm/armv4-mont.pl
+index c791502..0dc4fe9 100644
+--- a/crypto/bn/asm/armv4-mont.pl
++++ b/crypto/bn/asm/armv4-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/armv8-mont.pl b/crypto/bn/asm/armv8-mont.pl
+index f04aab1..5d5af1b 100755
+--- a/crypto/bn/asm/armv8-mont.pl
++++ b/crypto/bn/asm/armv8-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/bn-586.pl b/crypto/bn/asm/bn-586.pl
+index 3f34abe..1ca1bbf 100644
+--- a/crypto/bn/asm/bn-586.pl
++++ b/crypto/bn/asm/bn-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+ push(@INC,"${dir}","${dir}../../perlasm");
+diff --git a/crypto/bn/asm/c64xplus-gf2m.pl b/crypto/bn/asm/c64xplus-gf2m.pl
+index c79f46f..c0e5400 100644
+--- a/crypto/bn/asm/c64xplus-gf2m.pl
++++ b/crypto/bn/asm/c64xplus-gf2m.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/co-586.pl b/crypto/bn/asm/co-586.pl
+index ec3ea34..60d0363 100644
+--- a/crypto/bn/asm/co-586.pl
++++ b/crypto/bn/asm/co-586.pl
+@@ -1,4 +1,10 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+ push(@INC,"${dir}","${dir}../../perlasm");
+diff --git a/crypto/bn/asm/ia64-mont.pl b/crypto/bn/asm/ia64-mont.pl
+index 710ca3c..5cc5c59 100644
+--- a/crypto/bn/asm/ia64-mont.pl
++++ b/crypto/bn/asm/ia64-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/bn/asm/mips-mont.pl b/crypto/bn/asm/mips-mont.pl
+index 3bccdf6..a907571 100644
+--- a/crypto/bn/asm/mips-mont.pl
++++ b/crypto/bn/asm/mips-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/mips.pl b/crypto/bn/asm/mips.pl
+index 4c8eba0..e3a38bd 100644
+--- a/crypto/bn/asm/mips.pl
++++ b/crypto/bn/asm/mips.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/bn/asm/parisc-mont.pl b/crypto/bn/asm/parisc-mont.pl
+index aa6c797..8aa94e8 100644
+--- a/crypto/bn/asm/parisc-mont.pl
++++ b/crypto/bn/asm/parisc-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/bn/asm/ppc-mont.pl b/crypto/bn/asm/ppc-mont.pl
+index 6930a3a..5802260 100644
+--- a/crypto/bn/asm/ppc-mont.pl
++++ b/crypto/bn/asm/ppc-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/bn/asm/ppc.pl b/crypto/bn/asm/ppc.pl
+index 446d8ba..346e01f 100644
+--- a/crypto/bn/asm/ppc.pl
++++ b/crypto/bn/asm/ppc.pl
+@@ -1,5 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ # Implemented as a Perl wrapper as we want to support several different
+ # architectures with single file. We pick up the target based on the
+ # file name we are asked to generate.
+diff --git a/crypto/bn/asm/ppc64-mont.pl b/crypto/bn/asm/ppc64-mont.pl
+index 595fc6d..1e19c95 100644
+--- a/crypto/bn/asm/ppc64-mont.pl
++++ b/crypto/bn/asm/ppc64-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/rsaz-avx2.pl b/crypto/bn/asm/rsaz-avx2.pl
+index 712a77f..1b9f85f 100755
+--- a/crypto/bn/asm/rsaz-avx2.pl
++++ b/crypto/bn/asm/rsaz-avx2.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ ##############################################################################
+ # #
+diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl
+index 3290054..0589f42 100755
+--- a/crypto/bn/asm/rsaz-x86_64.pl
++++ b/crypto/bn/asm/rsaz-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ ##############################################################################
+ # #
+diff --git a/crypto/bn/asm/s390x-gf2m.pl b/crypto/bn/asm/s390x-gf2m.pl
+index 1d76c9f..cbd16f4 100644
+--- a/crypto/bn/asm/s390x-gf2m.pl
++++ b/crypto/bn/asm/s390x-gf2m.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/s390x-mont.pl b/crypto/bn/asm/s390x-mont.pl
+index bdad486..2205bc2 100644
+--- a/crypto/bn/asm/s390x-mont.pl
++++ b/crypto/bn/asm/s390x-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/bn/asm/sparct4-mont.pl b/crypto/bn/asm/sparct4-mont.pl
+index 7ec83c2..4faf66f 100755
+--- a/crypto/bn/asm/sparct4-mont.pl
++++ b/crypto/bn/asm/sparct4-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by David S. Miller <davem at devemloft.net> and Andy Polyakov
+diff --git a/crypto/bn/asm/sparcv9-gf2m.pl b/crypto/bn/asm/sparcv9-gf2m.pl
+index c7bf9f2..dcf11a8 100644
+--- a/crypto/bn/asm/sparcv9-gf2m.pl
++++ b/crypto/bn/asm/sparcv9-gf2m.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/sparcv9-mont.pl b/crypto/bn/asm/sparcv9-mont.pl
+index 4f922c3..771cd96 100644
+--- a/crypto/bn/asm/sparcv9-mont.pl
++++ b/crypto/bn/asm/sparcv9-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/bn/asm/sparcv9a-mont.pl b/crypto/bn/asm/sparcv9a-mont.pl
+index 7a4782e..902c0d3 100755
+--- a/crypto/bn/asm/sparcv9a-mont.pl
++++ b/crypto/bn/asm/sparcv9a-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/bn/asm/via-mont.pl b/crypto/bn/asm/via-mont.pl
+index 8cf4dde..9f81bc8 100644
+--- a/crypto/bn/asm/via-mont.pl
++++ b/crypto/bn/asm/via-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/bn/asm/vis3-mont.pl b/crypto/bn/asm/vis3-mont.pl
+index 7b953a2..64dba44 100644
+--- a/crypto/bn/asm/vis3-mont.pl
++++ b/crypto/bn/asm/vis3-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/vms.mar b/crypto/bn/asm/vms.mar
+deleted file mode 100644
+index aefab15..0000000
+--- a/crypto/bn/asm/vms.mar
++++ /dev/null
+@@ -1,6440 +0,0 @@
+- .title vax_bn_mul_add_words unsigned multiply & add, 32*32+32+32=>64
+-;
+-; w.j.m. 15-jan-1999
+-;
+-; it's magic ...
+-;
+-; ULONG bn_mul_add_words(ULONG r[],ULONG a[],int n,ULONG w) {
+-; ULONG c = 0;
+-; int i;
+-; for(i = 0; i < n; i++) <c,r[i]> := r[i] + c + a[i] * w ;
+-; return c;
+-; }
+-
+-r=4 ;(AP)
+-a=8 ;(AP)
+-n=12 ;(AP) n by value (input)
+-w=16 ;(AP) w by value (input)
+-
+-
+- .psect code,nowrt
+-
+-.entry bn_mul_add_words,^m<r2,r3,r4,r5,r6>
+-
+- moval @r(ap),r2
+- moval @a(ap),r3
+- movl n(ap),r4 ; assumed >0 by C code
+- movl w(ap),r5
+- clrl r6 ; c
+-
+-0$:
+- emul r5,(r3),(r2),r0 ; w, a[], r[] considered signed
+-
+- ; fixup for "negative" r[]
+- tstl (r2)
+- bgeq 10$
+- incl r1
+-10$:
+-
+- ; add in c
+- addl2 r6,r0
+- adwc #0,r1
+-
+- ; combined fixup for "negative" w, a[]
+- tstl r5
+- bgeq 20$
+- addl2 (r3),r1
+-20$:
+- tstl (r3)
+- bgeq 30$
+- addl2 r5,r1
+-30$:
+-
+- movl r0,(r2)+ ; store lo result in r[] & advance
+- addl #4,r3 ; advance a[]
+- movl r1,r6 ; store hi result => c
+-
+- sobgtr r4,0$
+-
+- movl r6,r0 ; return c
+- ret
+-�
+- .title vax_bn_mul_words unsigned multiply & add, 32*32+32=>64
+-;
+-; w.j.m. 15-jan-1999
+-;
+-; it's magic ...
+-;
+-; ULONG bn_mul_words(ULONG r[],ULONG a[],int n,ULONG w) {
+-; ULONG c = 0;
+-; int i;
+-; for(i = 0; i < num; i++) <c,r[i]> := a[i] * w + c ;
+-; return(c);
+-; }
+-
+-r=4 ;(AP)
+-a=8 ;(AP)
+-n=12 ;(AP) n by value (input)
+-w=16 ;(AP) w by value (input)
+-
+-
+- .psect code,nowrt
+-
+-.entry bn_mul_words,^m<r2,r3,r4,r5,r6>
+-
+- moval @r(ap),r2 ; r2 -> r[]
+- moval @a(ap),r3 ; r3 -> a[]
+- movl n(ap),r4 ; r4 = loop count (assumed >0 by C code)
+- movl w(ap),r5 ; r5 = w
+- clrl r6 ; r6 = c
+-
+-0$:
+- ; <r1,r0> := w * a[] + c
+- emul r5,(r3),r6,r0 ; w, a[], c considered signed
+-
+- ; fixup for "negative" c
+- tstl r6 ; c
+- bgeq 10$
+- incl r1
+-10$:
+-
+- ; combined fixup for "negative" w, a[]
+- tstl r5 ; w
+- bgeq 20$
+- addl2 (r3),r1 ; a[]
+-20$:
+- tstl (r3) ; a[]
+- bgeq 30$
+- addl2 r5,r1 ; w
+-30$:
+-
+- movl r0,(r2)+ ; store lo result in r[] & advance
+- addl #4,r3 ; advance a[]
+- movl r1,r6 ; store hi result => c
+-
+- sobgtr r4,0$
+-
+- movl r6,r0 ; return c
+- ret
+-�
+- .title vax_bn_sqr_words unsigned square, 32*32=>64
+-;
+-; w.j.m. 15-jan-1999
+-;
+-; it's magic ...
+-;
+-; void bn_sqr_words(ULONG r[],ULONG a[],int n) {
+-; int i;
+-; for(i = 0; i < n; i++) <r[2*i+1],r[2*i]> := a[i] * a[i] ;
+-; }
+-
+-r=4 ;(AP)
+-a=8 ;(AP)
+-n=12 ;(AP) n by value (input)
+-
+-
+- .psect code,nowrt
+-
+-.entry bn_sqr_words,^m<r2,r3,r4,r5>
+-
+- moval @r(ap),r2 ; r2 -> r[]
+- moval @a(ap),r3 ; r3 -> a[]
+- movl n(ap),r4 ; r4 = n (assumed >0 by C code)
+-
+-0$:
+- movl (r3)+,r5 ; r5 = a[] & advance
+-
+- ; <r1,r0> := a[] * a[]
+- emul r5,r5,#0,r0 ; a[] considered signed
+-
+- ; fixup for "negative" a[]
+- tstl r5 ; a[]
+- bgeq 30$
+- addl2 r5,r1 ; a[]
+- addl2 r5,r1 ; a[]
+-30$:
+-
+- movl r0,(r2)+ ; store lo result in r[] & advance
+- movl r1,(r2)+ ; store hi result in r[] & advance
+-
+- sobgtr r4,0$
+-
+- movl #1,r0 ; return SS$_NORMAL
+- ret
+-�
+- .title vax_bn_div_words unsigned divide
+-;
+-; Richard Levitte 20-Nov-2000
+-;
+-; ULONG bn_div_words(ULONG h, ULONG l, ULONG d)
+-; {
+-; return ((ULONG)((((ULLONG)h)<<32)|l) / (ULLONG)d);
+-; }
+-;
+-; Using EDIV would be very easy, if it didn't do signed calculations.
+-; Any time any of the input numbers are signed, there are problems,
+-; usually with integer overflow, at which point it returns useless
+-; data (the quotient gets the value of l, and the remainder becomes 0).
+-;
+-; If it was just for the dividend, it would be very easy, just divide
+-; it by 2 (unsigned), do the division, multiply the resulting quotient
+-; and remainder by 2, add the bit that was dropped when dividing by 2
+-; to the remainder, and do some adjustment so the remainder doesn't
+-; end up larger than the divisor. For some cases when the divisor is
+-; negative (from EDIV's point of view, i.e. when the highest bit is set),
+-; dividing the dividend by 2 isn't enough, and since some operations
+-; might generate integer overflows even when the dividend is divided by
+-; 4 (when the high part of the shifted down dividend ends up being exactly
+-; half of the divisor, the result is the quotient 0x80000000, which is
+-; negative...) it needs to be divided by 8. Furthermore, the divisor needs
+-; to be divided by 2 (unsigned) as well, to avoid more problems with the sign.
+-; In this case, a little extra fiddling with the remainder is required.
+-;
+-; So, the simplest way to handle this is always to divide the dividend
+-; by 8, and to divide the divisor by 2 if it's highest bit is set.
+-; After EDIV has been used, the quotient gets multiplied by 8 if the
+-; original divisor was positive, otherwise 4. The remainder, oddly
+-; enough, is *always* multiplied by 8.
+-; NOTE: in the case mentioned above, where the high part of the shifted
+-; down dividend ends up being exactly half the shifted down divisor, we
+-; end up with a 33 bit quotient. That's no problem however, it usually
+-; means we have ended up with a too large remainder as well, and the
+-; problem is fixed by the last part of the algorithm (next paragraph).
+-;
+-; The routine ends with comparing the resulting remainder with the
+-; original divisor and if the remainder is larger, subtract the
+-; original divisor from it, and increase the quotient by 1. This is
+-; done until the remainder is smaller than the divisor.
+-;
+-; The complete algorithm looks like this:
+-;
+-; d' = d
+-; l' = l & 7
+-; [h,l] = [h,l] >> 3
+-; [q,r] = floor([h,l] / d) # This is the EDIV operation
+-; if (q < 0) q = -q # I doubt this is necessary any more
+-;
+-; r' = r >> 29
+-; if (d' >= 0)
+-; q' = q >> 29
+-; q = q << 3
+-; else
+-; q' = q >> 30
+-; q = q << 2
+-; r = (r << 3) + l'
+-;
+-; if (d' < 0)
+-; {
+-; [r',r] = [r',r] - q
+-; while ([r',r] < 0)
+-; {
+-; [r',r] = [r',r] + d
+-; [q',q] = [q',q] - 1
+-; }
+-; }
+-;
+-; while ([r',r] >= d')
+-; {
+-; [r',r] = [r',r] - d'
+-; [q',q] = [q',q] + 1
+-; }
+-;
+-; return q
+-
+-h=4 ;(AP) h by value (input)
+-l=8 ;(AP) l by value (input)
+-d=12 ;(AP) d by value (input)
+-
+-;r2 = l, q
+-;r3 = h, r
+-;r4 = d
+-;r5 = l'
+-;r6 = r'
+-;r7 = d'
+-;r8 = q'
+-
+- .psect code,nowrt
+-
+-.entry bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8>
+- movl l(ap),r2
+- movl h(ap),r3
+- movl d(ap),r4
+-
+- bicl3 #^XFFFFFFF8,r2,r5 ; l' = l & 7
+- bicl3 #^X00000007,r2,r2
+-
+- bicl3 #^XFFFFFFF8,r3,r6
+- bicl3 #^X00000007,r3,r3
+-
+- addl r6,r2
+-
+- rotl #-3,r2,r2 ; l = l >> 3
+- rotl #-3,r3,r3 ; h = h >> 3
+-
+- movl r4,r7 ; d' = d
+-
+- movl #0,r6 ; r' = 0
+- movl #0,r8 ; q' = 0
+-
+- tstl r4
+- beql 666$ ; Uh-oh, the divisor is 0...
+- bgtr 1$
+- rotl #-1,r4,r4 ; If d is negative, shift it right.
+- bicl2 #^X80000000,r4 ; Since d is then a large number, the
+- ; lowest bit is insignificant
+- ; (contradict that, and I'll fix the problem!)
+-1$:
+- ediv r4,r2,r2,r3 ; Do the actual division
+-
+- tstl r2
+- bgeq 3$
+- mnegl r2,r2 ; if q < 0, negate it
+-3$:
+- tstl r7
+- blss 4$
+- rotl #3,r2,r2 ; q = q << 3
+- bicl3 #^XFFFFFFF8,r2,r8 ; q' gets the high bits from q
+- bicl3 #^X00000007,r2,r2
+- bsb 41$
+-4$: ; else
+- rotl #2,r2,r2 ; q = q << 2
+- bicl3 #^XFFFFFFFC,r2,r8 ; q' gets the high bits from q
+- bicl3 #^X00000003,r2,r2
+-41$:
+- rotl #3,r3,r3 ; r = r << 3
+- bicl3 #^XFFFFFFF8,r3,r6 ; r' gets the high bits from r
+- bicl3 #^X00000007,r3,r3
+- addl r5,r3 ; r = r + l'
+-
+- tstl r7
+- bgeq 5$
+- bitl #1,r7
+- beql 5$ ; if d' < 0 && d' & 1
+- subl r2,r3 ; [r',r] = [r',r] - [q',q]
+- sbwc r8,r6
+-45$:
+- bgeq 5$ ; while r < 0
+- decl r2 ; [q',q] = [q',q] - 1
+- sbwc #0,r8
+- addl r7,r3 ; [r',r] = [r',r] + d'
+- adwc #0,r6
+- brb 45$
+-
+-; The return points are placed in the middle to keep a short distance from
+-; all the branch points
+-42$:
+-; movl r3,r1
+- movl r2,r0
+- ret
+-666$:
+- movl #^XFFFFFFFF,r0
+- ret
+-
+-5$:
+- tstl r6
+- bneq 6$
+- cmpl r3,r7
+- blssu 42$ ; while [r',r] >= d'
+-6$:
+- subl r7,r3 ; [r',r] = [r',r] - d'
+- sbwc #0,r6
+- incl r2 ; [q',q] = [q',q] + 1
+- adwc #0,r8
+- brb 5$
+-�
+- .title vax_bn_add_words unsigned add of two arrays
+-;
+-; Richard Levitte 20-Nov-2000
+-;
+-; ULONG bn_add_words(ULONG r[], ULONG a[], ULONG b[], int n) {
+-; ULONG c = 0;
+-; int i;
+-; for (i = 0; i < n; i++) <c,r[i]> = a[i] + b[i] + c;
+-; return(c);
+-; }
+-
+-r=4 ;(AP) r by reference (output)
+-a=8 ;(AP) a by reference (input)
+-b=12 ;(AP) b by reference (input)
+-n=16 ;(AP) n by value (input)
+-
+-
+- .psect code,nowrt
+-
+-.entry bn_add_words,^m<r2,r3,r4,r5,r6>
+-
+- moval @r(ap),r2
+- moval @a(ap),r3
+- moval @b(ap),r4
+- movl n(ap),r5 ; assumed >0 by C code
+- clrl r0 ; c
+-
+- tstl r5 ; carry = 0
+- bleq 666$
+-
+-0$:
+- movl (r3)+,r6 ; carry untouched
+- adwc (r4)+,r6 ; carry used and touched
+- movl r6,(r2)+ ; carry untouched
+- sobgtr r5,0$ ; carry untouched
+-
+- adwc #0,r0
+-666$:
+- ret
+-�
+- .title vax_bn_sub_words unsigned add of two arrays
+-;
+-; Richard Levitte 20-Nov-2000
+-;
+-; ULONG bn_sub_words(ULONG r[], ULONG a[], ULONG b[], int n) {
+-; ULONG c = 0;
+-; int i;
+-; for (i = 0; i < n; i++) <c,r[i]> = a[i] - b[i] - c;
+-; return(c);
+-; }
+-
+-r=4 ;(AP) r by reference (output)
+-a=8 ;(AP) a by reference (input)
+-b=12 ;(AP) b by reference (input)
+-n=16 ;(AP) n by value (input)
+-
+-
+- .psect code,nowrt
+-
+-.entry bn_sub_words,^m<r2,r3,r4,r5,r6>
+-
+- moval @r(ap),r2
+- moval @a(ap),r3
+- moval @b(ap),r4
+- movl n(ap),r5 ; assumed >0 by C code
+- clrl r0 ; c
+-
+- tstl r5 ; carry = 0
+- bleq 666$
+-
+-0$:
+- movl (r3)+,r6 ; carry untouched
+- sbwc (r4)+,r6 ; carry used and touched
+- movl r6,(r2)+ ; carry untouched
+- sobgtr r5,0$ ; carry untouched
+-
+- adwc #0,r0
+-666$:
+- ret
+-�
+-
+-;r=4 ;(AP)
+-;a=8 ;(AP)
+-;b=12 ;(AP)
+-;n=16 ;(AP) n by value (input)
+-
+- .psect code,nowrt
+-
+-.entry BN_MUL_COMBA8,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
+- movab -924(sp),sp
+- clrq r8
+-
+- clrl r10
+-
+- movl 8(ap),r6
+- movzwl 2(r6),r3
+- movl 12(ap),r7
+- bicl3 #-65536,(r7),r2
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,(r6),-12(fp)
+- bicl3 #-65536,r3,-16(fp)
+- mull3 r0,-12(fp),-4(fp)
+- mull2 r2,-12(fp)
+- mull3 r2,-16(fp),-8(fp)
+- mull2 r0,-16(fp)
+- addl3 -4(fp),-8(fp),r0
+- bicl3 #0,r0,-4(fp)
+- cmpl -4(fp),-8(fp)
+- bgequ noname.45
+- addl2 #65536,-16(fp)
+-noname.45:
+- movzwl -2(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-16(fp)
+- bicl3 #-65536,-4(fp),r0
+- ashl #16,r0,-8(fp)
+- addl3 -8(fp),-12(fp),r0
+- bicl3 #0,r0,-12(fp)
+- cmpl -12(fp),-8(fp)
+- bgequ noname.46
+- incl -16(fp)
+-noname.46:
+- movl -12(fp),r1
+- movl -16(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.47
+- incl r2
+-noname.47:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.48
+- incl r10
+-noname.48:
+-
+- movl 4(ap),r11
+- movl r9,(r11)
+-
+- clrl r9
+-
+- movzwl 2(r6),r2
+- bicl3 #-65536,4(r7),r3
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,(r6),-28(fp)
+- bicl3 #-65536,r2,-32(fp)
+- mull3 r0,-28(fp),-20(fp)
+- mull2 r3,-28(fp)
+- mull3 r3,-32(fp),-24(fp)
+- mull2 r0,-32(fp)
+- addl3 -20(fp),-24(fp),r0
+- bicl3 #0,r0,-20(fp)
+- cmpl -20(fp),-24(fp)
+- bgequ noname.49
+- addl2 #65536,-32(fp)
+-noname.49:
+- movzwl -18(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-32(fp)
+- bicl3 #-65536,-20(fp),r0
+- ashl #16,r0,-24(fp)
+- addl3 -24(fp),-28(fp),r0
+- bicl3 #0,r0,-28(fp)
+- cmpl -28(fp),-24(fp)
+- bgequ noname.50
+- incl -32(fp)
+-noname.50:
+- movl -28(fp),r1
+- movl -32(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.51
+- incl r2
+-noname.51:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.52
+- incl r9
+-noname.52:
+-
+- movzwl 6(r6),r2
+- bicl3 #-65536,(r7),r3
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,4(r6),-44(fp)
+- bicl3 #-65536,r2,-48(fp)
+- mull3 r0,-44(fp),-36(fp)
+- mull2 r3,-44(fp)
+- mull3 r3,-48(fp),-40(fp)
+- mull2 r0,-48(fp)
+- addl3 -36(fp),-40(fp),r0
+- bicl3 #0,r0,-36(fp)
+- cmpl -36(fp),-40(fp)
+- bgequ noname.53
+- addl2 #65536,-48(fp)
+-noname.53:
+- movzwl -34(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-48(fp)
+- bicl3 #-65536,-36(fp),r0
+- ashl #16,r0,-40(fp)
+- addl3 -40(fp),-44(fp),r0
+- bicl3 #0,r0,-44(fp)
+- cmpl -44(fp),-40(fp)
+- bgequ noname.54
+- incl -48(fp)
+-noname.54:
+- movl -44(fp),r1
+- movl -48(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.55
+- incl r2
+-noname.55:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.56
+- incl r9
+-noname.56:
+-
+- movl r8,4(r11)
+-
+- clrl r8
+-
+- movzwl 10(r6),r2
+- bicl3 #-65536,(r7),r3
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,8(r6),-60(fp)
+- bicl3 #-65536,r2,-64(fp)
+- mull3 r0,-60(fp),-52(fp)
+- mull2 r3,-60(fp)
+- mull3 r3,-64(fp),-56(fp)
+- mull2 r0,-64(fp)
+- addl3 -52(fp),-56(fp),r0
+- bicl3 #0,r0,-52(fp)
+- cmpl -52(fp),-56(fp)
+- bgequ noname.57
+- addl2 #65536,-64(fp)
+-noname.57:
+- movzwl -50(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-64(fp)
+- bicl3 #-65536,-52(fp),r0
+- ashl #16,r0,-56(fp)
+- addl3 -56(fp),-60(fp),r0
+- bicl3 #0,r0,-60(fp)
+- cmpl -60(fp),-56(fp)
+- bgequ noname.58
+- incl -64(fp)
+-noname.58:
+- movl -60(fp),r1
+- movl -64(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.59
+- incl r2
+-noname.59:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.60
+- incl r8
+-noname.60:
+-
+- movzwl 6(r6),r2
+- bicl3 #-65536,4(r7),r3
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,4(r6),-76(fp)
+- bicl3 #-65536,r2,-80(fp)
+- mull3 r0,-76(fp),-68(fp)
+- mull2 r3,-76(fp)
+- mull3 r3,-80(fp),-72(fp)
+- mull2 r0,-80(fp)
+- addl3 -68(fp),-72(fp),r0
+- bicl3 #0,r0,-68(fp)
+- cmpl -68(fp),-72(fp)
+- bgequ noname.61
+- addl2 #65536,-80(fp)
+-noname.61:
+- movzwl -66(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-80(fp)
+- bicl3 #-65536,-68(fp),r0
+- ashl #16,r0,-72(fp)
+- addl3 -72(fp),-76(fp),r0
+- bicl3 #0,r0,-76(fp)
+- cmpl -76(fp),-72(fp)
+- bgequ noname.62
+- incl -80(fp)
+-noname.62:
+- movl -76(fp),r1
+- movl -80(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.63
+- incl r2
+-noname.63:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.64
+- incl r8
+-noname.64:
+-
+- movzwl 2(r6),r2
+- bicl3 #-65536,8(r7),r3
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,(r6),-92(fp)
+- bicl3 #-65536,r2,-96(fp)
+- mull3 r0,-92(fp),-84(fp)
+- mull2 r3,-92(fp)
+- mull3 r3,-96(fp),-88(fp)
+- mull2 r0,-96(fp)
+- addl3 -84(fp),-88(fp),r0
+- bicl3 #0,r0,-84(fp)
+- cmpl -84(fp),-88(fp)
+- bgequ noname.65
+- addl2 #65536,-96(fp)
+-noname.65:
+- movzwl -82(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-96(fp)
+- bicl3 #-65536,-84(fp),r0
+- ashl #16,r0,-88(fp)
+- addl3 -88(fp),-92(fp),r0
+- bicl3 #0,r0,-92(fp)
+- cmpl -92(fp),-88(fp)
+- bgequ noname.66
+- incl -96(fp)
+-noname.66:
+- movl -92(fp),r1
+- movl -96(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.67
+- incl r2
+-noname.67:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.68
+- incl r8
+-noname.68:
+-
+- movl r10,8(r11)
+-
+- clrl r10
+-
+- movzwl 2(r6),r2
+- bicl3 #-65536,12(r7),r3
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,(r6),-108(fp)
+- bicl3 #-65536,r2,-112(fp)
+- mull3 r0,-108(fp),-100(fp)
+- mull2 r3,-108(fp)
+- mull3 r3,-112(fp),-104(fp)
+- mull2 r0,-112(fp)
+- addl3 -100(fp),-104(fp),r0
+- bicl3 #0,r0,-100(fp)
+- cmpl -100(fp),-104(fp)
+- bgequ noname.69
+- addl2 #65536,-112(fp)
+-noname.69:
+- movzwl -98(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-112(fp)
+- bicl3 #-65536,-100(fp),r0
+- ashl #16,r0,-104(fp)
+- addl3 -104(fp),-108(fp),r0
+- bicl3 #0,r0,-108(fp)
+- cmpl -108(fp),-104(fp)
+- bgequ noname.70
+- incl -112(fp)
+-noname.70:
+- movl -108(fp),r1
+- movl -112(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.71
+- incl r2
+-noname.71:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.72
+- incl r10
+-noname.72:
+-
+- movzwl 6(r6),r2
+- bicl3 #-65536,8(r7),r3
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,4(r6),-124(fp)
+- bicl3 #-65536,r2,-128(fp)
+- mull3 r0,-124(fp),-116(fp)
+- mull2 r3,-124(fp)
+- mull3 r3,-128(fp),-120(fp)
+- mull2 r0,-128(fp)
+- addl3 -116(fp),-120(fp),r0
+- bicl3 #0,r0,-116(fp)
+- cmpl -116(fp),-120(fp)
+- bgequ noname.73
+- addl2 #65536,-128(fp)
+-noname.73:
+- movzwl -114(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-128(fp)
+- bicl3 #-65536,-116(fp),r0
+- ashl #16,r0,-120(fp)
+- addl3 -120(fp),-124(fp),r0
+- bicl3 #0,r0,-124(fp)
+- cmpl -124(fp),-120(fp)
+- bgequ noname.74
+- incl -128(fp)
+-noname.74:
+- movl -124(fp),r1
+- movl -128(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.75
+- incl r2
+-noname.75:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.76
+- incl r10
+-noname.76:
+-
+- movzwl 10(r6),r2
+- bicl3 #-65536,4(r7),r3
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,8(r6),-140(fp)
+- bicl3 #-65536,r2,-144(fp)
+- mull3 r0,-140(fp),-132(fp)
+- mull2 r3,-140(fp)
+- mull3 r3,-144(fp),-136(fp)
+- mull2 r0,-144(fp)
+- addl3 -132(fp),-136(fp),r0
+- bicl3 #0,r0,-132(fp)
+- cmpl -132(fp),-136(fp)
+- bgequ noname.77
+- addl2 #65536,-144(fp)
+-noname.77:
+- movzwl -130(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-144(fp)
+- bicl3 #-65536,-132(fp),r0
+- ashl #16,r0,-136(fp)
+- addl3 -136(fp),-140(fp),r0
+- bicl3 #0,r0,-140(fp)
+- cmpl -140(fp),-136(fp)
+- bgequ noname.78
+- incl -144(fp)
+-noname.78:
+- movl -140(fp),r1
+- movl -144(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.79
+- incl r2
+-noname.79:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.80
+- incl r10
+-noname.80:
+-
+- movzwl 14(r6),r2
+- bicl3 #-65536,(r7),r3
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,12(r6),-156(fp)
+- bicl3 #-65536,r2,-160(fp)
+- mull3 r0,-156(fp),-148(fp)
+- mull2 r3,-156(fp)
+- mull3 r3,-160(fp),-152(fp)
+- mull2 r0,-160(fp)
+- addl3 -148(fp),-152(fp),r0
+- bicl3 #0,r0,-148(fp)
+- cmpl -148(fp),-152(fp)
+- bgequ noname.81
+- addl2 #65536,-160(fp)
+-noname.81:
+- movzwl -146(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-160(fp)
+- bicl3 #-65536,-148(fp),r0
+- ashl #16,r0,-152(fp)
+- addl3 -152(fp),-156(fp),r0
+- bicl3 #0,r0,-156(fp)
+- cmpl -156(fp),-152(fp)
+- bgequ noname.82
+- incl -160(fp)
+-noname.82:
+- movl -156(fp),r1
+- movl -160(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.83
+- incl r2
+-noname.83:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.84
+- incl r10
+-noname.84:
+-
+- movl r9,12(r11)
+-
+- clrl r9
+-
+- movzwl 18(r6),r2
+- bicl3 #-65536,(r7),r3
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,16(r6),-172(fp)
+- bicl3 #-65536,r2,-176(fp)
+- mull3 r0,-172(fp),-164(fp)
+- mull2 r3,-172(fp)
+- mull3 r3,-176(fp),-168(fp)
+- mull2 r0,-176(fp)
+- addl3 -164(fp),-168(fp),r0
+- bicl3 #0,r0,-164(fp)
+- cmpl -164(fp),-168(fp)
+- bgequ noname.85
+- addl2 #65536,-176(fp)
+-noname.85:
+- movzwl -162(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-176(fp)
+- bicl3 #-65536,-164(fp),r0
+- ashl #16,r0,-168(fp)
+- addl3 -168(fp),-172(fp),r0
+- bicl3 #0,r0,-172(fp)
+- cmpl -172(fp),-168(fp)
+- bgequ noname.86
+- incl -176(fp)
+-noname.86:
+- movl -172(fp),r1
+- movl -176(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.87
+- incl r2
+-noname.87:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.88
+- incl r9
+-noname.88:
+-
+- movzwl 14(r6),r2
+- bicl3 #-65536,4(r7),r3
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,12(r6),-188(fp)
+- bicl3 #-65536,r2,-192(fp)
+- mull3 r0,-188(fp),-180(fp)
+- mull2 r3,-188(fp)
+- mull3 r3,-192(fp),-184(fp)
+- mull2 r0,-192(fp)
+- addl3 -180(fp),-184(fp),r0
+- bicl3 #0,r0,-180(fp)
+- cmpl -180(fp),-184(fp)
+- bgequ noname.89
+- addl2 #65536,-192(fp)
+-noname.89:
+- movzwl -178(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-192(fp)
+- bicl3 #-65536,-180(fp),r0
+- ashl #16,r0,-184(fp)
+- addl3 -184(fp),-188(fp),r0
+- bicl3 #0,r0,-188(fp)
+- cmpl -188(fp),-184(fp)
+- bgequ noname.90
+- incl -192(fp)
+-noname.90:
+- movl -188(fp),r1
+- movl -192(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.91
+- incl r2
+-noname.91:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.92
+- incl r9
+-noname.92:
+-
+- movzwl 10(r6),r2
+- bicl3 #-65536,8(r7),r3
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,8(r6),-204(fp)
+- bicl3 #-65536,r2,-208(fp)
+- mull3 r0,-204(fp),-196(fp)
+- mull2 r3,-204(fp)
+- mull3 r3,-208(fp),-200(fp)
+- mull2 r0,-208(fp)
+- addl3 -196(fp),-200(fp),r0
+- bicl3 #0,r0,-196(fp)
+- cmpl -196(fp),-200(fp)
+- bgequ noname.93
+- addl2 #65536,-208(fp)
+-noname.93:
+- movzwl -194(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-208(fp)
+- bicl3 #-65536,-196(fp),r0
+- ashl #16,r0,-200(fp)
+- addl3 -200(fp),-204(fp),r0
+- bicl3 #0,r0,-204(fp)
+- cmpl -204(fp),-200(fp)
+- bgequ noname.94
+- incl -208(fp)
+-noname.94:
+- movl -204(fp),r1
+- movl -208(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.95
+- incl r2
+-noname.95:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.96
+- incl r9
+-noname.96:
+-
+- movzwl 6(r6),r2
+- bicl3 #-65536,12(r7),r3
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,4(r6),-220(fp)
+- bicl3 #-65536,r2,-224(fp)
+- mull3 r0,-220(fp),-212(fp)
+- mull2 r3,-220(fp)
+- mull3 r3,-224(fp),-216(fp)
+- mull2 r0,-224(fp)
+- addl3 -212(fp),-216(fp),r0
+- bicl3 #0,r0,-212(fp)
+- cmpl -212(fp),-216(fp)
+- bgequ noname.97
+- addl2 #65536,-224(fp)
+-noname.97:
+- movzwl -210(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-224(fp)
+- bicl3 #-65536,-212(fp),r0
+- ashl #16,r0,-216(fp)
+- addl3 -216(fp),-220(fp),r0
+- bicl3 #0,r0,-220(fp)
+- cmpl -220(fp),-216(fp)
+- bgequ noname.98
+- incl -224(fp)
+-noname.98:
+- movl -220(fp),r1
+- movl -224(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.99
+- incl r2
+-noname.99:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.100
+- incl r9
+-noname.100:
+-
+- movzwl 2(r6),r2
+- bicl3 #-65536,16(r7),r3
+- movzwl 18(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,(r6),-236(fp)
+- bicl3 #-65536,r2,-240(fp)
+- mull3 r0,-236(fp),-228(fp)
+- mull2 r3,-236(fp)
+- mull3 r3,-240(fp),-232(fp)
+- mull2 r0,-240(fp)
+- addl3 -228(fp),-232(fp),r0
+- bicl3 #0,r0,-228(fp)
+- cmpl -228(fp),-232(fp)
+- bgequ noname.101
+- addl2 #65536,-240(fp)
+-noname.101:
+- movzwl -226(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-240(fp)
+- bicl3 #-65536,-228(fp),r0
+- ashl #16,r0,-232(fp)
+- addl3 -232(fp),-236(fp),r0
+- bicl3 #0,r0,-236(fp)
+- cmpl -236(fp),-232(fp)
+- bgequ noname.102
+- incl -240(fp)
+-noname.102:
+- movl -236(fp),r1
+- movl -240(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.103
+- incl r2
+-noname.103:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.104
+- incl r9
+-noname.104:
+-
+- movl r8,16(r11)
+-
+- clrl r8
+-
+- movzwl 2(r6),r2
+- bicl3 #-65536,20(r7),r3
+- movzwl 22(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,(r6),-252(fp)
+- bicl3 #-65536,r2,-256(fp)
+- mull3 r0,-252(fp),-244(fp)
+- mull2 r3,-252(fp)
+- mull3 r3,-256(fp),-248(fp)
+- mull2 r0,-256(fp)
+- addl3 -244(fp),-248(fp),r0
+- bicl3 #0,r0,-244(fp)
+- cmpl -244(fp),-248(fp)
+- bgequ noname.105
+- addl2 #65536,-256(fp)
+-noname.105:
+- movzwl -242(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-256(fp)
+- bicl3 #-65536,-244(fp),r0
+- ashl #16,r0,-248(fp)
+- addl3 -248(fp),-252(fp),r0
+- bicl3 #0,r0,-252(fp)
+- cmpl -252(fp),-248(fp)
+- bgequ noname.106
+- incl -256(fp)
+-noname.106:
+- movl -252(fp),r1
+- movl -256(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.107
+- incl r2
+-noname.107:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.108
+- incl r8
+-noname.108:
+-
+- movzwl 6(r6),r2
+- bicl3 #-65536,16(r7),r3
+- movzwl 18(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,4(r6),-268(fp)
+- bicl3 #-65536,r2,-272(fp)
+- mull3 r0,-268(fp),-260(fp)
+- mull2 r3,-268(fp)
+- mull3 r3,-272(fp),-264(fp)
+- mull2 r0,-272(fp)
+- addl3 -260(fp),-264(fp),r0
+- bicl3 #0,r0,-260(fp)
+- cmpl -260(fp),-264(fp)
+- bgequ noname.109
+- addl2 #65536,-272(fp)
+-noname.109:
+- movzwl -258(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-272(fp)
+- bicl3 #-65536,-260(fp),r0
+- ashl #16,r0,-264(fp)
+- addl3 -264(fp),-268(fp),r0
+- bicl3 #0,r0,-268(fp)
+- cmpl -268(fp),-264(fp)
+- bgequ noname.110
+- incl -272(fp)
+-noname.110:
+- movl -268(fp),r1
+- movl -272(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.111
+- incl r2
+-noname.111:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.112
+- incl r8
+-noname.112:
+-
+- movzwl 10(r6),r2
+- bicl3 #-65536,12(r7),r3
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,8(r6),-284(fp)
+- bicl3 #-65536,r2,-288(fp)
+- mull3 r0,-284(fp),-276(fp)
+- mull2 r3,-284(fp)
+- mull3 r3,-288(fp),-280(fp)
+- mull2 r0,-288(fp)
+- addl3 -276(fp),-280(fp),r0
+- bicl3 #0,r0,-276(fp)
+- cmpl -276(fp),-280(fp)
+- bgequ noname.113
+- addl2 #65536,-288(fp)
+-noname.113:
+- movzwl -274(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-288(fp)
+- bicl3 #-65536,-276(fp),r0
+- ashl #16,r0,-280(fp)
+- addl3 -280(fp),-284(fp),r0
+- bicl3 #0,r0,-284(fp)
+- cmpl -284(fp),-280(fp)
+- bgequ noname.114
+- incl -288(fp)
+-noname.114:
+- movl -284(fp),r1
+- movl -288(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.115
+- incl r2
+-noname.115:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.116
+- incl r8
+-noname.116:
+-
+- movzwl 14(r6),r2
+- bicl3 #-65536,8(r7),r3
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,12(r6),-300(fp)
+- bicl3 #-65536,r2,-304(fp)
+- mull3 r0,-300(fp),-292(fp)
+- mull2 r3,-300(fp)
+- mull3 r3,-304(fp),-296(fp)
+- mull2 r0,-304(fp)
+- addl3 -292(fp),-296(fp),r0
+- bicl3 #0,r0,-292(fp)
+- cmpl -292(fp),-296(fp)
+- bgequ noname.117
+- addl2 #65536,-304(fp)
+-noname.117:
+- movzwl -290(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-304(fp)
+- bicl3 #-65536,-292(fp),r0
+- ashl #16,r0,-296(fp)
+- addl3 -296(fp),-300(fp),r0
+- bicl3 #0,r0,-300(fp)
+- cmpl -300(fp),-296(fp)
+- bgequ noname.118
+- incl -304(fp)
+-noname.118:
+- movl -300(fp),r1
+- movl -304(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.119
+- incl r2
+-noname.119:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.120
+- incl r8
+-noname.120:
+-
+- movzwl 18(r6),r2
+- bicl3 #-65536,4(r7),r3
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,16(r6),-316(fp)
+- bicl3 #-65536,r2,-320(fp)
+- mull3 r0,-316(fp),-308(fp)
+- mull2 r3,-316(fp)
+- mull3 r3,-320(fp),-312(fp)
+- mull2 r0,-320(fp)
+- addl3 -308(fp),-312(fp),r0
+- bicl3 #0,r0,-308(fp)
+- cmpl -308(fp),-312(fp)
+- bgequ noname.121
+- addl2 #65536,-320(fp)
+-noname.121:
+- movzwl -306(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-320(fp)
+- bicl3 #-65536,-308(fp),r0
+- ashl #16,r0,-312(fp)
+- addl3 -312(fp),-316(fp),r0
+- bicl3 #0,r0,-316(fp)
+- cmpl -316(fp),-312(fp)
+- bgequ noname.122
+- incl -320(fp)
+-noname.122:
+- movl -316(fp),r1
+- movl -320(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.123
+- incl r2
+-
+-noname.123:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.124
+- incl r8
+-noname.124:
+-
+- movzwl 22(r6),r2
+- bicl3 #-65536,(r7),r3
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,20(r6),-332(fp)
+- bicl3 #-65536,r2,-336(fp)
+- mull3 r0,-332(fp),-324(fp)
+- mull2 r3,-332(fp)
+- mull3 r3,-336(fp),-328(fp)
+- mull2 r0,-336(fp)
+- addl3 -324(fp),-328(fp),r0
+- bicl3 #0,r0,-324(fp)
+- cmpl -324(fp),-328(fp)
+- bgequ noname.125
+- addl2 #65536,-336(fp)
+-noname.125:
+- movzwl -322(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-336(fp)
+- bicl3 #-65536,-324(fp),r0
+- ashl #16,r0,-328(fp)
+- addl3 -328(fp),-332(fp),r0
+- bicl3 #0,r0,-332(fp)
+- cmpl -332(fp),-328(fp)
+- bgequ noname.126
+- incl -336(fp)
+-noname.126:
+- movl -332(fp),r1
+- movl -336(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.127
+- incl r2
+-noname.127:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.128
+- incl r8
+-noname.128:
+-
+- movl r10,20(r11)
+-
+- clrl r10
+-
+- movzwl 26(r6),r2
+- bicl3 #-65536,(r7),r3
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,24(r6),-348(fp)
+- bicl3 #-65536,r2,-352(fp)
+- mull3 r0,-348(fp),-340(fp)
+- mull2 r3,-348(fp)
+- mull3 r3,-352(fp),-344(fp)
+- mull2 r0,-352(fp)
+- addl3 -340(fp),-344(fp),r0
+- bicl3 #0,r0,-340(fp)
+- cmpl -340(fp),-344(fp)
+- bgequ noname.129
+- addl2 #65536,-352(fp)
+-noname.129:
+- movzwl -338(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-352(fp)
+- bicl3 #-65536,-340(fp),r0
+- ashl #16,r0,-344(fp)
+- addl3 -344(fp),-348(fp),r0
+- bicl3 #0,r0,-348(fp)
+- cmpl -348(fp),-344(fp)
+- bgequ noname.130
+- incl -352(fp)
+-noname.130:
+- movl -348(fp),r1
+- movl -352(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.131
+- incl r2
+-noname.131:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.132
+- incl r10
+-noname.132:
+-
+- movzwl 22(r6),r2
+- bicl3 #-65536,4(r7),r3
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,20(r6),-364(fp)
+- bicl3 #-65536,r2,-368(fp)
+- mull3 r0,-364(fp),-356(fp)
+- mull2 r3,-364(fp)
+- mull3 r3,-368(fp),-360(fp)
+- mull2 r0,-368(fp)
+- addl3 -356(fp),-360(fp),r0
+- bicl3 #0,r0,-356(fp)
+- cmpl -356(fp),-360(fp)
+- bgequ noname.133
+- addl2 #65536,-368(fp)
+-noname.133:
+- movzwl -354(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-368(fp)
+- bicl3 #-65536,-356(fp),r0
+- ashl #16,r0,-360(fp)
+- addl3 -360(fp),-364(fp),r0
+- bicl3 #0,r0,-364(fp)
+- cmpl -364(fp),-360(fp)
+- bgequ noname.134
+- incl -368(fp)
+-noname.134:
+- movl -364(fp),r1
+- movl -368(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.135
+- incl r2
+-noname.135:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.136
+- incl r10
+-noname.136:
+-
+- movzwl 18(r6),r2
+- bicl3 #-65536,8(r7),r3
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,16(r6),-380(fp)
+- bicl3 #-65536,r2,-384(fp)
+- mull3 r0,-380(fp),-372(fp)
+- mull2 r3,-380(fp)
+- mull3 r3,-384(fp),-376(fp)
+- mull2 r0,-384(fp)
+- addl3 -372(fp),-376(fp),r0
+- bicl3 #0,r0,-372(fp)
+- cmpl -372(fp),-376(fp)
+- bgequ noname.137
+- addl2 #65536,-384(fp)
+-noname.137:
+- movzwl -370(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-384(fp)
+- bicl3 #-65536,-372(fp),r0
+- ashl #16,r0,-376(fp)
+- addl3 -376(fp),-380(fp),r0
+- bicl3 #0,r0,-380(fp)
+- cmpl -380(fp),-376(fp)
+- bgequ noname.138
+- incl -384(fp)
+-noname.138:
+- movl -380(fp),r1
+- movl -384(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.139
+- incl r2
+-noname.139:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.140
+- incl r10
+-noname.140:
+-
+- movzwl 14(r6),r2
+- bicl3 #-65536,12(r7),r3
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,12(r6),-396(fp)
+- bicl3 #-65536,r2,-400(fp)
+- mull3 r0,-396(fp),-388(fp)
+- mull2 r3,-396(fp)
+- mull3 r3,-400(fp),-392(fp)
+- mull2 r0,-400(fp)
+- addl3 -388(fp),-392(fp),r0
+- bicl3 #0,r0,-388(fp)
+- cmpl -388(fp),-392(fp)
+- bgequ noname.141
+- addl2 #65536,-400(fp)
+-noname.141:
+- movzwl -386(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-400(fp)
+- bicl3 #-65536,-388(fp),r0
+- ashl #16,r0,-392(fp)
+- addl3 -392(fp),-396(fp),r0
+- bicl3 #0,r0,-396(fp)
+- cmpl -396(fp),-392(fp)
+- bgequ noname.142
+- incl -400(fp)
+-noname.142:
+- movl -396(fp),r1
+- movl -400(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.143
+- incl r2
+-noname.143:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.144
+- incl r10
+-noname.144:
+-
+- movzwl 10(r6),r2
+- bicl3 #-65536,16(r7),r3
+- movzwl 18(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,8(r6),-412(fp)
+- bicl3 #-65536,r2,-416(fp)
+- mull3 r0,-412(fp),-404(fp)
+- mull2 r3,-412(fp)
+- mull3 r3,-416(fp),-408(fp)
+- mull2 r0,-416(fp)
+- addl3 -404(fp),-408(fp),r0
+- bicl3 #0,r0,-404(fp)
+- cmpl -404(fp),-408(fp)
+- bgequ noname.145
+- addl2 #65536,-416(fp)
+-noname.145:
+- movzwl -402(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-416(fp)
+- bicl3 #-65536,-404(fp),r0
+- ashl #16,r0,-408(fp)
+- addl3 -408(fp),-412(fp),r0
+- bicl3 #0,r0,-412(fp)
+- cmpl -412(fp),-408(fp)
+- bgequ noname.146
+- incl -416(fp)
+-noname.146:
+- movl -412(fp),r1
+- movl -416(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.147
+- incl r2
+-noname.147:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.148
+- incl r10
+-noname.148:
+-
+- movzwl 6(r6),r2
+- bicl3 #-65536,20(r7),r3
+- movzwl 22(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,4(r6),-428(fp)
+- bicl3 #-65536,r2,-432(fp)
+- mull3 r0,-428(fp),-420(fp)
+- mull2 r3,-428(fp)
+- mull3 r3,-432(fp),-424(fp)
+- mull2 r0,-432(fp)
+- addl3 -420(fp),-424(fp),r0
+- bicl3 #0,r0,-420(fp)
+- cmpl -420(fp),-424(fp)
+- bgequ noname.149
+- addl2 #65536,-432(fp)
+-noname.149:
+- movzwl -418(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-432(fp)
+- bicl3 #-65536,-420(fp),r0
+- ashl #16,r0,-424(fp)
+- addl3 -424(fp),-428(fp),r0
+- bicl3 #0,r0,-428(fp)
+- cmpl -428(fp),-424(fp)
+- bgequ noname.150
+- incl -432(fp)
+-noname.150:
+- movl -428(fp),r1
+- movl -432(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.151
+- incl r2
+-noname.151:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.152
+- incl r10
+-noname.152:
+-
+- movzwl 2(r6),r2
+- bicl3 #-65536,24(r7),r3
+- movzwl 26(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,(r6),-444(fp)
+- bicl3 #-65536,r2,-448(fp)
+- mull3 r0,-444(fp),-436(fp)
+- mull2 r3,-444(fp)
+- mull3 r3,-448(fp),-440(fp)
+- mull2 r0,-448(fp)
+- addl3 -436(fp),-440(fp),r0
+- bicl3 #0,r0,-436(fp)
+- cmpl -436(fp),-440(fp)
+- bgequ noname.153
+- addl2 #65536,-448(fp)
+-noname.153:
+- movzwl -434(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-448(fp)
+- bicl3 #-65536,-436(fp),r0
+- ashl #16,r0,-440(fp)
+- addl3 -440(fp),-444(fp),r0
+- bicl3 #0,r0,-444(fp)
+- cmpl -444(fp),-440(fp)
+- bgequ noname.154
+- incl -448(fp)
+-noname.154:
+- movl -444(fp),r1
+- movl -448(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.155
+- incl r2
+-noname.155:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.156
+- incl r10
+-noname.156:
+-
+- movl r9,24(r11)
+-
+- clrl r9
+-
+- movzwl 2(r6),r2
+- bicl3 #-65536,28(r7),r3
+- movzwl 30(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,(r6),-460(fp)
+- bicl3 #-65536,r2,-464(fp)
+- mull3 r0,-460(fp),-452(fp)
+- mull2 r3,-460(fp)
+- mull3 r3,-464(fp),-456(fp)
+- mull2 r0,-464(fp)
+- addl3 -452(fp),-456(fp),r0
+- bicl3 #0,r0,-452(fp)
+- cmpl -452(fp),-456(fp)
+- bgequ noname.157
+- addl2 #65536,-464(fp)
+-noname.157:
+- movzwl -450(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-464(fp)
+- bicl3 #-65536,-452(fp),r0
+- ashl #16,r0,-456(fp)
+- addl3 -456(fp),-460(fp),r0
+- bicl3 #0,r0,-460(fp)
+- cmpl -460(fp),-456(fp)
+- bgequ noname.158
+- incl -464(fp)
+-noname.158:
+- movl -460(fp),r1
+- movl -464(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.159
+- incl r2
+-noname.159:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.160
+- incl r9
+-noname.160:
+-
+- movzwl 6(r6),r2
+- bicl3 #-65536,24(r7),r3
+- movzwl 26(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,4(r6),-476(fp)
+- bicl3 #-65536,r2,-480(fp)
+- mull3 r0,-476(fp),-468(fp)
+- mull2 r3,-476(fp)
+- mull3 r3,-480(fp),-472(fp)
+- mull2 r0,-480(fp)
+- addl3 -468(fp),-472(fp),r0
+- bicl3 #0,r0,-468(fp)
+- cmpl -468(fp),-472(fp)
+- bgequ noname.161
+- addl2 #65536,-480(fp)
+-noname.161:
+- movzwl -466(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-480(fp)
+- bicl3 #-65536,-468(fp),r0
+- ashl #16,r0,-472(fp)
+- addl3 -472(fp),-476(fp),r0
+- bicl3 #0,r0,-476(fp)
+- cmpl -476(fp),-472(fp)
+- bgequ noname.162
+- incl -480(fp)
+-noname.162:
+- movl -476(fp),r1
+- movl -480(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.163
+- incl r2
+-noname.163:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.164
+- incl r9
+-noname.164:
+-
+- movzwl 10(r6),r2
+- bicl3 #-65536,20(r7),r3
+- movzwl 22(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,8(r6),-492(fp)
+- bicl3 #-65536,r2,-496(fp)
+- mull3 r0,-492(fp),-484(fp)
+- mull2 r3,-492(fp)
+- mull3 r3,-496(fp),-488(fp)
+- mull2 r0,-496(fp)
+- addl3 -484(fp),-488(fp),r0
+- bicl3 #0,r0,-484(fp)
+- cmpl -484(fp),-488(fp)
+- bgequ noname.165
+- addl2 #65536,-496(fp)
+-noname.165:
+- movzwl -482(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-496(fp)
+- bicl3 #-65536,-484(fp),r0
+- ashl #16,r0,-488(fp)
+- addl3 -488(fp),-492(fp),r0
+- bicl3 #0,r0,-492(fp)
+- cmpl -492(fp),-488(fp)
+- bgequ noname.166
+- incl -496(fp)
+-noname.166:
+- movl -492(fp),r1
+- movl -496(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.167
+- incl r2
+-noname.167:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.168
+- incl r9
+-noname.168:
+-
+- movzwl 14(r6),r2
+- bicl3 #-65536,16(r7),r3
+- movzwl 18(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,12(r6),-508(fp)
+- bicl3 #-65536,r2,-512(fp)
+- mull3 r0,-508(fp),-500(fp)
+- mull2 r3,-508(fp)
+- mull3 r3,-512(fp),-504(fp)
+- mull2 r0,-512(fp)
+- addl3 -500(fp),-504(fp),r0
+- bicl3 #0,r0,-500(fp)
+- cmpl -500(fp),-504(fp)
+- bgequ noname.169
+- addl2 #65536,-512(fp)
+-noname.169:
+- movzwl -498(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-512(fp)
+- bicl3 #-65536,-500(fp),r0
+- ashl #16,r0,-504(fp)
+- addl3 -504(fp),-508(fp),r0
+- bicl3 #0,r0,-508(fp)
+- cmpl -508(fp),-504(fp)
+- bgequ noname.170
+- incl -512(fp)
+-noname.170:
+- movl -508(fp),r1
+- movl -512(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.171
+- incl r2
+-noname.171:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.172
+- incl r9
+-noname.172:
+-
+- movzwl 18(r6),r2
+- bicl3 #-65536,12(r7),r3
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,16(r6),-524(fp)
+- bicl3 #-65536,r2,-528(fp)
+- mull3 r0,-524(fp),-516(fp)
+- mull2 r3,-524(fp)
+- mull3 r3,-528(fp),-520(fp)
+- mull2 r0,-528(fp)
+- addl3 -516(fp),-520(fp),r0
+- bicl3 #0,r0,-516(fp)
+- cmpl -516(fp),-520(fp)
+- bgequ noname.173
+- addl2 #65536,-528(fp)
+-noname.173:
+- movzwl -514(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-528(fp)
+- bicl3 #-65536,-516(fp),r0
+- ashl #16,r0,-520(fp)
+- addl3 -520(fp),-524(fp),r0
+- bicl3 #0,r0,-524(fp)
+- cmpl -524(fp),-520(fp)
+- bgequ noname.174
+- incl -528(fp)
+-noname.174:
+- movl -524(fp),r1
+- movl -528(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.175
+- incl r2
+-noname.175:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.176
+- incl r9
+-noname.176:
+-
+- movzwl 22(r6),r2
+- bicl3 #-65536,8(r7),r3
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,20(r6),-540(fp)
+- bicl3 #-65536,r2,-544(fp)
+- mull3 r0,-540(fp),-532(fp)
+- mull2 r3,-540(fp)
+- mull3 r3,-544(fp),-536(fp)
+- mull2 r0,-544(fp)
+- addl3 -532(fp),-536(fp),r0
+- bicl3 #0,r0,-532(fp)
+- cmpl -532(fp),-536(fp)
+- bgequ noname.177
+- addl2 #65536,-544(fp)
+-noname.177:
+- movzwl -530(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-544(fp)
+- bicl3 #-65536,-532(fp),r0
+- ashl #16,r0,-536(fp)
+- addl3 -536(fp),-540(fp),r0
+- bicl3 #0,r0,-540(fp)
+- cmpl -540(fp),-536(fp)
+- bgequ noname.178
+- incl -544(fp)
+-noname.178:
+- movl -540(fp),r1
+- movl -544(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.179
+- incl r2
+-noname.179:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.180
+- incl r9
+-noname.180:
+-
+- movzwl 26(r6),r2
+- bicl3 #-65536,4(r7),r3
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,24(r6),-556(fp)
+- bicl3 #-65536,r2,-560(fp)
+- mull3 r0,-556(fp),-548(fp)
+- mull2 r3,-556(fp)
+- mull3 r3,-560(fp),-552(fp)
+- mull2 r0,-560(fp)
+- addl3 -548(fp),-552(fp),r0
+- bicl3 #0,r0,-548(fp)
+- cmpl -548(fp),-552(fp)
+- bgequ noname.181
+- addl2 #65536,-560(fp)
+-noname.181:
+- movzwl -546(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-560(fp)
+- bicl3 #-65536,-548(fp),r0
+- ashl #16,r0,-552(fp)
+- addl3 -552(fp),-556(fp),r0
+- bicl3 #0,r0,-556(fp)
+- cmpl -556(fp),-552(fp)
+- bgequ noname.182
+- incl -560(fp)
+-noname.182:
+- movl -556(fp),r1
+- movl -560(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.183
+- incl r2
+-noname.183:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.184
+- incl r9
+-noname.184:
+-
+- movzwl 30(r6),r2
+- bicl3 #-65536,(r7),r3
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,28(r6),-572(fp)
+- bicl3 #-65536,r2,-576(fp)
+- mull3 r0,-572(fp),-564(fp)
+- mull2 r3,-572(fp)
+- mull3 r3,-576(fp),-568(fp)
+- mull2 r0,-576(fp)
+- addl3 -564(fp),-568(fp),r0
+- bicl3 #0,r0,-564(fp)
+- cmpl -564(fp),-568(fp)
+- bgequ noname.185
+- addl2 #65536,-576(fp)
+-noname.185:
+- movzwl -562(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-576(fp)
+- bicl3 #-65536,-564(fp),r0
+- ashl #16,r0,-568(fp)
+- addl3 -568(fp),-572(fp),r0
+- bicl3 #0,r0,-572(fp)
+- cmpl -572(fp),-568(fp)
+- bgequ noname.186
+- incl -576(fp)
+-noname.186:
+- movl -572(fp),r1
+- movl -576(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.187
+- incl r2
+-noname.187:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.188
+- incl r9
+-noname.188:
+-
+- movl r8,28(r11)
+-
+- clrl r8
+-
+- movzwl 30(r6),r2
+- bicl3 #-65536,4(r7),r3
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,28(r6),-588(fp)
+- bicl3 #-65536,r2,-592(fp)
+- mull3 r0,-588(fp),-580(fp)
+- mull2 r3,-588(fp)
+- mull3 r3,-592(fp),-584(fp)
+- mull2 r0,-592(fp)
+- addl3 -580(fp),-584(fp),r0
+- bicl3 #0,r0,-580(fp)
+- cmpl -580(fp),-584(fp)
+- bgequ noname.189
+- addl2 #65536,-592(fp)
+-noname.189:
+- movzwl -578(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-592(fp)
+- bicl3 #-65536,-580(fp),r0
+- ashl #16,r0,-584(fp)
+- addl3 -584(fp),-588(fp),r0
+- bicl3 #0,r0,-588(fp)
+- cmpl -588(fp),-584(fp)
+- bgequ noname.190
+- incl -592(fp)
+-noname.190:
+- movl -588(fp),r1
+- movl -592(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.191
+- incl r2
+-noname.191:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.192
+- incl r8
+-noname.192:
+-
+- movzwl 26(r6),r2
+- bicl3 #-65536,8(r7),r3
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,24(r6),-604(fp)
+- bicl3 #-65536,r2,-608(fp)
+- mull3 r0,-604(fp),-596(fp)
+- mull2 r3,-604(fp)
+- mull3 r3,-608(fp),-600(fp)
+- mull2 r0,-608(fp)
+- addl3 -596(fp),-600(fp),r0
+- bicl3 #0,r0,-596(fp)
+- cmpl -596(fp),-600(fp)
+- bgequ noname.193
+- addl2 #65536,-608(fp)
+-noname.193:
+- movzwl -594(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-608(fp)
+- bicl3 #-65536,-596(fp),r0
+- ashl #16,r0,-600(fp)
+- addl3 -600(fp),-604(fp),r0
+- bicl3 #0,r0,-604(fp)
+- cmpl -604(fp),-600(fp)
+- bgequ noname.194
+- incl -608(fp)
+-noname.194:
+- movl -604(fp),r1
+- movl -608(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.195
+- incl r2
+-noname.195:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.196
+- incl r8
+-noname.196:
+-
+- movzwl 22(r6),r2
+- bicl3 #-65536,12(r7),r3
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,20(r6),-620(fp)
+- bicl3 #-65536,r2,-624(fp)
+- mull3 r0,-620(fp),-612(fp)
+- mull2 r3,-620(fp)
+- mull3 r3,-624(fp),-616(fp)
+- mull2 r0,-624(fp)
+- addl3 -612(fp),-616(fp),r0
+- bicl3 #0,r0,-612(fp)
+- cmpl -612(fp),-616(fp)
+- bgequ noname.197
+- addl2 #65536,-624(fp)
+-noname.197:
+- movzwl -610(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-624(fp)
+- bicl3 #-65536,-612(fp),r0
+- ashl #16,r0,-616(fp)
+- addl3 -616(fp),-620(fp),r0
+- bicl3 #0,r0,-620(fp)
+- cmpl -620(fp),-616(fp)
+- bgequ noname.198
+- incl -624(fp)
+-noname.198:
+- movl -620(fp),r1
+- movl -624(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.199
+- incl r2
+-noname.199:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.200
+- incl r8
+-noname.200:
+-
+- movzwl 18(r6),r2
+- bicl3 #-65536,16(r7),r3
+- movzwl 18(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,16(r6),-636(fp)
+- bicl3 #-65536,r2,-640(fp)
+- mull3 r0,-636(fp),-628(fp)
+- mull2 r3,-636(fp)
+- mull3 r3,-640(fp),-632(fp)
+- mull2 r0,-640(fp)
+- addl3 -628(fp),-632(fp),r0
+- bicl3 #0,r0,-628(fp)
+- cmpl -628(fp),-632(fp)
+- bgequ noname.201
+- addl2 #65536,-640(fp)
+-noname.201:
+- movzwl -626(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-640(fp)
+- bicl3 #-65536,-628(fp),r0
+- ashl #16,r0,-632(fp)
+- addl3 -632(fp),-636(fp),r0
+- bicl3 #0,r0,-636(fp)
+- cmpl -636(fp),-632(fp)
+- bgequ noname.202
+- incl -640(fp)
+-noname.202:
+- movl -636(fp),r1
+- movl -640(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.203
+- incl r2
+-noname.203:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.204
+- incl r8
+-noname.204:
+-
+- movzwl 14(r6),r2
+- bicl3 #-65536,20(r7),r3
+- movzwl 22(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,12(r6),-652(fp)
+- bicl3 #-65536,r2,-656(fp)
+- mull3 r0,-652(fp),-644(fp)
+- mull2 r3,-652(fp)
+- mull3 r3,-656(fp),-648(fp)
+- mull2 r0,-656(fp)
+- addl3 -644(fp),-648(fp),r0
+- bicl3 #0,r0,-644(fp)
+- cmpl -644(fp),-648(fp)
+- bgequ noname.205
+- addl2 #65536,-656(fp)
+-noname.205:
+- movzwl -642(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-656(fp)
+- bicl3 #-65536,-644(fp),r0
+- ashl #16,r0,-648(fp)
+- addl3 -648(fp),-652(fp),r0
+- bicl3 #0,r0,-652(fp)
+- cmpl -652(fp),-648(fp)
+- bgequ noname.206
+- incl -656(fp)
+-noname.206:
+- movl -652(fp),r1
+- movl -656(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.207
+- incl r2
+-noname.207:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.208
+- incl r8
+-noname.208:
+-
+- movzwl 10(r6),r2
+- bicl3 #-65536,24(r7),r3
+- movzwl 26(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,8(r6),-668(fp)
+- bicl3 #-65536,r2,-672(fp)
+- mull3 r0,-668(fp),-660(fp)
+- mull2 r3,-668(fp)
+- mull3 r3,-672(fp),-664(fp)
+- mull2 r0,-672(fp)
+- addl3 -660(fp),-664(fp),r0
+- bicl3 #0,r0,-660(fp)
+- cmpl -660(fp),-664(fp)
+- bgequ noname.209
+- addl2 #65536,-672(fp)
+-noname.209:
+- movzwl -658(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-672(fp)
+- bicl3 #-65536,-660(fp),r0
+- ashl #16,r0,-664(fp)
+- addl3 -664(fp),-668(fp),r0
+- bicl3 #0,r0,-668(fp)
+- cmpl -668(fp),-664(fp)
+- bgequ noname.210
+- incl -672(fp)
+-noname.210:
+- movl -668(fp),r1
+- movl -672(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.211
+- incl r2
+-noname.211:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.212
+- incl r8
+-noname.212:
+-
+- movzwl 6(r6),r2
+- bicl3 #-65536,28(r7),r3
+- movzwl 30(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,4(r6),-684(fp)
+- bicl3 #-65536,r2,-688(fp)
+- mull3 r0,-684(fp),-676(fp)
+- mull2 r3,-684(fp)
+- mull3 r3,-688(fp),-680(fp)
+- mull2 r0,-688(fp)
+- addl3 -676(fp),-680(fp),r0
+- bicl3 #0,r0,-676(fp)
+- cmpl -676(fp),-680(fp)
+- bgequ noname.213
+- addl2 #65536,-688(fp)
+-noname.213:
+- movzwl -674(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-688(fp)
+- bicl3 #-65536,-676(fp),r0
+- ashl #16,r0,-680(fp)
+- addl3 -680(fp),-684(fp),r0
+- bicl3 #0,r0,-684(fp)
+- cmpl -684(fp),-680(fp)
+- bgequ noname.214
+- incl -688(fp)
+-noname.214:
+- movl -684(fp),r1
+- movl -688(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.215
+- incl r2
+-noname.215:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.216
+- incl r8
+-noname.216:
+-
+- movl r10,32(r11)
+-
+- clrl r10
+-
+- movzwl 10(r6),r2
+- bicl3 #-65536,28(r7),r3
+- movzwl 30(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,8(r6),-700(fp)
+- bicl3 #-65536,r2,-704(fp)
+- mull3 r0,-700(fp),-692(fp)
+- mull2 r3,-700(fp)
+- mull3 r3,-704(fp),-696(fp)
+- mull2 r0,-704(fp)
+- addl3 -692(fp),-696(fp),r0
+- bicl3 #0,r0,-692(fp)
+- cmpl -692(fp),-696(fp)
+- bgequ noname.217
+- addl2 #65536,-704(fp)
+-noname.217:
+- movzwl -690(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-704(fp)
+- bicl3 #-65536,-692(fp),r0
+- ashl #16,r0,-696(fp)
+- addl3 -696(fp),-700(fp),r0
+- bicl3 #0,r0,-700(fp)
+- cmpl -700(fp),-696(fp)
+- bgequ noname.218
+- incl -704(fp)
+-noname.218:
+- movl -700(fp),r1
+- movl -704(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.219
+- incl r2
+-noname.219:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.220
+- incl r10
+-noname.220:
+-
+- movzwl 14(r6),r2
+- bicl3 #-65536,24(r7),r3
+- movzwl 26(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,12(r6),-716(fp)
+- bicl3 #-65536,r2,-720(fp)
+- mull3 r0,-716(fp),-708(fp)
+- mull2 r3,-716(fp)
+- mull3 r3,-720(fp),-712(fp)
+- mull2 r0,-720(fp)
+- addl3 -708(fp),-712(fp),r0
+- bicl3 #0,r0,-708(fp)
+- cmpl -708(fp),-712(fp)
+- bgequ noname.221
+- addl2 #65536,-720(fp)
+-noname.221:
+- movzwl -706(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-720(fp)
+- bicl3 #-65536,-708(fp),r0
+- ashl #16,r0,-712(fp)
+- addl3 -712(fp),-716(fp),r0
+- bicl3 #0,r0,-716(fp)
+- cmpl -716(fp),-712(fp)
+- bgequ noname.222
+- incl -720(fp)
+-noname.222:
+- movl -716(fp),r1
+- movl -720(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.223
+- incl r2
+-noname.223:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.224
+- incl r10
+-noname.224:
+-
+- movzwl 18(r6),r2
+- bicl3 #-65536,20(r7),r3
+- movzwl 22(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,16(r6),-732(fp)
+- bicl3 #-65536,r2,-736(fp)
+- mull3 r0,-732(fp),-724(fp)
+- mull2 r3,-732(fp)
+- mull3 r3,-736(fp),-728(fp)
+- mull2 r0,-736(fp)
+- addl3 -724(fp),-728(fp),r0
+- bicl3 #0,r0,-724(fp)
+- cmpl -724(fp),-728(fp)
+- bgequ noname.225
+- addl2 #65536,-736(fp)
+-noname.225:
+- movzwl -722(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-736(fp)
+- bicl3 #-65536,-724(fp),r0
+- ashl #16,r0,-728(fp)
+- addl3 -728(fp),-732(fp),r0
+- bicl3 #0,r0,-732(fp)
+- cmpl -732(fp),-728(fp)
+- bgequ noname.226
+- incl -736(fp)
+-noname.226:
+- movl -732(fp),r1
+- movl -736(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.227
+- incl r2
+-noname.227:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.228
+- incl r10
+-noname.228:
+-
+- movzwl 22(r6),r2
+- bicl3 #-65536,16(r7),r3
+- movzwl 18(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,20(r6),-748(fp)
+- bicl3 #-65536,r2,-752(fp)
+- mull3 r0,-748(fp),-740(fp)
+- mull2 r3,-748(fp)
+- mull3 r3,-752(fp),-744(fp)
+- mull2 r0,-752(fp)
+- addl3 -740(fp),-744(fp),r0
+- bicl3 #0,r0,-740(fp)
+- cmpl -740(fp),-744(fp)
+- bgequ noname.229
+- addl2 #65536,-752(fp)
+-noname.229:
+- movzwl -738(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-752(fp)
+- bicl3 #-65536,-740(fp),r0
+- ashl #16,r0,-744(fp)
+- addl3 -744(fp),-748(fp),r0
+- bicl3 #0,r0,-748(fp)
+- cmpl -748(fp),-744(fp)
+- bgequ noname.230
+- incl -752(fp)
+-noname.230:
+- movl -748(fp),r1
+- movl -752(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.231
+- incl r2
+-noname.231:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.232
+- incl r10
+-noname.232:
+-
+- movzwl 26(r6),r2
+- bicl3 #-65536,12(r7),r3
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,24(r6),-764(fp)
+- bicl3 #-65536,r2,-768(fp)
+- mull3 r0,-764(fp),-756(fp)
+- mull2 r3,-764(fp)
+- mull3 r3,-768(fp),-760(fp)
+- mull2 r0,-768(fp)
+- addl3 -756(fp),-760(fp),r0
+- bicl3 #0,r0,-756(fp)
+- cmpl -756(fp),-760(fp)
+- bgequ noname.233
+- addl2 #65536,-768(fp)
+-noname.233:
+- movzwl -754(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-768(fp)
+- bicl3 #-65536,-756(fp),r0
+- ashl #16,r0,-760(fp)
+- addl3 -760(fp),-764(fp),r0
+- bicl3 #0,r0,-764(fp)
+- cmpl -764(fp),-760(fp)
+- bgequ noname.234
+- incl -768(fp)
+-noname.234:
+- movl -764(fp),r1
+- movl -768(fp),r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.235
+- incl r2
+-noname.235:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.236
+- incl r10
+-noname.236:
+-
+- bicl3 #-65536,28(r6),r3
+- movzwl 30(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,8(r7),r2
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-772(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-776(fp)
+- mull2 r0,r4
+- addl3 -772(fp),-776(fp),r0
+- bicl3 #0,r0,-772(fp)
+- cmpl -772(fp),-776(fp)
+- bgequ noname.237
+- addl2 #65536,r4
+-noname.237:
+- movzwl -770(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-772(fp),r0
+- ashl #16,r0,-776(fp)
+- addl2 -776(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-776(fp)
+- bgequ noname.238
+- incl r4
+-noname.238:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.239
+- incl r2
+-noname.239:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.240
+- incl r10
+-noname.240:
+-
+- movl r9,36(r11)
+-
+- clrl r9
+-
+- bicl3 #-65536,28(r6),r3
+- movzwl 30(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,12(r7),r2
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-780(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-784(fp)
+- mull2 r0,r4
+- addl3 -780(fp),-784(fp),r0
+- bicl3 #0,r0,-780(fp)
+- cmpl -780(fp),-784(fp)
+- bgequ noname.241
+- addl2 #65536,r4
+-noname.241:
+- movzwl -778(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-780(fp),r0
+- ashl #16,r0,-784(fp)
+- addl2 -784(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-784(fp)
+- bgequ noname.242
+- incl r4
+-noname.242:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.243
+- incl r2
+-noname.243:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.244
+- incl r9
+-noname.244:
+-
+- bicl3 #-65536,24(r6),r3
+- movzwl 26(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,16(r7),r2
+- movzwl 18(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-788(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-792(fp)
+- mull2 r0,r4
+- addl3 -788(fp),-792(fp),r0
+- bicl3 #0,r0,-788(fp)
+- cmpl -788(fp),-792(fp)
+- bgequ noname.245
+- addl2 #65536,r4
+-noname.245:
+- movzwl -786(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-788(fp),r0
+- ashl #16,r0,-792(fp)
+- addl2 -792(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-792(fp)
+- bgequ noname.246
+- incl r4
+-noname.246:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.247
+- incl r2
+-noname.247:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.248
+- incl r9
+-noname.248:
+-
+- bicl3 #-65536,20(r6),r3
+- movzwl 22(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,20(r7),r2
+- movzwl 22(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-796(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-800(fp)
+- mull2 r0,r4
+- addl3 -796(fp),-800(fp),r0
+- bicl3 #0,r0,-796(fp)
+- cmpl -796(fp),-800(fp)
+- bgequ noname.249
+- addl2 #65536,r4
+-noname.249:
+- movzwl -794(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-796(fp),r0
+- ashl #16,r0,-800(fp)
+- addl2 -800(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-800(fp)
+- bgequ noname.250
+- incl r4
+-noname.250:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.251
+- incl r2
+-noname.251:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.252
+- incl r9
+-noname.252:
+-
+- bicl3 #-65536,16(r6),r3
+- movzwl 18(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,24(r7),r2
+- movzwl 26(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-804(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-808(fp)
+- mull2 r0,r4
+- addl3 -804(fp),-808(fp),r0
+- bicl3 #0,r0,-804(fp)
+- cmpl -804(fp),-808(fp)
+- bgequ noname.253
+- addl2 #65536,r4
+-noname.253:
+- movzwl -802(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-804(fp),r0
+- ashl #16,r0,-808(fp)
+- addl2 -808(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-808(fp)
+- bgequ noname.254
+- incl r4
+-noname.254:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.255
+- incl r2
+-noname.255:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.256
+- incl r9
+-noname.256:
+-
+- bicl3 #-65536,12(r6),r3
+- movzwl 14(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,28(r7),r2
+- movzwl 30(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-812(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-816(fp)
+- mull2 r0,r4
+- addl3 -812(fp),-816(fp),r0
+- bicl3 #0,r0,-812(fp)
+- cmpl -812(fp),-816(fp)
+- bgequ noname.257
+- addl2 #65536,r4
+-noname.257:
+- movzwl -810(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-812(fp),r0
+- ashl #16,r0,-816(fp)
+- addl2 -816(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-816(fp)
+- bgequ noname.258
+- incl r4
+-noname.258:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.259
+- incl r2
+-noname.259:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.260
+- incl r9
+-noname.260:
+-
+- movl r8,40(r11)
+-
+- clrl r8
+-
+- bicl3 #-65536,16(r6),r3
+- movzwl 18(r6),r2
+- bicl3 #-65536,28(r7),r1
+- movzwl 30(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r4
+- bicl3 #-65536,r2,-828(fp)
+- mull3 r0,r4,-820(fp)
+- mull2 r1,r4
+- mull3 r1,-828(fp),-824(fp)
+- mull2 r0,-828(fp)
+- addl3 -820(fp),-824(fp),r0
+- bicl3 #0,r0,-820(fp)
+- cmpl -820(fp),-824(fp)
+- bgequ noname.261
+- addl2 #65536,-828(fp)
+-noname.261:
+- movzwl -818(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-828(fp)
+- bicl3 #-65536,-820(fp),r0
+- ashl #16,r0,-824(fp)
+- addl2 -824(fp),r4
+- bicl2 #0,r4
+- cmpl r4,-824(fp)
+- bgequ noname.262
+- incl -828(fp)
+-noname.262:
+- movl r4,r1
+- movl -828(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.263
+- incl r2
+-noname.263:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.264
+- incl r8
+-noname.264:
+-
+- movzwl 22(r6),r2
+- bicl3 #-65536,24(r7),r3
+- movzwl 26(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,20(r6),-840(fp)
+- bicl3 #-65536,r2,-844(fp)
+- mull3 r0,-840(fp),-832(fp)
+- mull2 r3,-840(fp)
+- mull3 r3,-844(fp),-836(fp)
+- mull2 r0,-844(fp)
+- addl3 -832(fp),-836(fp),r0
+- bicl3 #0,r0,-832(fp)
+- cmpl -832(fp),-836(fp)
+- bgequ noname.265
+- addl2 #65536,-844(fp)
+-noname.265:
+- movzwl -830(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-844(fp)
+- bicl3 #-65536,-832(fp),r0
+- ashl #16,r0,-836(fp)
+- addl3 -836(fp),-840(fp),r0
+- bicl3 #0,r0,-840(fp)
+- cmpl -840(fp),-836(fp)
+- bgequ noname.266
+- incl -844(fp)
+-noname.266:
+- movl -840(fp),r1
+- movl -844(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.267
+- incl r2
+-noname.267:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.268
+- incl r8
+-noname.268:
+-
+- bicl3 #-65536,24(r6),r3
+- movzwl 26(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,20(r7),r2
+- movzwl 22(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-848(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-852(fp)
+- mull2 r0,r4
+- addl3 -848(fp),-852(fp),r0
+- bicl3 #0,r0,-848(fp)
+- cmpl -848(fp),-852(fp)
+- bgequ noname.269
+- addl2 #65536,r4
+-noname.269:
+- movzwl -846(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-848(fp),r0
+- ashl #16,r0,-852(fp)
+- addl2 -852(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-852(fp)
+- bgequ noname.270
+- incl r4
+-noname.270:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.271
+- incl r2
+-noname.271:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.272
+- incl r8
+-noname.272:
+-
+- bicl3 #-65536,28(r6),r3
+- movzwl 30(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,16(r7),r2
+- movzwl 18(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-856(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-860(fp)
+- mull2 r0,r4
+- addl3 -856(fp),-860(fp),r0
+- bicl3 #0,r0,-856(fp)
+- cmpl -856(fp),-860(fp)
+- bgequ noname.273
+- addl2 #65536,r4
+-noname.273:
+- movzwl -854(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-856(fp),r0
+- ashl #16,r0,-860(fp)
+- addl2 -860(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-860(fp)
+- bgequ noname.274
+- incl r4
+-noname.274:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.275
+- incl r2
+-noname.275:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.276
+- incl r8
+-noname.276:
+-
+- movl r10,44(r11)
+-
+- clrl r10
+-
+- bicl3 #-65536,28(r6),r3
+- movzwl 30(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,20(r7),r2
+- movzwl 22(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-864(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-868(fp)
+- mull2 r0,r4
+- addl3 -864(fp),-868(fp),r0
+- bicl3 #0,r0,-864(fp)
+- cmpl -864(fp),-868(fp)
+- bgequ noname.277
+- addl2 #65536,r4
+-noname.277:
+- movzwl -862(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-864(fp),r0
+- ashl #16,r0,-868(fp)
+- addl2 -868(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-868(fp)
+- bgequ noname.278
+- incl r4
+-noname.278:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.279
+- incl r2
+-noname.279:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.280
+- incl r10
+-noname.280:
+-
+- bicl3 #-65536,24(r6),r3
+- movzwl 26(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,24(r7),r2
+- movzwl 26(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-872(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-876(fp)
+- mull2 r0,r4
+- addl3 -872(fp),-876(fp),r0
+- bicl3 #0,r0,-872(fp)
+- cmpl -872(fp),-876(fp)
+- bgequ noname.281
+- addl2 #65536,r4
+-noname.281:
+- movzwl -870(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-872(fp),r0
+- ashl #16,r0,-876(fp)
+- addl2 -876(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-876(fp)
+- bgequ noname.282
+- incl r4
+-noname.282:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.283
+- incl r2
+-noname.283:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.284
+- incl r10
+-noname.284:
+-
+- bicl3 #-65536,20(r6),r3
+- movzwl 22(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,28(r7),r2
+- movzwl 30(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-880(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-884(fp)
+- mull2 r0,r4
+- addl3 -880(fp),-884(fp),r0
+- bicl3 #0,r0,-880(fp)
+- cmpl -880(fp),-884(fp)
+- bgequ noname.285
+- addl2 #65536,r4
+-noname.285:
+- movzwl -878(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-880(fp),r0
+- ashl #16,r0,-884(fp)
+- addl2 -884(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-884(fp)
+- bgequ noname.286
+- incl r4
+-noname.286:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.287
+- incl r2
+-noname.287:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.288
+- incl r10
+-noname.288:
+-
+- movl r9,48(r11)
+-
+- clrl r9
+-
+- bicl3 #-65536,24(r6),r3
+- movzwl 26(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,28(r7),r2
+- movzwl 30(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-888(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-892(fp)
+- mull2 r0,r4
+- addl3 -888(fp),-892(fp),r0
+- bicl3 #0,r0,-888(fp)
+- cmpl -888(fp),-892(fp)
+- bgequ noname.289
+- addl2 #65536,r4
+-noname.289:
+- movzwl -886(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-888(fp),r0
+- ashl #16,r0,-892(fp)
+- addl2 -892(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-892(fp)
+- bgequ noname.290
+- incl r4
+-noname.290:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.291
+- incl r2
+-noname.291:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.292
+- incl r9
+-noname.292:
+-
+- movzwl 30(r6),r2
+- bicl3 #-65536,24(r7),r3
+- movzwl 26(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,28(r6),-904(fp)
+- bicl3 #-65536,r2,-908(fp)
+- mull3 r0,-904(fp),-896(fp)
+- mull2 r3,-904(fp)
+- mull3 r3,-908(fp),-900(fp)
+- mull2 r0,-908(fp)
+- addl3 -896(fp),-900(fp),r0
+- bicl3 #0,r0,-896(fp)
+- cmpl -896(fp),-900(fp)
+- bgequ noname.293
+- addl2 #65536,-908(fp)
+-noname.293:
+- movzwl -894(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-908(fp)
+- bicl3 #-65536,-896(fp),r0
+- ashl #16,r0,-900(fp)
+- addl3 -900(fp),-904(fp),r0
+- bicl3 #0,r0,-904(fp)
+- cmpl -904(fp),-900(fp)
+- bgequ noname.294
+- incl -908(fp)
+-noname.294:
+- movl -904(fp),r1
+- movl -908(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.295
+- incl r2
+-noname.295:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.296
+- incl r9
+-noname.296:
+-
+- movl r8,52(r11)
+-
+- clrl r8
+-
+- movzwl 30(r6),r2
+- bicl3 #-65536,28(r7),r3
+- movzwl 30(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,28(r6),-920(fp)
+- bicl3 #-65536,r2,-924(fp)
+- mull3 r0,-920(fp),-912(fp)
+- mull2 r3,-920(fp)
+- mull3 r3,-924(fp),-916(fp)
+- mull2 r0,-924(fp)
+- addl3 -912(fp),-916(fp),r0
+- bicl3 #0,r0,-912(fp)
+- cmpl -912(fp),-916(fp)
+- bgequ noname.297
+- addl2 #65536,-924(fp)
+-noname.297:
+- movzwl -910(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-924(fp)
+- bicl3 #-65536,-912(fp),r0
+- ashl #16,r0,-916(fp)
+- addl3 -916(fp),-920(fp),r0
+- bicl3 #0,r0,-920(fp)
+- cmpl -920(fp),-916(fp)
+- bgequ noname.298
+- incl -924(fp)
+-noname.298:
+- movl -920(fp),r1
+- movl -924(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.299
+- incl r2
+-noname.299:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.300
+- incl r8
+-noname.300:
+-
+- movl r10,56(r11)
+-
+- movl r9,60(r11)
+-
+- ret
+-
+-�
+-
+-;r=4 ;(AP)
+-;a=8 ;(AP)
+-;b=12 ;(AP)
+-;n=16 ;(AP) n by value (input)
+-
+- .psect code,nowrt
+-
+-.entry BN_MUL_COMBA4,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
+- movab -156(sp),sp
+-
+- clrq r9
+-
+- clrl r8
+-
+- movl 8(ap),r6
+- bicl3 #-65536,(r6),r3
+- movzwl 2(r6),r2
+- bicl2 #-65536,r2
+- movl 12(ap),r7
+- bicl3 #-65536,(r7),r1
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r2,r4
+- mull3 r0,r5,-4(fp)
+- mull2 r1,r5
+- mull3 r1,r4,-8(fp)
+- mull2 r0,r4
+- addl3 -4(fp),-8(fp),r0
+- bicl3 #0,r0,-4(fp)
+- cmpl -4(fp),-8(fp)
+- bgequ noname.303
+- addl2 #65536,r4
+-noname.303:
+- movzwl -2(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-4(fp),r0
+- ashl #16,r0,-8(fp)
+- addl2 -8(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-8(fp)
+- bgequ noname.304
+- incl r4
+-noname.304:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.305
+- incl r2
+-noname.305:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.306
+- incl r8
+-noname.306:
+-
+- movl 4(ap),r11
+- movl r10,(r11)
+-
+- clrl r10
+-
+- bicl3 #-65536,(r6),r3
+- movzwl 2(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,4(r7),r2
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-12(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-16(fp)
+- mull2 r0,r4
+- addl3 -12(fp),-16(fp),r0
+- bicl3 #0,r0,-12(fp)
+- cmpl -12(fp),-16(fp)
+- bgequ noname.307
+- addl2 #65536,r4
+-noname.307:
+- movzwl -10(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-12(fp),r0
+- ashl #16,r0,-16(fp)
+- addl2 -16(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-16(fp)
+- bgequ noname.308
+- incl r4
+-noname.308:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.309
+- incl r2
+-noname.309:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.310
+- incl r10
+-noname.310:
+-
+- bicl3 #-65536,4(r6),r3
+- movzwl 6(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,(r7),r2
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-20(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-24(fp)
+- mull2 r0,r4
+- addl3 -20(fp),-24(fp),r0
+- bicl3 #0,r0,-20(fp)
+- cmpl -20(fp),-24(fp)
+- bgequ noname.311
+- addl2 #65536,r4
+-noname.311:
+- movzwl -18(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-20(fp),r0
+- ashl #16,r0,-24(fp)
+- addl2 -24(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-24(fp)
+- bgequ noname.312
+- incl r4
+-noname.312:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.313
+- incl r2
+-noname.313:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.314
+- incl r10
+-noname.314:
+-
+- movl r9,4(r11)
+-
+- clrl r9
+-
+- bicl3 #-65536,8(r6),r3
+- movzwl 10(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,(r7),r2
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-28(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-32(fp)
+- mull2 r0,r4
+- addl3 -28(fp),-32(fp),r0
+- bicl3 #0,r0,-28(fp)
+- cmpl -28(fp),-32(fp)
+- bgequ noname.315
+- addl2 #65536,r4
+-noname.315:
+- movzwl -26(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-28(fp),r0
+- ashl #16,r0,-32(fp)
+- addl2 -32(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-32(fp)
+- bgequ noname.316
+- incl r4
+-noname.316:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.317
+- incl r2
+-noname.317:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.318
+- incl r9
+-noname.318:
+-
+- bicl3 #-65536,4(r6),r3
+- movzwl 6(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,4(r7),r2
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-36(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-40(fp)
+- mull2 r0,r4
+- addl3 -36(fp),-40(fp),r0
+- bicl3 #0,r0,-36(fp)
+- cmpl -36(fp),-40(fp)
+- bgequ noname.319
+- addl2 #65536,r4
+-noname.319:
+- movzwl -34(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-36(fp),r0
+- ashl #16,r0,-40(fp)
+- addl2 -40(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-40(fp)
+- bgequ noname.320
+- incl r4
+-noname.320:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.321
+- incl r2
+-noname.321:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.322
+- incl r9
+-noname.322:
+-
+- bicl3 #-65536,(r6),r3
+- movzwl 2(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,8(r7),r2
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-44(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-48(fp)
+- mull2 r0,r4
+- addl3 -44(fp),-48(fp),r0
+- bicl3 #0,r0,-44(fp)
+- cmpl -44(fp),-48(fp)
+- bgequ noname.323
+- addl2 #65536,r4
+-noname.323:
+- movzwl -42(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-44(fp),r0
+- ashl #16,r0,-48(fp)
+- addl2 -48(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-48(fp)
+- bgequ noname.324
+- incl r4
+-noname.324:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.325
+- incl r2
+-noname.325:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.326
+- incl r9
+-noname.326:
+-
+- movl r8,8(r11)
+-
+- clrl r8
+-
+- bicl3 #-65536,(r6),r3
+- movzwl 2(r6),r2
+- bicl3 #-65536,12(r7),r1
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r4
+- bicl3 #-65536,r2,-60(fp)
+- mull3 r0,r4,-52(fp)
+- mull2 r1,r4
+- mull3 r1,-60(fp),-56(fp)
+- mull2 r0,-60(fp)
+- addl3 -52(fp),-56(fp),r0
+- bicl3 #0,r0,-52(fp)
+- cmpl -52(fp),-56(fp)
+- bgequ noname.327
+- addl2 #65536,-60(fp)
+-noname.327:
+- movzwl -50(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-60(fp)
+- bicl3 #-65536,-52(fp),r0
+- ashl #16,r0,-56(fp)
+- addl2 -56(fp),r4
+- bicl2 #0,r4
+- cmpl r4,-56(fp)
+- bgequ noname.328
+- incl -60(fp)
+-noname.328:
+- movl r4,r1
+- movl -60(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.329
+- incl r2
+-noname.329:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.330
+- incl r8
+-noname.330:
+-
+- movzwl 6(r6),r2
+- bicl3 #-65536,8(r7),r3
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,4(r6),-72(fp)
+- bicl3 #-65536,r2,-76(fp)
+- mull3 r0,-72(fp),-64(fp)
+- mull2 r3,-72(fp)
+- mull3 r3,-76(fp),-68(fp)
+- mull2 r0,-76(fp)
+- addl3 -64(fp),-68(fp),r0
+- bicl3 #0,r0,-64(fp)
+- cmpl -64(fp),-68(fp)
+- bgequ noname.331
+- addl2 #65536,-76(fp)
+-noname.331:
+- movzwl -62(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-76(fp)
+- bicl3 #-65536,-64(fp),r0
+- ashl #16,r0,-68(fp)
+- addl3 -68(fp),-72(fp),r0
+- bicl3 #0,r0,-72(fp)
+- cmpl -72(fp),-68(fp)
+- bgequ noname.332
+- incl -76(fp)
+-noname.332:
+- movl -72(fp),r1
+- movl -76(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.333
+- incl r2
+-noname.333:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.334
+- incl r8
+-noname.334:
+-
+- bicl3 #-65536,8(r6),r3
+- movzwl 10(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,4(r7),r2
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-80(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-84(fp)
+- mull2 r0,r4
+- addl3 -80(fp),-84(fp),r0
+- bicl3 #0,r0,-80(fp)
+- cmpl -80(fp),-84(fp)
+- bgequ noname.335
+- addl2 #65536,r4
+-noname.335:
+- movzwl -78(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-80(fp),r0
+- ashl #16,r0,-84(fp)
+- addl2 -84(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-84(fp)
+- bgequ noname.336
+- incl r4
+-noname.336:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.337
+- incl r2
+-noname.337:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.338
+- incl r8
+-noname.338:
+-
+- bicl3 #-65536,12(r6),r3
+- movzwl 14(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,(r7),r2
+- movzwl 2(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-88(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-92(fp)
+- mull2 r0,r4
+- addl3 -88(fp),-92(fp),r0
+- bicl3 #0,r0,-88(fp)
+- cmpl -88(fp),-92(fp)
+- bgequ noname.339
+- addl2 #65536,r4
+-noname.339:
+- movzwl -86(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-88(fp),r0
+- ashl #16,r0,-92(fp)
+- addl2 -92(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-92(fp)
+- bgequ noname.340
+- incl r4
+-noname.340:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.341
+- incl r2
+-noname.341:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.342
+- incl r8
+-noname.342:
+-
+- movl r10,12(r11)
+-
+- clrl r10
+-
+- bicl3 #-65536,12(r6),r3
+- movzwl 14(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,4(r7),r2
+- movzwl 6(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-96(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-100(fp)
+- mull2 r0,r4
+- addl3 -96(fp),-100(fp),r0
+- bicl3 #0,r0,-96(fp)
+- cmpl -96(fp),-100(fp)
+- bgequ noname.343
+- addl2 #65536,r4
+-noname.343:
+- movzwl -94(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-96(fp),r0
+- ashl #16,r0,-100(fp)
+- addl2 -100(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-100(fp)
+- bgequ noname.344
+- incl r4
+-noname.344:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.345
+- incl r2
+-noname.345:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.346
+- incl r10
+-noname.346:
+-
+- bicl3 #-65536,8(r6),r3
+- movzwl 10(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,8(r7),r2
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-104(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-108(fp)
+- mull2 r0,r4
+- addl3 -104(fp),-108(fp),r0
+- bicl3 #0,r0,-104(fp)
+- cmpl -104(fp),-108(fp)
+- bgequ noname.347
+- addl2 #65536,r4
+-noname.347:
+- movzwl -102(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-104(fp),r0
+- ashl #16,r0,-108(fp)
+- addl2 -108(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-108(fp)
+- bgequ noname.348
+- incl r4
+-noname.348:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.349
+- incl r2
+-noname.349:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.350
+- incl r10
+-noname.350:
+-
+- bicl3 #-65536,4(r6),r3
+- movzwl 6(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,12(r7),r2
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-112(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-116(fp)
+- mull2 r0,r4
+- addl3 -112(fp),-116(fp),r0
+- bicl3 #0,r0,-112(fp)
+- cmpl -112(fp),-116(fp)
+- bgequ noname.351
+- addl2 #65536,r4
+-noname.351:
+- movzwl -110(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-112(fp),r0
+- ashl #16,r0,-116(fp)
+- addl2 -116(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-116(fp)
+- bgequ noname.352
+- incl r4
+-noname.352:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.353
+- incl r2
+-noname.353:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.354
+- incl r10
+-noname.354:
+-
+- movl r9,16(r11)
+-
+- clrl r9
+-
+- bicl3 #-65536,8(r6),r3
+- movzwl 10(r6),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,12(r7),r2
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-120(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-124(fp)
+- mull2 r0,r4
+- addl3 -120(fp),-124(fp),r0
+- bicl3 #0,r0,-120(fp)
+- cmpl -120(fp),-124(fp)
+- bgequ noname.355
+- addl2 #65536,r4
+-noname.355:
+- movzwl -118(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-120(fp),r0
+- ashl #16,r0,-124(fp)
+- addl2 -124(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-124(fp)
+- bgequ noname.356
+- incl r4
+-noname.356:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.357
+- incl r2
+-noname.357:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.358
+- incl r9
+-noname.358:
+-
+- movzwl 14(r6),r2
+- bicl3 #-65536,8(r7),r3
+- movzwl 10(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,12(r6),-136(fp)
+- bicl3 #-65536,r2,-140(fp)
+- mull3 r0,-136(fp),-128(fp)
+- mull2 r3,-136(fp)
+- mull3 r3,-140(fp),-132(fp)
+- mull2 r0,-140(fp)
+- addl3 -128(fp),-132(fp),r0
+- bicl3 #0,r0,-128(fp)
+- cmpl -128(fp),-132(fp)
+- bgequ noname.359
+- addl2 #65536,-140(fp)
+-noname.359:
+- movzwl -126(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-140(fp)
+- bicl3 #-65536,-128(fp),r0
+- ashl #16,r0,-132(fp)
+- addl3 -132(fp),-136(fp),r0
+- bicl3 #0,r0,-136(fp)
+- cmpl -136(fp),-132(fp)
+- bgequ noname.360
+- incl -140(fp)
+-noname.360:
+- movl -136(fp),r1
+- movl -140(fp),r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.361
+- incl r2
+-noname.361:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.362
+- incl r9
+-noname.362:
+-
+- movl r8,20(r11)
+-
+- clrl r8
+-
+- movzwl 14(r6),r2
+- bicl3 #-65536,12(r7),r3
+- movzwl 14(r7),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,12(r6),-152(fp)
+- bicl3 #-65536,r2,-156(fp)
+- mull3 r0,-152(fp),-144(fp)
+- mull2 r3,-152(fp)
+- mull3 r3,-156(fp),-148(fp)
+- mull2 r0,-156(fp)
+- addl3 -144(fp),-148(fp),r0
+- bicl3 #0,r0,-144(fp)
+- cmpl -144(fp),-148(fp)
+- bgequ noname.363
+- addl2 #65536,-156(fp)
+-noname.363:
+- movzwl -142(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-156(fp)
+- bicl3 #-65536,-144(fp),r0
+- ashl #16,r0,-148(fp)
+- addl3 -148(fp),-152(fp),r0
+- bicl3 #0,r0,-152(fp)
+- cmpl -152(fp),-148(fp)
+- bgequ noname.364
+- incl -156(fp)
+-noname.364:
+- movl -152(fp),r1
+- movl -156(fp),r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.365
+- incl r2
+-noname.365:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.366
+- incl r8
+-noname.366:
+-
+- movl r10,24(r11)
+-
+- movl r9,28(r11)
+-
+- ret
+-
+-�
+-
+-;r=4 ;(AP)
+-;a=8 ;(AP)
+-;b=12 ;(AP)
+-;n=16 ;(AP) n by value (input)
+-
+- .psect code,nowrt
+-
+-.entry BN_SQR_COMBA8,^m<r2,r3,r4,r5,r6,r7,r8,r9>
+- movab -444(sp),sp
+-
+- clrq r8
+-
+- clrl r7
+-
+- movl 8(ap),r4
+- movl (r4),r3
+- bicl3 #-65536,r3,-4(fp)
+- extzv #16,#16,r3,r0
+- bicl3 #-65536,r0,r3
+- movl -4(fp),r0
+- mull3 r0,r3,-8(fp)
+- mull3 r0,r0,-4(fp)
+- mull2 r3,r3
+- bicl3 #32767,-8(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r3
+- bicl3 #-65536,-8(fp),r0
+- ashl #17,r0,-8(fp)
+- addl3 -4(fp),-8(fp),r0
+- bicl3 #0,r0,-4(fp)
+- cmpl -4(fp),-8(fp)
+- bgequ noname.369
+- incl r3
+-noname.369:
+- movl -4(fp),r1
+- movl r3,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.370
+- incl r2
+-noname.370:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.371
+- incl r7
+-noname.371:
+-
+- movl r9, at 4(ap)
+-
+- clrl r9
+-
+- movzwl 6(r4),r2
+- bicl3 #-65536,(r4),r3
+- movzwl 2(r4),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,4(r4),-20(fp)
+- bicl3 #-65536,r2,-24(fp)
+- mull3 r0,-20(fp),-12(fp)
+- mull2 r3,-20(fp)
+- mull3 r3,-24(fp),-16(fp)
+- mull2 r0,-24(fp)
+- addl3 -12(fp),-16(fp),r0
+- bicl3 #0,r0,-12(fp)
+- cmpl -12(fp),-16(fp)
+- bgequ noname.372
+- addl2 #65536,-24(fp)
+-noname.372:
+- movzwl -10(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-24(fp)
+- bicl3 #-65536,-12(fp),r0
+- ashl #16,r0,-16(fp)
+- addl3 -16(fp),-20(fp),r0
+- bicl3 #0,r0,-20(fp)
+- cmpl -20(fp),-16(fp)
+- bgequ noname.373
+- incl -24(fp)
+-noname.373:
+- movl -20(fp),r3
+- movl -24(fp),r2
+- bbc #31,r2,noname.374
+- incl r9
+-noname.374:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.375
+- incl r2
+-noname.375:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.376
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.376
+- incl r9
+-noname.376:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.377
+- incl r9
+-noname.377:
+-
+- movl 4(ap),r0
+- movl r8,4(r0)
+-
+- clrl r8
+-
+- movl 8(ap),r4
+- movl 4(r4),r3
+- bicl3 #-65536,r3,-28(fp)
+- extzv #16,#16,r3,r0
+- bicl3 #-65536,r0,r3
+- movl -28(fp),r0
+- mull3 r0,r3,-32(fp)
+- mull3 r0,r0,-28(fp)
+- mull2 r3,r3
+- bicl3 #32767,-32(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r3
+- bicl3 #-65536,-32(fp),r0
+- ashl #17,r0,-32(fp)
+- addl3 -28(fp),-32(fp),r0
+- bicl3 #0,r0,-28(fp)
+- cmpl -28(fp),-32(fp)
+- bgequ noname.378
+- incl r3
+-noname.378:
+- movl -28(fp),r1
+- movl r3,r2
+- addl2 r1,r7
+- bicl2 #0,r7
+- cmpl r7,r1
+- bgequ noname.379
+- incl r2
+-noname.379:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.380
+- incl r8
+-noname.380:
+-
+- movzwl 10(r4),r2
+- bicl3 #-65536,(r4),r3
+- movzwl 2(r4),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,8(r4),-44(fp)
+- bicl3 #-65536,r2,-48(fp)
+- mull3 r0,-44(fp),-36(fp)
+- mull2 r3,-44(fp)
+- mull3 r3,-48(fp),-40(fp)
+- mull2 r0,-48(fp)
+- addl3 -36(fp),-40(fp),r0
+- bicl3 #0,r0,-36(fp)
+- cmpl -36(fp),-40(fp)
+- bgequ noname.381
+- addl2 #65536,-48(fp)
+-noname.381:
+- movzwl -34(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-48(fp)
+- bicl3 #-65536,-36(fp),r0
+- ashl #16,r0,-40(fp)
+- addl3 -40(fp),-44(fp),r0
+- bicl3 #0,r0,-44(fp)
+- cmpl -44(fp),-40(fp)
+- bgequ noname.382
+- incl -48(fp)
+-noname.382:
+- movl -44(fp),r3
+- movl -48(fp),r2
+- bbc #31,r2,noname.383
+- incl r8
+-noname.383:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.384
+- incl r2
+-noname.384:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r7
+- bicl2 #0,r7
+- cmpl r7,r3
+- bgequ noname.385
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.385
+- incl r8
+-noname.385:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.386
+- incl r8
+-noname.386:
+-
+- movl 4(ap),r0
+- movl r7,8(r0)
+-
+- clrl r7
+-
+- movl 8(ap),r0
+- movzwl 14(r0),r2
+- bicl3 #-65536,(r0),r3
+- movzwl 2(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,12(r0),-60(fp)
+- bicl3 #-65536,r2,-64(fp)
+- mull3 r1,-60(fp),-52(fp)
+- mull2 r3,-60(fp)
+- mull3 r3,-64(fp),-56(fp)
+- mull2 r1,-64(fp)
+- addl3 -52(fp),-56(fp),r0
+- bicl3 #0,r0,-52(fp)
+- cmpl -52(fp),-56(fp)
+- bgequ noname.387
+- addl2 #65536,-64(fp)
+-noname.387:
+- movzwl -50(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-64(fp)
+- bicl3 #-65536,-52(fp),r0
+- ashl #16,r0,-56(fp)
+- addl3 -56(fp),-60(fp),r0
+- bicl3 #0,r0,-60(fp)
+- cmpl -60(fp),-56(fp)
+- bgequ noname.388
+- incl -64(fp)
+-noname.388:
+- movl -60(fp),r3
+- movl -64(fp),r2
+- bbc #31,r2,noname.389
+- incl r7
+-noname.389:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.390
+- incl r2
+-noname.390:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.391
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.391
+- incl r7
+-noname.391:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.392
+- incl r7
+-noname.392:
+-
+- movl 8(ap),r0
+- movzwl 10(r0),r2
+- bicl3 #-65536,4(r0),r3
+- movzwl 6(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,8(r0),-76(fp)
+- bicl3 #-65536,r2,-80(fp)
+- mull3 r1,-76(fp),-68(fp)
+- mull2 r3,-76(fp)
+- mull3 r3,-80(fp),-72(fp)
+- mull2 r1,-80(fp)
+- addl3 -68(fp),-72(fp),r0
+- bicl3 #0,r0,-68(fp)
+- cmpl -68(fp),-72(fp)
+- bgequ noname.393
+- addl2 #65536,-80(fp)
+-noname.393:
+- movzwl -66(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-80(fp)
+- bicl3 #-65536,-68(fp),r0
+- ashl #16,r0,-72(fp)
+- addl3 -72(fp),-76(fp),r0
+- bicl3 #0,r0,-76(fp)
+- cmpl -76(fp),-72(fp)
+- bgequ noname.394
+- incl -80(fp)
+-noname.394:
+- movl -76(fp),r3
+- movl -80(fp),r2
+- bbc #31,r2,noname.395
+- incl r7
+-noname.395:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.396
+- incl r2
+-noname.396:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.397
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.397
+- incl r7
+-noname.397:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.398
+- incl r7
+-noname.398:
+-
+- movl 4(ap),r0
+- movl r9,12(r0)
+-
+- clrl r9
+-
+- movl 8(ap),r2
+- movl 8(r2),r4
+- bicl3 #-65536,r4,-84(fp)
+- extzv #16,#16,r4,r0
+- bicl3 #-65536,r0,r4
+- movl -84(fp),r0
+- mull3 r0,r4,-88(fp)
+- mull3 r0,r0,-84(fp)
+- mull2 r4,r4
+- bicl3 #32767,-88(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r4
+- bicl3 #-65536,-88(fp),r0
+- ashl #17,r0,-88(fp)
+- addl3 -84(fp),-88(fp),r0
+- bicl3 #0,r0,-84(fp)
+- cmpl -84(fp),-88(fp)
+- bgequ noname.399
+- incl r4
+-noname.399:
+- movl -84(fp),r1
+- movl r4,r3
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.400
+- incl r3
+-noname.400:
+- addl2 r3,r7
+- bicl2 #0,r7
+- cmpl r7,r3
+- bgequ noname.401
+- incl r9
+-noname.401:
+-
+- movzwl 14(r2),r3
+- bicl3 #-65536,4(r2),r1
+- movzwl 6(r2),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,12(r2),-100(fp)
+- bicl3 #-65536,r3,-104(fp)
+- mull3 r0,-100(fp),-92(fp)
+- mull2 r1,-100(fp)
+- mull3 r1,-104(fp),-96(fp)
+- mull2 r0,-104(fp)
+- addl3 -92(fp),-96(fp),r0
+- bicl3 #0,r0,-92(fp)
+- cmpl -92(fp),-96(fp)
+- bgequ noname.402
+- addl2 #65536,-104(fp)
+-noname.402:
+- movzwl -90(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-104(fp)
+- bicl3 #-65536,-92(fp),r0
+- ashl #16,r0,-96(fp)
+- addl3 -96(fp),-100(fp),r0
+- bicl3 #0,r0,-100(fp)
+- cmpl -100(fp),-96(fp)
+- bgequ noname.403
+- incl -104(fp)
+-noname.403:
+- movl -100(fp),r3
+- movl -104(fp),r2
+- bbc #31,r2,noname.404
+- incl r9
+-noname.404:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.405
+- incl r2
+-noname.405:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.406
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.406
+- incl r9
+-noname.406:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.407
+- incl r9
+-noname.407:
+-
+- movl 8(ap),r0
+- movzwl 18(r0),r2
+- bicl3 #-65536,(r0),r3
+- movzwl 2(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,16(r0),-116(fp)
+- bicl3 #-65536,r2,-120(fp)
+- mull3 r1,-116(fp),-108(fp)
+- mull2 r3,-116(fp)
+- mull3 r3,-120(fp),-112(fp)
+- mull2 r1,-120(fp)
+- addl3 -108(fp),-112(fp),r0
+- bicl3 #0,r0,-108(fp)
+- cmpl -108(fp),-112(fp)
+- bgequ noname.408
+- addl2 #65536,-120(fp)
+-noname.408:
+- movzwl -106(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-120(fp)
+- bicl3 #-65536,-108(fp),r0
+- ashl #16,r0,-112(fp)
+- addl3 -112(fp),-116(fp),r0
+- bicl3 #0,r0,-116(fp)
+- cmpl -116(fp),-112(fp)
+- bgequ noname.409
+- incl -120(fp)
+-noname.409:
+- movl -116(fp),r3
+- movl -120(fp),r2
+- bbc #31,r2,noname.410
+- incl r9
+-noname.410:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.411
+- incl r2
+-noname.411:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.412
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.412
+- incl r9
+-noname.412:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.413
+- incl r9
+-noname.413:
+-
+- movl 4(ap),r0
+- movl r8,16(r0)
+-
+- clrl r8
+-
+- movl 8(ap),r0
+- movzwl 22(r0),r2
+- bicl3 #-65536,(r0),r3
+- movzwl 2(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,20(r0),-132(fp)
+- bicl3 #-65536,r2,-136(fp)
+- mull3 r1,-132(fp),-124(fp)
+- mull2 r3,-132(fp)
+- mull3 r3,-136(fp),-128(fp)
+- mull2 r1,-136(fp)
+- addl3 -124(fp),-128(fp),r0
+- bicl3 #0,r0,-124(fp)
+- cmpl -124(fp),-128(fp)
+- bgequ noname.414
+- addl2 #65536,-136(fp)
+-noname.414:
+- movzwl -122(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-136(fp)
+- bicl3 #-65536,-124(fp),r0
+- ashl #16,r0,-128(fp)
+- addl3 -128(fp),-132(fp),r0
+- bicl3 #0,r0,-132(fp)
+- cmpl -132(fp),-128(fp)
+- bgequ noname.415
+- incl -136(fp)
+-noname.415:
+- movl -132(fp),r3
+- movl -136(fp),r2
+- bbc #31,r2,noname.416
+- incl r8
+-noname.416:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.417
+- incl r2
+-noname.417:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r7
+- bicl2 #0,r7
+- cmpl r7,r3
+- bgequ noname.418
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.418
+- incl r8
+-noname.418:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.419
+- incl r8
+-noname.419:
+-
+- movl 8(ap),r0
+- movzwl 18(r0),r2
+- bicl3 #-65536,4(r0),r3
+- movzwl 6(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,16(r0),-148(fp)
+- bicl3 #-65536,r2,-152(fp)
+- mull3 r1,-148(fp),-140(fp)
+- mull2 r3,-148(fp)
+- mull3 r3,-152(fp),-144(fp)
+- mull2 r1,-152(fp)
+- addl3 -140(fp),-144(fp),r0
+- bicl3 #0,r0,-140(fp)
+- cmpl -140(fp),-144(fp)
+- bgequ noname.420
+- addl2 #65536,-152(fp)
+-noname.420:
+- movzwl -138(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-152(fp)
+- bicl3 #-65536,-140(fp),r0
+- ashl #16,r0,-144(fp)
+- addl3 -144(fp),-148(fp),r0
+- bicl3 #0,r0,-148(fp)
+- cmpl -148(fp),-144(fp)
+- bgequ noname.421
+- incl -152(fp)
+-noname.421:
+- movl -148(fp),r3
+- movl -152(fp),r2
+- bbc #31,r2,noname.422
+- incl r8
+-noname.422:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.423
+- incl r2
+-noname.423:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r7
+- bicl2 #0,r7
+- cmpl r7,r3
+- bgequ noname.424
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.424
+- incl r8
+-noname.424:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.425
+- incl r8
+-noname.425:
+-
+- movl 8(ap),r0
+- movzwl 14(r0),r2
+- bicl3 #-65536,8(r0),r3
+- movzwl 10(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,12(r0),-164(fp)
+- bicl3 #-65536,r2,-168(fp)
+- mull3 r1,-164(fp),-156(fp)
+- mull2 r3,-164(fp)
+- mull3 r3,-168(fp),-160(fp)
+- mull2 r1,-168(fp)
+- addl3 -156(fp),-160(fp),r0
+- bicl3 #0,r0,-156(fp)
+- cmpl -156(fp),-160(fp)
+- bgequ noname.426
+- addl2 #65536,-168(fp)
+-noname.426:
+- movzwl -154(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-168(fp)
+- bicl3 #-65536,-156(fp),r0
+- ashl #16,r0,-160(fp)
+- addl3 -160(fp),-164(fp),r0
+- bicl3 #0,r0,-164(fp)
+- cmpl -164(fp),-160(fp)
+- bgequ noname.427
+- incl -168(fp)
+-noname.427:
+- movl -164(fp),r3
+- movl -168(fp),r2
+- bbc #31,r2,noname.428
+- incl r8
+-noname.428:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.429
+- incl r2
+-noname.429:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r7
+- bicl2 #0,r7
+- cmpl r7,r3
+- bgequ noname.430
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.430
+- incl r8
+-noname.430:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.431
+- incl r8
+-noname.431:
+-
+- movl 4(ap),r0
+- movl r7,20(r0)
+-
+- clrl r7
+-
+- movl 8(ap),r2
+- movl 12(r2),r4
+- bicl3 #-65536,r4,-172(fp)
+- extzv #16,#16,r4,r0
+- bicl3 #-65536,r0,r4
+- movl -172(fp),r0
+- mull3 r0,r4,-176(fp)
+- mull3 r0,r0,-172(fp)
+- mull2 r4,r4
+- bicl3 #32767,-176(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r4
+- bicl3 #-65536,-176(fp),r0
+- ashl #17,r0,-176(fp)
+- addl3 -172(fp),-176(fp),r0
+- bicl3 #0,r0,-172(fp)
+- cmpl -172(fp),-176(fp)
+- bgequ noname.432
+- incl r4
+-noname.432:
+- movl -172(fp),r1
+- movl r4,r3
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.433
+- incl r3
+-noname.433:
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.434
+- incl r7
+-noname.434:
+-
+- movzwl 18(r2),r3
+- bicl3 #-65536,8(r2),r1
+- movzwl 10(r2),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,16(r2),-188(fp)
+- bicl3 #-65536,r3,-192(fp)
+- mull3 r0,-188(fp),-180(fp)
+- mull2 r1,-188(fp)
+- mull3 r1,-192(fp),-184(fp)
+- mull2 r0,-192(fp)
+- addl3 -180(fp),-184(fp),r0
+- bicl3 #0,r0,-180(fp)
+- cmpl -180(fp),-184(fp)
+- bgequ noname.435
+- addl2 #65536,-192(fp)
+-noname.435:
+- movzwl -178(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-192(fp)
+- bicl3 #-65536,-180(fp),r0
+- ashl #16,r0,-184(fp)
+- addl3 -184(fp),-188(fp),r0
+- bicl3 #0,r0,-188(fp)
+- cmpl -188(fp),-184(fp)
+- bgequ noname.436
+- incl -192(fp)
+-noname.436:
+- movl -188(fp),r3
+- movl -192(fp),r2
+- bbc #31,r2,noname.437
+- incl r7
+-noname.437:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.438
+- incl r2
+-noname.438:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.439
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.439
+- incl r7
+-noname.439:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.440
+- incl r7
+-noname.440:
+-
+- movl 8(ap),r0
+- movzwl 22(r0),r2
+- bicl3 #-65536,4(r0),r3
+- movzwl 6(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,20(r0),-204(fp)
+- bicl3 #-65536,r2,-208(fp)
+- mull3 r1,-204(fp),-196(fp)
+- mull2 r3,-204(fp)
+- mull3 r3,-208(fp),-200(fp)
+- mull2 r1,-208(fp)
+- addl3 -196(fp),-200(fp),r0
+- bicl3 #0,r0,-196(fp)
+- cmpl -196(fp),-200(fp)
+- bgequ noname.441
+- addl2 #65536,-208(fp)
+-noname.441:
+- movzwl -194(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-208(fp)
+- bicl3 #-65536,-196(fp),r0
+- ashl #16,r0,-200(fp)
+- addl3 -200(fp),-204(fp),r0
+- bicl3 #0,r0,-204(fp)
+- cmpl -204(fp),-200(fp)
+- bgequ noname.442
+- incl -208(fp)
+-noname.442:
+- movl -204(fp),r3
+- movl -208(fp),r2
+- bbc #31,r2,noname.443
+- incl r7
+-noname.443:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.444
+- incl r2
+-noname.444:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.445
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.445
+- incl r7
+-noname.445:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.446
+- incl r7
+-noname.446:
+-
+- movl 8(ap),r0
+- movzwl 26(r0),r2
+- bicl3 #-65536,(r0),r3
+- movzwl 2(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,24(r0),-220(fp)
+- bicl3 #-65536,r2,-224(fp)
+- mull3 r1,-220(fp),-212(fp)
+- mull2 r3,-220(fp)
+- mull3 r3,-224(fp),-216(fp)
+- mull2 r1,-224(fp)
+- addl3 -212(fp),-216(fp),r0
+- bicl3 #0,r0,-212(fp)
+- cmpl -212(fp),-216(fp)
+- bgequ noname.447
+- addl2 #65536,-224(fp)
+-noname.447:
+- movzwl -210(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-224(fp)
+- bicl3 #-65536,-212(fp),r0
+- ashl #16,r0,-216(fp)
+- addl3 -216(fp),-220(fp),r0
+- bicl3 #0,r0,-220(fp)
+- cmpl -220(fp),-216(fp)
+- bgequ noname.448
+- incl -224(fp)
+-noname.448:
+- movl -220(fp),r3
+- movl -224(fp),r2
+- bbc #31,r2,noname.449
+- incl r7
+-noname.449:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.450
+- incl r2
+-noname.450:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.451
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.451
+- incl r7
+-noname.451:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.452
+- incl r7
+-noname.452:
+-
+- movl 4(ap),r0
+- movl r9,24(r0)
+-
+- clrl r9
+-
+- movl 8(ap),r0
+- movzwl 30(r0),r2
+- bicl3 #-65536,(r0),r3
+- movzwl 2(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,28(r0),-236(fp)
+- bicl3 #-65536,r2,-240(fp)
+- mull3 r1,-236(fp),-228(fp)
+- mull2 r3,-236(fp)
+- mull3 r3,-240(fp),-232(fp)
+- mull2 r1,-240(fp)
+- addl3 -228(fp),-232(fp),r0
+- bicl3 #0,r0,-228(fp)
+- cmpl -228(fp),-232(fp)
+- bgequ noname.453
+- addl2 #65536,-240(fp)
+-noname.453:
+- movzwl -226(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-240(fp)
+- bicl3 #-65536,-228(fp),r0
+- ashl #16,r0,-232(fp)
+- addl3 -232(fp),-236(fp),r0
+- bicl3 #0,r0,-236(fp)
+- cmpl -236(fp),-232(fp)
+- bgequ noname.454
+- incl -240(fp)
+-noname.454:
+- movl -236(fp),r3
+- movl -240(fp),r2
+- bbc #31,r2,noname.455
+- incl r9
+-noname.455:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.456
+- incl r2
+-noname.456:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.457
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.457
+- incl r9
+-noname.457:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.458
+- incl r9
+-noname.458:
+-
+- movl 8(ap),r0
+- movzwl 26(r0),r2
+- bicl3 #-65536,4(r0),r3
+- movzwl 6(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,24(r0),-252(fp)
+- bicl3 #-65536,r2,-256(fp)
+- mull3 r1,-252(fp),-244(fp)
+- mull2 r3,-252(fp)
+- mull3 r3,-256(fp),-248(fp)
+- mull2 r1,-256(fp)
+- addl3 -244(fp),-248(fp),r0
+- bicl3 #0,r0,-244(fp)
+- cmpl -244(fp),-248(fp)
+- bgequ noname.459
+- addl2 #65536,-256(fp)
+-noname.459:
+- movzwl -242(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-256(fp)
+- bicl3 #-65536,-244(fp),r0
+- ashl #16,r0,-248(fp)
+- addl3 -248(fp),-252(fp),r0
+- bicl3 #0,r0,-252(fp)
+- cmpl -252(fp),-248(fp)
+- bgequ noname.460
+- incl -256(fp)
+-noname.460:
+- movl -252(fp),r3
+- movl -256(fp),r2
+- bbc #31,r2,noname.461
+- incl r9
+-noname.461:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.462
+- incl r2
+-noname.462:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.463
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.463
+- incl r9
+-noname.463:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.464
+- incl r9
+-noname.464:
+-
+- movl 8(ap),r0
+- movzwl 22(r0),r2
+- bicl3 #-65536,8(r0),r3
+- movzwl 10(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,20(r0),-268(fp)
+- bicl3 #-65536,r2,-272(fp)
+- mull3 r1,-268(fp),-260(fp)
+- mull2 r3,-268(fp)
+- mull3 r3,-272(fp),-264(fp)
+- mull2 r1,-272(fp)
+- addl3 -260(fp),-264(fp),r0
+- bicl3 #0,r0,-260(fp)
+- cmpl -260(fp),-264(fp)
+- bgequ noname.465
+- addl2 #65536,-272(fp)
+-noname.465:
+- movzwl -258(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-272(fp)
+- bicl3 #-65536,-260(fp),r0
+- ashl #16,r0,-264(fp)
+- addl3 -264(fp),-268(fp),r0
+- bicl3 #0,r0,-268(fp)
+- cmpl -268(fp),-264(fp)
+- bgequ noname.466
+- incl -272(fp)
+-noname.466:
+- movl -268(fp),r3
+- movl -272(fp),r2
+- bbc #31,r2,noname.467
+- incl r9
+-noname.467:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.468
+- incl r2
+-noname.468:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.469
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.469
+- incl r9
+-noname.469:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.470
+- incl r9
+-noname.470:
+-
+- movl 8(ap),r0
+- movzwl 18(r0),r2
+- bicl3 #-65536,12(r0),r3
+- movzwl 14(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,16(r0),-284(fp)
+- bicl3 #-65536,r2,-288(fp)
+- mull3 r1,-284(fp),-276(fp)
+- mull2 r3,-284(fp)
+- mull3 r3,-288(fp),-280(fp)
+- mull2 r1,-288(fp)
+- addl3 -276(fp),-280(fp),r0
+- bicl3 #0,r0,-276(fp)
+- cmpl -276(fp),-280(fp)
+- bgequ noname.471
+- addl2 #65536,-288(fp)
+-noname.471:
+- movzwl -274(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-288(fp)
+- bicl3 #-65536,-276(fp),r0
+- ashl #16,r0,-280(fp)
+- addl3 -280(fp),-284(fp),r0
+- bicl3 #0,r0,-284(fp)
+- cmpl -284(fp),-280(fp)
+- bgequ noname.472
+- incl -288(fp)
+-noname.472:
+- movl -284(fp),r3
+- movl -288(fp),r2
+- bbc #31,r2,noname.473
+- incl r9
+-noname.473:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.474
+- incl r2
+-noname.474:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.475
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.475
+- incl r9
+-noname.475:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.476
+- incl r9
+-noname.476:
+-
+- movl 4(ap),r0
+- movl r8,28(r0)
+-
+- clrl r8
+-
+- movl 8(ap),r3
+- movl 16(r3),r4
+- bicl3 #-65536,r4,r5
+- extzv #16,#16,r4,r0
+- bicl3 #-65536,r0,r4
+- mull3 r5,r4,-292(fp)
+- mull2 r5,r5
+- mull2 r4,r4
+- bicl3 #32767,-292(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r4
+- bicl3 #-65536,-292(fp),r0
+- ashl #17,r0,-292(fp)
+- addl2 -292(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-292(fp)
+- bgequ noname.477
+- incl r4
+-noname.477:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r7
+- bicl2 #0,r7
+- cmpl r7,r1
+- bgequ noname.478
+- incl r2
+-noname.478:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.479
+- incl r8
+-noname.479:
+-
+- bicl3 #-65536,20(r3),r4
+- movzwl 22(r3),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,12(r3),r2
+- movzwl 14(r3),r0
+- bicl2 #-65536,r0
+- movl r4,r6
+- movl r1,r5
+- mull3 r0,r6,-296(fp)
+- mull2 r2,r6
+- mull3 r2,r5,-300(fp)
+- mull2 r0,r5
+- addl3 -296(fp),-300(fp),r0
+- bicl3 #0,r0,-296(fp)
+- cmpl -296(fp),-300(fp)
+- bgequ noname.480
+- addl2 #65536,r5
+-noname.480:
+- movzwl -294(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r5
+- bicl3 #-65536,-296(fp),r0
+- ashl #16,r0,-300(fp)
+- addl2 -300(fp),r6
+- bicl2 #0,r6
+- cmpl r6,-300(fp)
+- bgequ noname.481
+- incl r5
+-noname.481:
+- movl r6,r3
+- movl r5,r2
+- bbc #31,r2,noname.482
+- incl r8
+-noname.482:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.483
+- incl r2
+-noname.483:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r7
+- bicl2 #0,r7
+- cmpl r7,r3
+- bgequ noname.484
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.484
+- incl r8
+-noname.484:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.485
+- incl r8
+-noname.485:
+-
+- movl 8(ap),r0
+- bicl3 #-65536,24(r0),r3
+- movzwl 26(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,8(r0),r2
+- movzwl 10(r0),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-304(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-308(fp)
+- mull2 r0,r4
+- addl3 -304(fp),-308(fp),r0
+- bicl3 #0,r0,-304(fp)
+- cmpl -304(fp),-308(fp)
+- bgequ noname.486
+- addl2 #65536,r4
+-noname.486:
+- movzwl -302(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-304(fp),r0
+- ashl #16,r0,-308(fp)
+- addl2 -308(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-308(fp)
+- bgequ noname.487
+- incl r4
+-noname.487:
+- movl r5,r3
+- movl r4,r2
+- bbc #31,r2,noname.488
+- incl r8
+-noname.488:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.489
+- incl r2
+-noname.489:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r7
+- bicl2 #0,r7
+- cmpl r7,r3
+- bgequ noname.490
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.490
+- incl r8
+-noname.490:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.491
+- incl r8
+-noname.491:
+-
+- movl 8(ap),r0
+- bicl3 #-65536,28(r0),r3
+- movzwl 30(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,4(r0),r2
+- movzwl 6(r0),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-312(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-316(fp)
+- mull2 r0,r4
+- addl3 -312(fp),-316(fp),r0
+- bicl3 #0,r0,-312(fp)
+- cmpl -312(fp),-316(fp)
+- bgequ noname.492
+- addl2 #65536,r4
+-noname.492:
+- movzwl -310(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-312(fp),r0
+- ashl #16,r0,-316(fp)
+- addl2 -316(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-316(fp)
+- bgequ noname.493
+- incl r4
+-noname.493:
+- movl r5,r3
+- movl r4,r2
+- bbc #31,r2,noname.494
+- incl r8
+-noname.494:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.495
+- incl r2
+-noname.495:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r7
+- bicl2 #0,r7
+- cmpl r7,r3
+- bgequ noname.496
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.496
+- incl r8
+-noname.496:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.497
+- incl r8
+-noname.497:
+-
+- movl 4(ap),r0
+- movl r7,32(r0)
+-
+- clrl r7
+-
+- movl 8(ap),r0
+- bicl3 #-65536,28(r0),r3
+- movzwl 30(r0),r2
+- bicl3 #-65536,8(r0),r1
+- movzwl 10(r0),r0
+- bicl2 #-65536,r0
+- movl r3,r4
+- bicl3 #-65536,r2,-328(fp)
+- mull3 r0,r4,-320(fp)
+- mull2 r1,r4
+- mull3 r1,-328(fp),-324(fp)
+- mull2 r0,-328(fp)
+- addl3 -320(fp),-324(fp),r0
+- bicl3 #0,r0,-320(fp)
+- cmpl -320(fp),-324(fp)
+- bgequ noname.498
+- addl2 #65536,-328(fp)
+-noname.498:
+- movzwl -318(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-328(fp)
+- bicl3 #-65536,-320(fp),r0
+- ashl #16,r0,-324(fp)
+- addl2 -324(fp),r4
+- bicl2 #0,r4
+- cmpl r4,-324(fp)
+- bgequ noname.499
+- incl -328(fp)
+-noname.499:
+- movl r4,r3
+- movl -328(fp),r2
+- bbc #31,r2,noname.500
+- incl r7
+-noname.500:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.501
+- incl r2
+-noname.501:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.502
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.502
+- incl r7
+-noname.502:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.503
+- incl r7
+-noname.503:
+-
+- movl 8(ap),r0
+- movzwl 26(r0),r2
+- bicl3 #-65536,12(r0),r3
+- movzwl 14(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,24(r0),-340(fp)
+- bicl3 #-65536,r2,-344(fp)
+- mull3 r1,-340(fp),-332(fp)
+- mull2 r3,-340(fp)
+- mull3 r3,-344(fp),-336(fp)
+- mull2 r1,-344(fp)
+- addl3 -332(fp),-336(fp),r0
+- bicl3 #0,r0,-332(fp)
+- cmpl -332(fp),-336(fp)
+- bgequ noname.504
+- addl2 #65536,-344(fp)
+-noname.504:
+- movzwl -330(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-344(fp)
+- bicl3 #-65536,-332(fp),r0
+- ashl #16,r0,-336(fp)
+- addl3 -336(fp),-340(fp),r0
+- bicl3 #0,r0,-340(fp)
+- cmpl -340(fp),-336(fp)
+- bgequ noname.505
+- incl -344(fp)
+-noname.505:
+- movl -340(fp),r3
+- movl -344(fp),r2
+- bbc #31,r2,noname.506
+- incl r7
+-noname.506:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.507
+- incl r2
+-noname.507:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.508
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.508
+- incl r7
+-noname.508:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.509
+- incl r7
+-noname.509:
+-
+- movl 8(ap),r0
+- movzwl 22(r0),r2
+- bicl3 #-65536,16(r0),r3
+- movzwl 18(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,20(r0),-356(fp)
+- bicl3 #-65536,r2,-360(fp)
+- mull3 r1,-356(fp),-348(fp)
+- mull2 r3,-356(fp)
+- mull3 r3,-360(fp),-352(fp)
+- mull2 r1,-360(fp)
+- addl3 -348(fp),-352(fp),r0
+- bicl3 #0,r0,-348(fp)
+- cmpl -348(fp),-352(fp)
+- bgequ noname.510
+- addl2 #65536,-360(fp)
+-noname.510:
+- movzwl -346(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-360(fp)
+- bicl3 #-65536,-348(fp),r0
+- ashl #16,r0,-352(fp)
+- addl3 -352(fp),-356(fp),r0
+- bicl3 #0,r0,-356(fp)
+- cmpl -356(fp),-352(fp)
+- bgequ noname.511
+- incl -360(fp)
+-noname.511:
+- movl -356(fp),r3
+- movl -360(fp),r2
+- bbc #31,r2,noname.512
+- incl r7
+-noname.512:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.513
+- incl r2
+-noname.513:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.514
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.514
+- incl r7
+-noname.514:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.515
+- incl r7
+-noname.515:
+-
+- movl 4(ap),r0
+- movl r9,36(r0)
+-
+- clrl r9
+-
+- movl 8(ap),r3
+- movl 20(r3),r4
+- bicl3 #-65536,r4,-364(fp)
+- extzv #16,#16,r4,r0
+- bicl3 #-65536,r0,r4
+- movl -364(fp),r0
+- mull3 r0,r4,-368(fp)
+- mull3 r0,r0,-364(fp)
+- mull2 r4,r4
+- bicl3 #32767,-368(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r4
+- bicl3 #-65536,-368(fp),r0
+- ashl #17,r0,-368(fp)
+- addl3 -364(fp),-368(fp),r0
+- bicl3 #0,r0,-364(fp)
+- cmpl -364(fp),-368(fp)
+- bgequ noname.516
+- incl r4
+-noname.516:
+- movl -364(fp),r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.517
+- incl r2
+-noname.517:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.518
+- incl r9
+-noname.518:
+-
+- bicl3 #-65536,24(r3),r4
+- movzwl 26(r3),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,16(r3),r2
+- movzwl 18(r3),r0
+- bicl2 #-65536,r0
+- movl r4,r6
+- movl r1,r5
+- mull3 r0,r6,-372(fp)
+- mull2 r2,r6
+- mull3 r2,r5,-376(fp)
+- mull2 r0,r5
+- addl3 -372(fp),-376(fp),r0
+- bicl3 #0,r0,-372(fp)
+- cmpl -372(fp),-376(fp)
+- bgequ noname.519
+- addl2 #65536,r5
+-noname.519:
+- movzwl -370(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r5
+- bicl3 #-65536,-372(fp),r0
+- ashl #16,r0,-376(fp)
+- addl2 -376(fp),r6
+- bicl2 #0,r6
+- cmpl r6,-376(fp)
+- bgequ noname.520
+- incl r5
+-noname.520:
+- movl r6,r3
+- movl r5,r2
+- bbc #31,r2,noname.521
+- incl r9
+-noname.521:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.522
+- incl r2
+-noname.522:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.523
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.523
+- incl r9
+-noname.523:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.524
+- incl r9
+-noname.524:
+-
+- movl 8(ap),r0
+- bicl3 #-65536,28(r0),r3
+- movzwl 30(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,12(r0),r2
+- movzwl 14(r0),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-380(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-384(fp)
+- mull2 r0,r4
+- addl3 -380(fp),-384(fp),r0
+- bicl3 #0,r0,-380(fp)
+- cmpl -380(fp),-384(fp)
+- bgequ noname.525
+- addl2 #65536,r4
+-noname.525:
+- movzwl -378(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-380(fp),r0
+- ashl #16,r0,-384(fp)
+- addl2 -384(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-384(fp)
+- bgequ noname.526
+- incl r4
+-noname.526:
+- movl r5,r3
+- movl r4,r2
+- bbc #31,r2,noname.527
+- incl r9
+-noname.527:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.528
+- incl r2
+-noname.528:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.529
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.529
+- incl r9
+-noname.529:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.530
+- incl r9
+-noname.530:
+- movl 4(ap),r0
+- movl r8,40(r0)
+-
+- clrl r8
+-
+- movl 8(ap),r0
+- bicl3 #-65536,28(r0),r3
+- movzwl 30(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,16(r0),r2
+- movzwl 18(r0),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-388(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-392(fp)
+- mull2 r0,r4
+- addl3 -388(fp),-392(fp),r0
+- bicl3 #0,r0,-388(fp)
+- cmpl -388(fp),-392(fp)
+- bgequ noname.531
+- addl2 #65536,r4
+-noname.531:
+- movzwl -386(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-388(fp),r0
+- ashl #16,r0,-392(fp)
+- addl2 -392(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-392(fp)
+- bgequ noname.532
+- incl r4
+-noname.532:
+- movl r5,r3
+- movl r4,r2
+- bbc #31,r2,noname.533
+- incl r8
+-noname.533:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.534
+- incl r2
+-noname.534:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r7
+- bicl2 #0,r7
+- cmpl r7,r3
+- bgequ noname.535
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.535
+- incl r8
+-noname.535:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.536
+- incl r8
+-noname.536:
+-
+- movl 8(ap),r0
+- bicl3 #-65536,24(r0),r3
+- movzwl 26(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,20(r0),r2
+- movzwl 22(r0),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-396(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-400(fp)
+- mull2 r0,r4
+- addl3 -396(fp),-400(fp),r0
+- bicl3 #0,r0,-396(fp)
+- cmpl -396(fp),-400(fp)
+- bgequ noname.537
+- addl2 #65536,r4
+-noname.537:
+- movzwl -394(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-396(fp),r0
+- ashl #16,r0,-400(fp)
+- addl2 -400(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-400(fp)
+- bgequ noname.538
+- incl r4
+-noname.538:
+- movl r5,r3
+- movl r4,r2
+- bbc #31,r2,noname.539
+- incl r8
+-noname.539:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.540
+- incl r2
+-noname.540:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r7
+- bicl2 #0,r7
+- cmpl r7,r3
+- bgequ noname.541
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.541
+- incl r8
+-noname.541:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.542
+- incl r8
+-noname.542:
+-
+- movl 4(ap),r0
+- movl r7,44(r0)
+-
+- clrl r7
+-
+- movl 8(ap),r3
+- movl 24(r3),r4
+- bicl3 #-65536,r4,r5
+- extzv #16,#16,r4,r0
+- bicl3 #-65536,r0,r4
+- mull3 r5,r4,-404(fp)
+- mull2 r5,r5
+- mull2 r4,r4
+- bicl3 #32767,-404(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r4
+- bicl3 #-65536,-404(fp),r0
+- ashl #17,r0,-404(fp)
+- addl2 -404(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-404(fp)
+- bgequ noname.543
+- incl r4
+-noname.543:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.544
+- incl r2
+-noname.544:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.545
+- incl r7
+-noname.545:
+-
+- movzwl 30(r3),r2
+- bicl3 #-65536,20(r3),r1
+- movzwl 22(r3),r0
+- bicl2 #-65536,r0
+- bicl3 #-65536,28(r3),-416(fp)
+- bicl3 #-65536,r2,-420(fp)
+- mull3 r0,-416(fp),-408(fp)
+- mull2 r1,-416(fp)
+- mull3 r1,-420(fp),-412(fp)
+- mull2 r0,-420(fp)
+- addl3 -408(fp),-412(fp),r0
+- bicl3 #0,r0,-408(fp)
+- cmpl -408(fp),-412(fp)
+- bgequ noname.546
+- addl2 #65536,-420(fp)
+-noname.546:
+- movzwl -406(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-420(fp)
+- bicl3 #-65536,-408(fp),r0
+- ashl #16,r0,-412(fp)
+- addl3 -412(fp),-416(fp),r0
+- bicl3 #0,r0,-416(fp)
+- cmpl -416(fp),-412(fp)
+- bgequ noname.547
+- incl -420(fp)
+-noname.547:
+- movl -416(fp),r3
+- movl -420(fp),r2
+- bbc #31,r2,noname.548
+- incl r7
+-noname.548:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.549
+- incl r2
+-noname.549:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.550
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.550
+- incl r7
+-noname.550:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.551
+- incl r7
+-noname.551:
+-
+- movl 4(ap),r0
+- movl r9,48(r0)
+-
+- clrl r9
+-
+- movl 8(ap),r0
+- movzwl 30(r0),r2
+- bicl3 #-65536,24(r0),r3
+- movzwl 26(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,28(r0),-432(fp)
+- bicl3 #-65536,r2,-436(fp)
+- mull3 r1,-432(fp),-424(fp)
+- mull2 r3,-432(fp)
+- mull3 r3,-436(fp),-428(fp)
+- mull2 r1,-436(fp)
+- addl3 -424(fp),-428(fp),r0
+- bicl3 #0,r0,-424(fp)
+- cmpl -424(fp),-428(fp)
+- bgequ noname.552
+- addl2 #65536,-436(fp)
+-noname.552:
+- movzwl -422(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,-436(fp)
+- bicl3 #-65536,-424(fp),r0
+- ashl #16,r0,-428(fp)
+- addl3 -428(fp),-432(fp),r0
+- bicl3 #0,r0,-432(fp)
+- cmpl -432(fp),-428(fp)
+- bgequ noname.553
+- incl -436(fp)
+-noname.553:
+- movl -432(fp),r3
+- movl -436(fp),r2
+- bbc #31,r2,noname.554
+- incl r9
+-noname.554:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.555
+- incl r2
+-noname.555:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.556
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.556
+- incl r9
+-noname.556:
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.557
+- incl r9
+-noname.557:
+-
+- movl 4(ap),r4
+- movl r8,52(r4)
+-
+- clrl r8
+-
+- movl 8(ap),r0
+- movl 28(r0),r3
+- bicl3 #-65536,r3,-440(fp)
+- extzv #16,#16,r3,r0
+- bicl3 #-65536,r0,r3
+- movl -440(fp),r0
+- mull3 r0,r3,-444(fp)
+- mull3 r0,r0,-440(fp)
+- mull2 r3,r3
+- bicl3 #32767,-444(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r3
+- bicl3 #-65536,-444(fp),r0
+- ashl #17,r0,-444(fp)
+- addl3 -440(fp),-444(fp),r0
+- bicl3 #0,r0,-440(fp)
+- cmpl -440(fp),-444(fp)
+- bgequ noname.558
+- incl r3
+-noname.558:
+- movl -440(fp),r1
+- movl r3,r2
+- addl2 r1,r7
+- bicl2 #0,r7
+- cmpl r7,r1
+- bgequ noname.559
+- incl r2
+-noname.559:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.560
+- incl r8
+-noname.560:
+-
+- movl r7,56(r4)
+-
+- movl r9,60(r4)
+-
+- ret
+-
+-�
+-
+-;r=4 ;(AP)
+-;a=8 ;(AP)
+-;b=12 ;(AP)
+-;n=16 ;(AP) n by value (input)
+-
+- .psect code,nowrt
+-
+-.entry BN_SQR_COMBA4,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10>
+- subl2 #44,sp
+-
+- clrq r8
+-
+- clrl r10
+-
+- movl 8(ap),r5
+- movl (r5),r3
+- bicl3 #-65536,r3,r4
+- extzv #16,#16,r3,r0
+- bicl3 #-65536,r0,r3
+- mull3 r4,r3,-4(fp)
+- mull2 r4,r4
+- mull2 r3,r3
+- bicl3 #32767,-4(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r3
+- bicl3 #-65536,-4(fp),r0
+- ashl #17,r0,-4(fp)
+- addl2 -4(fp),r4
+- bicl2 #0,r4
+- cmpl r4,-4(fp)
+- bgequ noname.563
+- incl r3
+-noname.563:
+- movl r4,r1
+- movl r3,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.564
+- incl r2
+-noname.564:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.565
+- incl r10
+-noname.565:
+-
+- movl r9, at 4(ap)
+-
+- clrl r9
+-
+- bicl3 #-65536,4(r5),r3
+- movzwl 6(r5),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,(r5),r2
+- movzwl 2(r5),r0
+- bicl2 #-65536,r0
+- movl r3,r6
+- movl r1,r4
+- mull3 r0,r6,-8(fp)
+- mull2 r2,r6
+- mull2 r4,r2
+- mull2 r0,r4
+- addl3 -8(fp),r2,r0
+- bicl3 #0,r0,-8(fp)
+- cmpl -8(fp),r2
+- bgequ noname.566
+- addl2 #65536,r4
+-noname.566:
+- movzwl -6(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-8(fp),r0
+- ashl #16,r0,r1
+- addl2 r1,r6
+- bicl2 #0,r6
+- cmpl r6,r1
+- bgequ noname.567
+- incl r4
+-noname.567:
+- movl r6,r3
+- movl r4,r2
+- bbc #31,r2,noname.568
+- incl r9
+-noname.568:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.569
+- incl r2
+-noname.569:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.570
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.570
+- incl r9
+-noname.570:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.571
+- incl r9
+-noname.571:
+-
+- movl 4(ap),r0
+- movl r8,4(r0)
+-
+- clrl r8
+-
+- movl 8(ap),r4
+- movl 4(r4),r3
+- bicl3 #-65536,r3,r5
+- extzv #16,#16,r3,r0
+- bicl3 #-65536,r0,r3
+- mull3 r5,r3,r1
+- mull2 r5,r5
+- mull2 r3,r3
+- bicl3 #32767,r1,r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r3
+- bicl2 #-65536,r1
+- ashl #17,r1,r1
+- addl2 r1,r5
+- bicl2 #0,r5
+- cmpl r5,r1
+- bgequ noname.572
+- incl r3
+-noname.572:
+- movl r5,r1
+- movl r3,r2
+- addl2 r1,r10
+- bicl2 #0,r10
+- cmpl r10,r1
+- bgequ noname.573
+- incl r2
+-noname.573:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.574
+- incl r8
+-noname.574:
+-
+- bicl3 #-65536,8(r4),r3
+- movzwl 10(r4),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,(r4),r2
+- movzwl 2(r4),r0
+- bicl2 #-65536,r0
+- movl r3,r6
+- movl r1,r5
+- mull3 r0,r6,r7
+- mull2 r2,r6
+- mull2 r5,r2
+- mull2 r0,r5
+- addl2 r2,r7
+- bicl2 #0,r7
+- cmpl r7,r2
+- bgequ noname.575
+- addl2 #65536,r5
+-noname.575:
+- extzv #16,#16,r7,r0
+- bicl2 #-65536,r0
+- addl2 r0,r5
+- bicl3 #-65536,r7,r0
+- ashl #16,r0,r1
+- addl2 r1,r6
+- bicl2 #0,r6
+- cmpl r6,r1
+- bgequ noname.576
+- incl r5
+-noname.576:
+- movl r6,r3
+- movl r5,r2
+- bbc #31,r2,noname.577
+- incl r8
+-noname.577:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.578
+- incl r2
+-noname.578:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r10
+- bicl2 #0,r10
+- cmpl r10,r3
+- bgequ noname.579
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.579
+- incl r8
+-noname.579:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.580
+- incl r8
+-noname.580:
+-
+- movl 4(ap),r0
+- movl r10,8(r0)
+-
+- clrl r10
+-
+- movl 8(ap),r0
+- bicl3 #-65536,12(r0),r3
+- movzwl 14(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,(r0),r2
+- movzwl 2(r0),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,r6
+- mull2 r2,r5
+- mull3 r2,r4,-12(fp)
+- mull2 r0,r4
+- addl2 -12(fp),r6
+- bicl2 #0,r6
+- cmpl r6,-12(fp)
+- bgequ noname.581
+- addl2 #65536,r4
+-noname.581:
+- extzv #16,#16,r6,r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,r6,r0
+- ashl #16,r0,-12(fp)
+- addl2 -12(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-12(fp)
+- bgequ noname.582
+- incl r4
+-noname.582:
+- movl r5,r3
+- movl r4,r2
+- bbc #31,r2,noname.583
+- incl r10
+-noname.583:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.584
+- incl r2
+-noname.584:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.585
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.585
+- incl r10
+-noname.585:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.586
+- incl r10
+-noname.586:
+-
+- movl 8(ap),r0
+- bicl3 #-65536,8(r0),r3
+- movzwl 10(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,4(r0),r2
+- movzwl 6(r0),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-16(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-20(fp)
+- mull2 r0,r4
+- addl3 -16(fp),-20(fp),r0
+- bicl3 #0,r0,-16(fp)
+- cmpl -16(fp),-20(fp)
+- bgequ noname.587
+- addl2 #65536,r4
+-noname.587:
+- movzwl -14(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-16(fp),r0
+- ashl #16,r0,-20(fp)
+- addl2 -20(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-20(fp)
+- bgequ noname.588
+- incl r4
+-noname.588:
+- movl r5,r3
+- movl r4,r2
+- bbc #31,r2,noname.589
+- incl r10
+-noname.589:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.590
+- incl r2
+-noname.590:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r9
+- bicl2 #0,r9
+- cmpl r9,r3
+- bgequ noname.591
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.591
+- incl r10
+-noname.591:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.592
+- incl r10
+-noname.592:
+- movl 4(ap),r0
+- movl r9,12(r0)
+-
+- clrl r9
+-
+- movl 8(ap),r3
+- movl 8(r3),r4
+- bicl3 #-65536,r4,r5
+- extzv #16,#16,r4,r0
+- bicl3 #-65536,r0,r4
+- mull3 r5,r4,-24(fp)
+- mull2 r5,r5
+- mull2 r4,r4
+- bicl3 #32767,-24(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r4
+- bicl3 #-65536,-24(fp),r0
+- ashl #17,r0,-24(fp)
+- addl2 -24(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-24(fp)
+- bgequ noname.593
+- incl r4
+-noname.593:
+- movl r5,r1
+- movl r4,r2
+- addl2 r1,r8
+- bicl2 #0,r8
+- cmpl r8,r1
+- bgequ noname.594
+- incl r2
+-noname.594:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.595
+- incl r9
+-noname.595:
+-
+- bicl3 #-65536,12(r3),r4
+- movzwl 14(r3),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,4(r3),r2
+- movzwl 6(r3),r0
+- bicl2 #-65536,r0
+- movl r4,r6
+- movl r1,r5
+- mull3 r0,r6,-28(fp)
+- mull2 r2,r6
+- mull3 r2,r5,-32(fp)
+- mull2 r0,r5
+- addl3 -28(fp),-32(fp),r0
+- bicl3 #0,r0,-28(fp)
+- cmpl -28(fp),-32(fp)
+- bgequ noname.596
+- addl2 #65536,r5
+-noname.596:
+- movzwl -26(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r5
+- bicl3 #-65536,-28(fp),r0
+- ashl #16,r0,-32(fp)
+- addl2 -32(fp),r6
+- bicl2 #0,r6
+- cmpl r6,-32(fp)
+- bgequ noname.597
+- incl r5
+-noname.597:
+- movl r6,r3
+- movl r5,r2
+- bbc #31,r2,noname.598
+- incl r9
+-noname.598:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.599
+- incl r2
+-noname.599:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r8
+- bicl2 #0,r8
+- cmpl r8,r3
+- bgequ noname.600
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.600
+- incl r9
+-noname.600:
+- addl2 r2,r10
+- bicl2 #0,r10
+- cmpl r10,r2
+- bgequ noname.601
+- incl r9
+-noname.601:
+-
+- movl 4(ap),r0
+- movl r8,16(r0)
+-
+- clrl r8
+-
+- movl 8(ap),r0
+- bicl3 #-65536,12(r0),r3
+- movzwl 14(r0),r1
+- bicl2 #-65536,r1
+- bicl3 #-65536,8(r0),r2
+- movzwl 10(r0),r0
+- bicl2 #-65536,r0
+- movl r3,r5
+- movl r1,r4
+- mull3 r0,r5,-36(fp)
+- mull2 r2,r5
+- mull3 r2,r4,-40(fp)
+- mull2 r0,r4
+- addl3 -36(fp),-40(fp),r0
+- bicl3 #0,r0,-36(fp)
+- cmpl -36(fp),-40(fp)
+- bgequ noname.602
+- addl2 #65536,r4
+-noname.602:
+- movzwl -34(fp),r0
+- bicl2 #-65536,r0
+- addl2 r0,r4
+- bicl3 #-65536,-36(fp),r0
+- ashl #16,r0,-40(fp)
+- addl2 -40(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-40(fp)
+- bgequ noname.603
+- incl r4
+-noname.603:
+- movl r5,r3
+- movl r4,r2
+- bbc #31,r2,noname.604
+- incl r8
+-noname.604:
+- addl2 r2,r2
+- bicl2 #0,r2
+- bbc #31,r3,noname.605
+- incl r2
+-noname.605:
+- addl2 r3,r3
+- bicl2 #0,r3
+- addl2 r3,r10
+- bicl2 #0,r10
+- cmpl r10,r3
+- bgequ noname.606
+- incl r2
+- bicl3 #0,r2,r0
+- bneq noname.606
+- incl r8
+-noname.606:
+- addl2 r2,r9
+- bicl2 #0,r9
+- cmpl r9,r2
+- bgequ noname.607
+- incl r8
+-noname.607:
+-
+- movl 4(ap),r4
+- movl r10,20(r4)
+-
+- clrl r10
+-
+- movl 8(ap),r0
+- movl 12(r0),r3
+- bicl3 #-65536,r3,r5
+- extzv #16,#16,r3,r0
+- bicl3 #-65536,r0,r3
+- mull3 r5,r3,-44(fp)
+- mull2 r5,r5
+- mull2 r3,r3
+- bicl3 #32767,-44(fp),r0
+- extzv #15,#17,r0,r0
+- addl2 r0,r3
+- bicl3 #-65536,-44(fp),r0
+- ashl #17,r0,-44(fp)
+- addl2 -44(fp),r5
+- bicl2 #0,r5
+- cmpl r5,-44(fp)
+- bgequ noname.608
+- incl r3
+-noname.608:
+- movl r5,r1
+- movl r3,r2
+- addl2 r1,r9
+- bicl2 #0,r9
+- cmpl r9,r1
+- bgequ noname.609
+- incl r2
+-noname.609:
+- addl2 r2,r8
+- bicl2 #0,r8
+- cmpl r8,r2
+- bgequ noname.610
+- incl r10
+-noname.610:
+-
+- movl r9,24(r4)
+-
+- movl r8,28(r4)
+-
+- ret
+-
+-; For now, the code below doesn't work, so I end this prematurely.
+-.end
+diff --git a/crypto/bn/asm/x86-gf2m.pl b/crypto/bn/asm/x86-gf2m.pl
+index 0292178..f464368 100644
+--- a/crypto/bn/asm/x86-gf2m.pl
++++ b/crypto/bn/asm/x86-gf2m.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/x86-mont.pl b/crypto/bn/asm/x86-mont.pl
+index 7c4e0b2..9994b0b 100755
+--- a/crypto/bn/asm/x86-mont.pl
++++ b/crypto/bn/asm/x86-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/bn/asm/x86.pl b/crypto/bn/asm/x86.pl
+index c1cab72..d57571d 100644
+--- a/crypto/bn/asm/x86.pl
++++ b/crypto/bn/asm/x86.pl
+@@ -1,4 +1,10 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ push(@INC,"perlasm","../../perlasm");
+ require "x86asm.pl";
+diff --git a/crypto/bn/asm/x86_64-gcc.c b/crypto/bn/asm/x86_64-gcc.c
+index d77dc43..d46109a 100644
+--- a/crypto/bn/asm/x86_64-gcc.c
++++ b/crypto/bn/asm/x86_64-gcc.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include "../bn_lcl.h"
+ #if !(defined(__GNUC__) && __GNUC__>=2)
+ # include "../bn_asm.c" /* kind of dirty hack for Sun Studio */
+diff --git a/crypto/bn/asm/x86_64-gf2m.pl b/crypto/bn/asm/x86_64-gf2m.pl
+index 42bbec2..7842311 100644
+--- a/crypto/bn/asm/x86_64-gf2m.pl
++++ b/crypto/bn/asm/x86_64-gf2m.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
+index 3e0a78e..d44cfae 100755
+--- a/crypto/bn/asm/x86_64-mont.pl
++++ b/crypto/bn/asm/x86_64-mont.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
+index aa6a5d1..7a7a2e6 100755
+--- a/crypto/bn/asm/x86_64-mont5.pl
++++ b/crypto/bn/asm/x86_64-mont5.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/bn/bn_add.c b/crypto/bn/bn_add.c
+index 3e7d86b..d44e8f7 100644
+--- a/crypto/bn/bn_add.c
++++ b/crypto/bn/bn_add.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_asm.c b/crypto/bn/bn_asm.c
+index 4c67d28..39c6c21 100644
+--- a/crypto/bn/bn_asm.c
++++ b/crypto/bn/bn_asm.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <assert.h>
+diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c
+index 81b895c..24d1383 100644
+--- a/crypto/bn/bn_blind.c
++++ b/crypto/bn/bn_blind.c
+@@ -1,116 +1,14 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+ #include "internal/cryptlib.h"
+-#include "internal/threads.h"
+ #include "bn_lcl.h"
+
+ #define BN_BLINDING_COUNTER 32
+diff --git a/crypto/bn/bn_const.c b/crypto/bn/bn_const.c
+index 881b4cc..39dd612 100644
+--- a/crypto/bn/bn_const.c
++++ b/crypto/bn/bn_const.c
+@@ -1,4 +1,11 @@
+-/* Insert boilerplate */
++/*
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ #include <openssl/bn.h>
+
+diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
+index 700234b..68c0468 100644
+--- a/crypto/bn/bn_ctx.c
++++ b/crypto/bn/bn_ctx.c
+@@ -1,56 +1,10 @@
+-/* Written by Ulf Moeller for the OpenSSL project. */
+-/* ====================================================================
+- * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_depr.c b/crypto/bn/bn_depr.c
+index debed8d..de54d5e 100644
+--- a/crypto/bn/bn_depr.c
++++ b/crypto/bn/bn_depr.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/bn/bn_dh.c b/crypto/bn/bn_dh.c
+index ad4a16e..17d0559 100644
+--- a/crypto/bn/bn_dh.c
++++ b/crypto/bn/bn_dh.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2011.
+- */
+-/* ====================================================================
+- * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "bn_lcl.h"
+diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c
+index 486a31d..eef1b87 100644
+--- a/crypto/bn/bn_div.c
++++ b/crypto/bn/bn_div.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/bn.h>
+@@ -326,6 +278,9 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
+ res->top--;
+ }
+
++ /* Increase the resp pointer so that we never create an invalid pointer. */
++ resp++;
++
+ /*
+ * if res->top == 0 then clear the neg value otherwise decrease the resp
+ * pointer
+@@ -335,7 +290,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
+ else
+ resp--;
+
+- for (i = 0; i < loop - 1; i++, wnump--, resp--) {
++ for (i = 0; i < loop - 1; i++, wnump--) {
+ BN_ULONG q, l0;
+ /*
+ * the first part of the loop uses the top two words of snum and sdiv
+@@ -441,6 +396,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
+ (*wnump)++;
+ }
+ /* store part of the result */
++ resp--;
+ *resp = q;
+ }
+ bn_correct_top(snum);
+diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c
+index 7412859..a71b265 100644
+--- a/crypto/bn/bn_err.c
++++ b/crypto/bn/bn_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -82,10 +32,8 @@ static ERR_STRING_DATA BN_str_functs[] = {
+ {ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"},
+ {ERR_FUNC(BN_F_BN_CTX_START), "BN_CTX_start"},
+ {ERR_FUNC(BN_F_BN_DIV), "BN_div"},
+- {ERR_FUNC(BN_F_BN_DIV_NO_BRANCH), "BN_div_no_branch"},
+ {ERR_FUNC(BN_F_BN_DIV_RECP), "BN_div_recp"},
+ {ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
+- {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"},
+ {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "bn_expand_internal"},
+ {ERR_FUNC(BN_F_BN_GENCB_NEW), "BN_GENCB_new"},
+ {ERR_FUNC(BN_F_BN_GENERATE_DSA_NONCE), "BN_generate_dsa_nonce"},
+@@ -107,7 +55,6 @@ static ERR_STRING_DATA BN_str_functs[] = {
+ {ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"},
+ {ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH), "BN_mod_inverse_no_branch"},
+ {ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"},
+- {ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL), "BN_mod_mul_reciprocal"},
+ {ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"},
+ {ERR_FUNC(BN_F_BN_MPI2BN), "BN_mpi2bn"},
+ {ERR_FUNC(BN_F_BN_NEW), "BN_new"},
+diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
+index c5e579c..d334cf7 100644
+--- a/crypto/bn/bn_exp.c
++++ b/crypto/bn/bn_exp.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+@@ -628,6 +527,14 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
+ {
+ int i, j;
+ int width = 1 << window;
++ /*
++ * We declare table 'volatile' in order to discourage compiler
++ * from reordering loads from the table. Concern is that if
++ * reordered in specific manner loads might give away the
++ * information we are trying to conceal. Some would argue that
++ * compiler can reorder them anyway, but it can as well be
++ * argued that doing so would be violation of standard...
++ */
+ volatile BN_ULONG *table = (volatile BN_ULONG *)buf;
+
+ if (bn_wexpand(b, top) == NULL)
+diff --git a/crypto/bn/bn_exp2.c b/crypto/bn/bn_exp2.c
+index f836158..5141c21 100644
+--- a/crypto/bn/bn_exp2.c
++++ b/crypto/bn/bn_exp2.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c
+index a6e909d..1039e76 100644
+--- a/crypto/bn/bn_gcd.c
++++ b/crypto/bn/bn_gcd.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c
+index 84837a0..003c15b 100644
+--- a/crypto/bn/bn_gf2m.c
++++ b/crypto/bn/bn_gf2m.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -7,85 +16,6 @@
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+- *
+- * In addition, Sun covenants to all licensees who provide a reciprocal
+- * covenant with respect to their own patents if any, not to sue under
+- * current and future patent claims necessarily infringed by the making,
+- * using, practicing, selling, offering for sale and/or otherwise
+- * disposing of the ECC Code as delivered hereunder (or portions thereof),
+- * provided that such covenant shall not apply:
+- * 1) for code that a licensee deletes from the ECC Code;
+- * 2) separates from the ECC Code; or
+- * 3) for infringements caused by:
+- * i) the modification of the ECC Code or
+- * ii) the combination of the ECC Code with other software or
+- * devices where such combination causes the infringement.
+- *
+- * The software is originally written by Sheueling Chang Shantz and
+- * Douglas Stebila of Sun Microsystems Laboratories.
+- *
+- */
+-
+-/*
+- * NOTE: This file is licensed pursuant to the OpenSSL license below and may
+- * be modified; but after modifications, the above covenant may no longer
+- * apply! In such cases, the corresponding paragraph ["In addition, Sun
+- * covenants ... causes the infringement."] and this note can be edited out;
+- * but please keep the Sun copyright notice and attribution.
+- */
+-
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+ */
+
+ #include <assert.h>
+diff --git a/crypto/bn/bn_intern.c b/crypto/bn/bn_intern.c
+index abc8fc4..9227b6e 100644
+--- a/crypto/bn/bn_intern.c
++++ b/crypto/bn/bn_intern.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_kron.c b/crypto/bn/bn_kron.c
+index 4477bec..b9bc6cc 100644
+--- a/crypto/bn/bn_kron.c
++++ b/crypto/bn/bn_kron.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h
+index 412740d..ebf17b0 100644
+--- a/crypto/bn/bn_lcl.h
++++ b/crypto/bn/bn_lcl.h
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_BN_LCL_H
+diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
+index 4b37906..ccdefb3 100644
+--- a/crypto/bn/bn_lib.c
++++ b/crypto/bn/bn_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <assert.h>
+@@ -839,9 +791,9 @@ int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
+
+ /*
+ * Here follows a specialised variants of bn_cmp_words(). It has the
+- * property of performing the operation on arrays of different sizes. The
++ * capability of performing the operation on arrays of different sizes. The
+ * sizes of those arrays is expressed through cl, which is the common length
+- * ( basicall, min(len(a),len(b)) ), and dl, which is the delta between the
++ * ( basically, min(len(a),len(b)) ), and dl, which is the delta between the
+ * two lengths, calculated as len(a)-len(b). All lengths are the number of
+ * BN_ULONGs...
+ */
+@@ -1070,9 +1022,11 @@ void bn_correct_top(BIGNUM *a)
+ int tmp_top = a->top;
+
+ if (tmp_top > 0) {
+- for (ftl = &(a->d[tmp_top - 1]); tmp_top > 0; tmp_top--)
+- if (*(ftl--))
++ for (ftl = &(a->d[tmp_top]); tmp_top > 0; tmp_top--) {
++ ftl--;
++ if (*ftl != 0)
+ break;
++ }
+ a->top = tmp_top;
+ }
+ bn_pollute(a);
+diff --git a/crypto/bn/bn_mod.c b/crypto/bn/bn_mod.c
+index 99789b9..13b583f 100644
+--- a/crypto/bn/bn_mod.c
++++ b/crypto/bn/bn_mod.c
+@@ -1,115 +1,10 @@
+ /*
+- * Includes code written by Lenka Fibikova <fibikova at exp-math.uni-essen.de>
+- * for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
+index dfa395a..6d37279 100644
+--- a/crypto/bn/bn_mont.c
++++ b/crypto/bn/bn_mont.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/bn/bn_mpi.c b/crypto/bn/bn_mpi.c
+index 80d105d..043e21d 100644
+--- a/crypto/bn/bn_mpi.c
++++ b/crypto/bn/bn_mpi.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -87,41 +39,48 @@ int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
+ return (num + 4 + ext);
+ }
+
+-BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
++BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *ain)
+ {
+ long len;
+ int neg = 0;
++ BIGNUM *a = NULL;
+
+ if (n < 4) {
+ BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH);
+- return (NULL);
++ return NULL;
+ }
+ len = ((long)d[0] << 24) | ((long)d[1] << 16) | ((int)d[2] << 8) | (int)
+ d[3];
+ if ((len + 4) != n) {
+ BNerr(BN_F_BN_MPI2BN, BN_R_ENCODING_ERROR);
+- return (NULL);
++ return NULL;
+ }
+
+- if (a == NULL)
++ if (ain == NULL)
+ a = BN_new();
++ else
++ a = ain;
++
+ if (a == NULL)
+- return (NULL);
++ return NULL;
+
+ if (len == 0) {
+ a->neg = 0;
+ a->top = 0;
+- return (a);
++ return a;
+ }
+ d += 4;
+ if ((*d) & 0x80)
+ neg = 1;
+- if (BN_bin2bn(d, (int)len, a) == NULL)
+- return (NULL);
++ if (BN_bin2bn(d, (int)len, a) == NULL) {
++ if (ain == NULL)
++ BN_free(a);
++ return NULL;
++ }
+ a->neg = neg;
+ if (neg) {
+ BN_clear_bit(a, BN_num_bits(a) - 1);
+ }
+ bn_check_top(a);
+- return (a);
++ return a;
+ }
+diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
+index 0d2a743..66139ed 100644
+--- a/crypto/bn/bn_mul.c
++++ b/crypto/bn/bn_mul.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <assert.h>
+diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c
+index 35d0eef..53598f9 100644
+--- a/crypto/bn/bn_nist.c
++++ b/crypto/bn/bn_nist.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "bn_lcl.h"
+diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
+index a5887d9..bdfa558 100644
+--- a/crypto/bn/bn_prime.c
++++ b/crypto/bn/bn_prime.c
+@@ -1,111 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * WARNING: do not edit!
++ * Generated by crypto/bn/bn_prime.pl
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -208,9 +109,6 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
+ prime_t *mods = NULL;
+ int checks = BN_prime_checks_for_size(bits);
+
+- mods = OPENSSL_zalloc(sizeof(*mods) * NUMPRIMES);
+- if (mods == NULL)
+- goto err;
+ if (bits < 2) {
+ /* There are no prime numbers this small. */
+ BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL);
+@@ -221,6 +119,10 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
+ return 0;
+ }
+
++ mods = OPENSSL_zalloc(sizeof(*mods) * NUMPRIMES);
++ if (mods == NULL)
++ goto err;
++
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ goto err;
+diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h
+index 6f6949c..41440fa 100644
+--- a/crypto/bn/bn_prime.h
++++ b/crypto/bn/bn_prime.h
+@@ -1,59 +1,13 @@
+-/* Auto generated by bn_prime.pl */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * WARNING: do not edit!
++ * Generated by crypto/bn/bn_prime.pl
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ typedef unsigned short prime_t;
+diff --git a/crypto/bn/bn_prime.pl b/crypto/bn/bn_prime.pl
+index 3a5f064..163d4a9 100644
+--- a/crypto/bn/bn_prime.pl
++++ b/crypto/bn/bn_prime.pl
+@@ -1,62 +1,22 @@
+ #! /usr/bin/env perl
++# Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+-print <<\EOF;
+-/* Auto generated by bn_prime.pl */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++print <<"EOF";
++/*
++ * WARNING: do not edit!
++ * Generated by crypto/bn/bn_prime.pl
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ EOF
+diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
+index 0c3b214..78589db 100644
+--- a/crypto/bn/bn_print.c
++++ b/crypto/bn/bn_print.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -187,7 +139,7 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
+ for (i = 0; i <= (INT_MAX/4) && isxdigit((unsigned char)a[i]); i++)
+ continue;
+
+- if (i > INT_MAX/4)
++ if (i == 0 || i > INT_MAX/4)
+ goto err;
+
+ num = i + neg;
+@@ -215,13 +167,8 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
+ l = 0;
+ for (;;) {
+ c = a[j - m];
+- if ((c >= '0') && (c <= '9'))
+- k = c - '0';
+- else if ((c >= 'a') && (c <= 'f'))
+- k = c - 'a' + 10;
+- else if ((c >= 'A') && (c <= 'F'))
+- k = c - 'A' + 10;
+- else
++ k = OPENSSL_hexchar2int(c);
++ if (k < 0)
+ k = 0; /* paranoia */
+ l = (l << 4) | k;
+
+@@ -262,7 +209,7 @@ int BN_dec2bn(BIGNUM **bn, const char *a)
+ for (i = 0; i <= (INT_MAX/4) && isdigit((unsigned char)a[i]); i++)
+ continue;
+
+- if (i > INT_MAX/4)
++ if (i == 0 || i > INT_MAX/4)
+ goto err;
+
+ num = i + neg;
+diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
+index ce4a0e1..9c0a4ee 100644
+--- a/crypto/bn/bn_rand.c
++++ b/crypto/bn/bn_rand.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -145,13 +44,8 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
+ time(&tim);
+ RAND_add(&tim, sizeof(tim), 0.0);
+
+- if (pseudorand) {
+- if (RAND_bytes(buf, bytes) <= 0)
+- goto err;
+- } else {
+- if (RAND_bytes(buf, bytes) <= 0)
+- goto err;
+- }
++ if (RAND_bytes(buf, bytes) <= 0)
++ goto err;
+
+ if (pseudorand == 2) {
+ /*
+diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c
+index ef15c8f..e532b6e 100644
+--- a/crypto/bn/bn_recp.c
++++ b/crypto/bn/bn_recp.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_shift.c b/crypto/bn/bn_shift.c
+index 4c85275..9907b82 100644
+--- a/crypto/bn/bn_shift.c
++++ b/crypto/bn/bn_shift.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c
+index 389b7cf..a62bb1a 100644
+--- a/crypto/bn/bn_sqr.c
++++ b/crypto/bn/bn_sqr.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c
+index 7ae7536..84376c7 100644
+--- a/crypto/bn/bn_sqrt.c
++++ b/crypto/bn/bn_sqrt.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Lenka Fibikova <fibikova at exp-math.uni-essen.de> and Bodo
+- * Moeller for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_srp.c b/crypto/bn/bn_srp.c
+index a1e438c..58b1691 100644
+--- a/crypto/bn/bn_srp.c
++++ b/crypto/bn/bn_srp.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include "bn_lcl.h"
+ #include "e_os.h"
+
+diff --git a/crypto/bn/bn_word.c b/crypto/bn/bn_word.c
+index 718777b..fd28298 100644
+--- a/crypto/bn/bn_word.c
++++ b/crypto/bn/bn_word.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/bn/bn_x931p.c b/crypto/bn/bn_x931p.c
+index 3c74fd5..83170d4 100644
+--- a/crypto/bn/bn_x931p.c
++++ b/crypto/bn/bn_x931p.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/bn/build.info b/crypto/bn/build.info
+index 83a5b81..edceb73 100644
+--- a/crypto/bn/build.info
++++ b/crypto/bn/build.info
+@@ -7,7 +7,7 @@ SOURCE[../../libcrypto]=\
+ {- $target{bn_asm_src} -} \
+ bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
+ bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c bn_srp.c
+-INCLUDE[../../libcrypto]={- rel2abs(catdir($builddir,"..","..","crypto","include")) -}
++INCLUDE[../../libcrypto]="{- rel2abs(catdir($builddir,"..","..","crypto","include")) -}"
+
+ INCLUDE[bn_exp.o]=..
+
+@@ -57,7 +57,7 @@ GENERATE[bn-ppc.s]=asm/ppc.pl $(PERLASM_SCHEME)
+ GENERATE[ppc-mont.s]=asm/ppc-mont.pl $(PERLASM_SCHEME)
+ GENERATE[ppc64-mont.s]=asm/ppc64-mont.pl $(PERLASM_SCHEME)
+
+-GENERATE[alpha-mont.s]=asm/alpha-mont.pl
++GENERATE[alpha-mont.S]=asm/alpha-mont.pl $(PERLASM_SCHEME)
+
+ GENERATE[armv4-mont.S]=asm/armv4-mont.pl $(PERLASM_SCHEME)
+ INCLUDE[armv4-mont.o]=..
+diff --git a/crypto/bn/rsaz_exp.c b/crypto/bn/rsaz_exp.c
+index d85e612..3398cce 100644
+--- a/crypto/bn/rsaz_exp.c
++++ b/crypto/bn/rsaz_exp.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /*****************************************************************************
+ * *
+ * Copyright (c) 2012, Intel Corporation *
+diff --git a/crypto/bn/rsaz_exp.h b/crypto/bn/rsaz_exp.h
+index 229e181..9501cc8 100644
+--- a/crypto/bn/rsaz_exp.h
++++ b/crypto/bn/rsaz_exp.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /*****************************************************************************
+ * *
+ * Copyright (c) 2012, Intel Corporation *
+diff --git a/crypto/bn/vms-helper.c b/crypto/bn/vms-helper.c
+deleted file mode 100644
+index cb519c4..0000000
+--- a/crypto/bn/vms-helper.c
++++ /dev/null
+@@ -1,67 +0,0 @@
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+-#include <stdio.h>
+-#include "internal/cryptlib.h"
+-#include "bn_lcl.h"
+-
+-bn_div_words_abort(int i)
+-{
+-#ifdef BN_DEBUG
+-# if !defined(OPENSSL_NO_STDIO)
+- fprintf(stderr, "Division would overflow (%d)\n", i);
+-# endif
+- abort();
+-#endif
+-}
+diff --git a/crypto/buffer/Makefile.in b/crypto/buffer/Makefile.in
+deleted file mode 100644
+index 97e1094..0000000
+--- a/crypto/buffer/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/buffer/Makefile
+-#
+-
+-DIR= buffer
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= buffer.c buf_err.c
+-LIBOBJ= buffer.o buf_err.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/buffer/buf_err.c b/crypto/buffer/buf_err.c
+index 0fb9d4f..b7679ae 100644
+--- a/crypto/buffer/buf_err.c
++++ b/crypto/buffer/buf_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
+index a16f3bd..7caa215 100644
+--- a/crypto/buffer/buffer.c
++++ b/crypto/buffer/buffer.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -128,7 +80,8 @@ size_t BUF_MEM_grow(BUF_MEM *str, size_t len)
+ return (len);
+ }
+ if (str->max >= len) {
+- memset(&str->data[str->length], 0, len - str->length);
++ if (str->data != NULL)
++ memset(&str->data[str->length], 0, len - str->length);
+ str->length = len;
+ return (len);
+ }
+@@ -160,7 +113,8 @@ size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
+ size_t n;
+
+ if (str->length >= len) {
+- memset(&str->data[len], 0, str->length - len);
++ if (str->data != NULL)
++ memset(&str->data[len], 0, str->length - len);
+ str->length = len;
+ return (len);
+ }
+diff --git a/crypto/c64xpluscpuid.pl b/crypto/c64xpluscpuid.pl
+index 2feb4e3..9efe120 100644
+--- a/crypto/c64xpluscpuid.pl
++++ b/crypto/c64xpluscpuid.pl
+@@ -1,5 +1,10 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {}
+ open STDOUT,">$output";
+@@ -13,6 +18,7 @@ $code.=<<___;
+ .if __TI_EABI__
+ .asg OPENSSL_rdtsc,_OPENSSL_rdtsc
+ .asg OPENSSL_cleanse,_OPENSSL_cleanse
++ .asg CRYPTO_memcmp,_CRYPTO_memcmp
+ .asg OPENSSL_atomic_add,_OPENSSL_atomic_add
+ .asg OPENSSL_wipe_cpu,_OPENSSL_wipe_cpu
+ .asg OPENSSL_instrument_bus,_OPENSSL_instrument_bus
+@@ -82,6 +88,29 @@ _OPENSSL_cleanse:
+ [A1] STB A2,*A4++[2]
+ .endasmfunc
+
++ .global _CRYPTO_memcmp
++_CRYPTO_memcmp:
++ .asmfunc
++ MV A6,B0
++ [!B0] BNOP RA
++||[!B0] ZERO A4
++ [B0] MVC B0,ILC
++|| [B0] ZERO A0
++ NOP 4
++
++ SPLOOP 1
++ LDBU *A4++,A1
++|| LDBU *B4++,B1
++ NOP 4
++ XOR.L B1,A1,A2
++ SPKERNEL 1,0
++|| OR.S A2,A0,A0
++
++ BNOP RA,3
++ ZERO.L A4
++ [A0] MVK 1,A4
++ .endasmfunc
++
+ .global _OPENSSL_atomic_add
+ _OPENSSL_atomic_add:
+ .asmfunc
+diff --git a/crypto/camellia/Makefile.in b/crypto/camellia/Makefile.in
+deleted file mode 100644
+index 5a806e2..0000000
+--- a/crypto/camellia/Makefile.in
++++ /dev/null
+@@ -1,57 +0,0 @@
+-#
+-# crypto/camellia/Makefile
+-#
+-
+-DIR= camellia
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c \
+- cmll_cfb.c cmll_ctr.c
+-
+-LIBOBJ= cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o $(CMLL_ENC)
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= cmll_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-cmll-x86.s: asm/cmll-x86.pl ../perlasm/x86asm.pl
+- $(PERL) asm/cmll-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-cmll-x86_64.s: asm/cmll-x86_64.pl
+- $(PERL) asm/cmll-x86_64.pl $(PERLASM_SCHEME) $@
+-cmllt4-sparcv9.S: asm/cmllt4-sparcv9.pl ../perlasm/sparcv9_modes.pl
+- $(PERL) asm/cmllt4-sparcv9.pl $(PERLASM_SCHEME) $@
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/camellia/asm/cmll-x86.pl b/crypto/camellia/asm/cmll-x86.pl
+index de354aa..59f9ed9 100644
+--- a/crypto/camellia/asm/cmll-x86.pl
++++ b/crypto/camellia/asm/cmll-x86.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Copyright (c) 2008 Andy Polyakov <appro at openssl.org>
+diff --git a/crypto/camellia/asm/cmll-x86_64.pl b/crypto/camellia/asm/cmll-x86_64.pl
+index d94f46b..86ea9e7 100644
+--- a/crypto/camellia/asm/cmll-x86_64.pl
++++ b/crypto/camellia/asm/cmll-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Copyright (c) 2008 Andy Polyakov <appro at openssl.org>
+diff --git a/crypto/camellia/asm/cmllt4-sparcv9.pl b/crypto/camellia/asm/cmllt4-sparcv9.pl
+index fac5362..ffe4a7d 100644
+--- a/crypto/camellia/asm/cmllt4-sparcv9.pl
++++ b/crypto/camellia/asm/cmllt4-sparcv9.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by David S. Miller <davem at devemloft.net> and Andy Polyakov
+diff --git a/crypto/camellia/build.info b/crypto/camellia/build.info
+index 152e0a4..fd78272 100644
+--- a/crypto/camellia/build.info
++++ b/crypto/camellia/build.info
+@@ -8,4 +8,4 @@ DEPEND[cmll-x86.s]=../perlasm/x86asm.pl
+ GENERATE[cmll-x86_64.s]=asm/cmll-x86_64.pl $(PERLASM_SCHEME)
+ GENERATE[cmllt4-sparcv9.S]=asm/cmllt4-sparcv9.pl $(PERLASM_SCHEME)
+ INCLUDE[cmllt4-sparcv9.o]=..
+-DEPEND[cmllt4-sparcv9.S]=../perlasm/sparcv9-modes.pl
++DEPEND[cmllt4-sparcv9.S]=../perlasm/sparcv9_modes.pl
+diff --git a/crypto/camellia/camellia.c b/crypto/camellia/camellia.c
+index 68651b6..f65bedb 100644
+--- a/crypto/camellia/camellia.c
++++ b/crypto/camellia/camellia.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* ====================================================================
+ * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
+ * ALL RIGHTS RESERVED.
+diff --git a/crypto/camellia/cmll_cbc.c b/crypto/camellia/cmll_cbc.c
+index 742af6d..b19171d 100644
+--- a/crypto/camellia/cmll_cbc.c
++++ b/crypto/camellia/cmll_cbc.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/camellia.h>
+diff --git a/crypto/camellia/cmll_cfb.c b/crypto/camellia/cmll_cfb.c
+index 8f9f8a6..4f49ead 100644
+--- a/crypto/camellia/cmll_cfb.c
++++ b/crypto/camellia/cmll_cfb.c
+@@ -1,107 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/camellia.h>
+diff --git a/crypto/camellia/cmll_ctr.c b/crypto/camellia/cmll_ctr.c
+index b891a04..161d1e1 100644
+--- a/crypto/camellia/cmll_ctr.c
++++ b/crypto/camellia/cmll_ctr.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/camellia.h>
+diff --git a/crypto/camellia/cmll_ecb.c b/crypto/camellia/cmll_ecb.c
+index 4edaa6d..d932f1b 100644
+--- a/crypto/camellia/cmll_ecb.c
++++ b/crypto/camellia/cmll_ecb.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/camellia.h>
+diff --git a/crypto/camellia/cmll_locl.h b/crypto/camellia/cmll_locl.h
+index 0cbcba2..4b3c86c 100644
+--- a/crypto/camellia/cmll_locl.h
++++ b/crypto/camellia/cmll_locl.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* ====================================================================
+ * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
+ * ALL RIGHTS RESERVED.
+diff --git a/crypto/camellia/cmll_misc.c b/crypto/camellia/cmll_misc.c
+index ba93702..e5f014b 100644
+--- a/crypto/camellia/cmll_misc.c
++++ b/crypto/camellia/cmll_misc.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslv.h>
+diff --git a/crypto/camellia/cmll_ofb.c b/crypto/camellia/cmll_ofb.c
+index 8d004b9..b43c685 100644
+--- a/crypto/camellia/cmll_ofb.c
++++ b/crypto/camellia/cmll_ofb.c
+@@ -1,107 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/camellia.h>
+diff --git a/crypto/cast/Makefile.in b/crypto/cast/Makefile.in
+deleted file mode 100644
+index 218c480..0000000
+--- a/crypto/cast/Makefile.in
++++ /dev/null
+@@ -1,51 +0,0 @@
+-#
+-# OpenSSL/crypto/cast/Makefile
+-#
+-
+-DIR= cast
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CAST_ENC=c_enc.o
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
+-LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= cast_s.h cast_lcl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-cast-586.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+- $(PERL) asm/cast-586.pl $(PERLASM_SCHEME) $(CLAGS) $(PROCESSOR) $@
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/cast/asm/cast-586.pl b/crypto/cast/asm/cast-586.pl
+index 267d699..6beb9c5 100644
+--- a/crypto/cast/asm/cast-586.pl
++++ b/crypto/cast/asm/cast-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # This flag makes the inner loop one cycle longer, but generates
+ # code that runs %30 faster on the pentium pro/II, 44% faster
+diff --git a/crypto/cast/c_cfb64.c b/crypto/cast/c_cfb64.c
+index 32641b5..bd7cb2f 100644
+--- a/crypto/cast/c_cfb64.c
++++ b/crypto/cast/c_cfb64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/cast.h>
+diff --git a/crypto/cast/c_ecb.c b/crypto/cast/c_ecb.c
+index 1e736f0..da41794 100644
+--- a/crypto/cast/c_ecb.c
++++ b/crypto/cast/c_ecb.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/cast.h>
+diff --git a/crypto/cast/c_enc.c b/crypto/cast/c_enc.c
+index 8fe3b26..9a85812 100644
+--- a/crypto/cast/c_enc.c
++++ b/crypto/cast/c_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/cast.h>
+diff --git a/crypto/cast/c_ofb64.c b/crypto/cast/c_ofb64.c
+index c7b4259..dffb074 100644
+--- a/crypto/cast/c_ofb64.c
++++ b/crypto/cast/c_ofb64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/cast.h>
+diff --git a/crypto/cast/c_skey.c b/crypto/cast/c_skey.c
+index 5ce379b..962d2a6 100644
+--- a/crypto/cast/c_skey.c
++++ b/crypto/cast/c_skey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/cast.h>
+diff --git a/crypto/cast/cast_lcl.h b/crypto/cast/cast_lcl.h
+index 4a3c603..504232a 100644
+--- a/crypto/cast/cast_lcl.h
++++ b/crypto/cast/cast_lcl.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "e_os.h"
+diff --git a/crypto/cast/cast_s.h b/crypto/cast/cast_s.h
+index 6eb0542..d9fd6ac 100644
+--- a/crypto/cast/cast_s.h
++++ b/crypto/cast/cast_s.h
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ OPENSSL_GLOBAL const CAST_LONG CAST_S_table0[256] = {
+ 0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a,
+ 0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949,
+diff --git a/crypto/chacha/Makefile.in b/crypto/chacha/Makefile.in
+deleted file mode 100644
+index 067fbed..0000000
+--- a/crypto/chacha/Makefile.in
++++ /dev/null
+@@ -1,57 +0,0 @@
+-#
+-# OpenSSL/crypto/chacha/Makefile
+-#
+-
+-DIR= chacha
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-AR= ar r
+-
+-CHACHA_ENC=chacha_enc.o
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=chacha_enc.c
+-LIBOBJ=$(CHACHA_ENC)
+-
+-SRC= $(LIBSRC)
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-chacha-x86.s: asm/chacha-x86.pl
+- $(PERL) asm/chacha-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-chacha-x86_64.s: asm/chacha-x86_64.pl
+- $(PERL) asm/chacha-x86_64.pl $(PERLASM_SCHEME) $@
+-chacha-ppc.s: asm/chacha-ppc.pl
+- $(PERL) asm/chacha-ppc.pl $(PERLASM_SCHEME) $@
+-
+-chacha-%.S: asm/chacha-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-
+-chacha-armv4.o: chacha-armv4.S
+-chacha-armv8.o: chacha-armv8.S
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/chacha/asm/chacha-armv4.pl b/crypto/chacha/asm/chacha-armv4.pl
+index c908399..5b3e7be 100755
+--- a/crypto/chacha/asm/chacha-armv4.pl
++++ b/crypto/chacha/asm/chacha-armv4.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/chacha/asm/chacha-armv8.pl b/crypto/chacha/asm/chacha-armv8.pl
+index 16cb1fa..03e8616 100755
+--- a/crypto/chacha/asm/chacha-armv8.pl
++++ b/crypto/chacha/asm/chacha-armv8.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/chacha/asm/chacha-c64xplus.pl b/crypto/chacha/asm/chacha-c64xplus.pl
+index b2ea406..bdb3804 100755
+--- a/crypto/chacha/asm/chacha-c64xplus.pl
++++ b/crypto/chacha/asm/chacha-c64xplus.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/chacha/asm/chacha-ppc.pl b/crypto/chacha/asm/chacha-ppc.pl
+index 2bb3fce..b978f58 100755
+--- a/crypto/chacha/asm/chacha-ppc.pl
++++ b/crypto/chacha/asm/chacha-ppc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+@@ -527,9 +534,11 @@ $code.=<<___;
+ ?lvsl $outperm,0,$out # prepare for unaligned store
+ ?vperm $outmask,$outmask,$T0,$outperm
+
++ be?lvsl $T0,0, at x[0] # 0x00..0f
+ be?vspltisb $T1,3 # 0x03..03
+- be?vxor $inpperm,$inpperm,$T1 # swap bytes within words
++ be?vxor $T0,$T0,$T1 # swap bytes within words
+ be?vxor $outperm,$outperm,$T1
++ be?vperm $inpperm,$inpperm,$inpperm,$T0
+
+ b Loop_outer_vmx
+
+diff --git a/crypto/chacha/asm/chacha-s390x.pl b/crypto/chacha/asm/chacha-s390x.pl
+index 42faadc..c7a2692 100755
+--- a/crypto/chacha/asm/chacha-s390x.pl
++++ b/crypto/chacha/asm/chacha-s390x.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/chacha/asm/chacha-x86.pl b/crypto/chacha/asm/chacha-x86.pl
+index 8b9696f..3c6e67d 100755
+--- a/crypto/chacha/asm/chacha-x86.pl
++++ b/crypto/chacha/asm/chacha-x86.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+@@ -437,8 +444,10 @@ my ($ap,$bp,$cp,$dp)=map(($_&~3)+(($_-1)&3),($ai,$bi,$ci,$di)); # previous
+
+ &function_begin("ChaCha20_ssse3");
+ &set_label("ssse3_shortcut");
++if ($ymm) {
+ &test (&DWP(4,"ebp"),1<<11); # test XOP bit
+ &jnz (&label("xop_shortcut"));
++}
+
+ &mov ($out,&wparam(0));
+ &mov ($inp,&wparam(1));
+@@ -770,7 +779,7 @@ sub SSSE3ROUND { # critical path is 20 "SIMD ticks" per round
+ }
+ &asciz ("ChaCha20 for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+-if ($xmm) {
++if ($ymm) {
+ my ($xa,$xa_,$xb,$xb_,$xc,$xc_,$xd,$xd_)=map("xmm$_",(0..7));
+ my ($out,$inp,$len)=("edi","esi","ecx");
+
+diff --git a/crypto/chacha/asm/chacha-x86_64.pl b/crypto/chacha/asm/chacha-x86_64.pl
+index 4b36b58..8d46522 100755
+--- a/crypto/chacha/asm/chacha-x86_64.pl
++++ b/crypto/chacha/asm/chacha-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/chacha/chacha_enc.c b/crypto/chacha/chacha_enc.c
+index 281a9be..13720d0 100644
+--- a/crypto/chacha/chacha_enc.c
++++ b/crypto/chacha/chacha_enc.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Adapted from the public domain code by D. Bernstein from SUPERCOP. */
+diff --git a/crypto/cmac/Makefile.in b/crypto/cmac/Makefile.in
+deleted file mode 100644
+index 1d6f0bd..0000000
+--- a/crypto/cmac/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/cmac/Makefile
+-#
+-
+-DIR= cmac
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=cmac.c cm_ameth.c cm_pmeth.c
+-LIBOBJ=cmac.o cm_ameth.o cm_pmeth.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/cmac/cm_ameth.c b/crypto/cmac/cm_ameth.c
+index d9a550e..a58454a 100644
+--- a/crypto/cmac/cm_ameth.c
++++ b/crypto/cmac/cm_ameth.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2010.
+- */
+-/* ====================================================================
+- * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/cmac/cm_pmeth.c b/crypto/cmac/cm_pmeth.c
+index f00a32e..10748f1 100644
+--- a/crypto/cmac/cm_pmeth.c
++++ b/crypto/cmac/cm_pmeth.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2010.
+- */
+-/* ====================================================================
+- * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c
+index cb30e6d..c4f13a0 100644
+--- a/crypto/cmac/cmac.c
++++ b/crypto/cmac/cmac.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/cms/Makefile.in b/crypto/cms/Makefile.in
+deleted file mode 100644
+index 19a50b2..0000000
+--- a/crypto/cms/Makefile.in
++++ /dev/null
+@@ -1,49 +0,0 @@
+-#
+-# OpenSSL/crypto/cms/Makefile
+-#
+-
+-DIR= cms
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
+- cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \
+- cms_pwri.c cms_kari.c
+-LIBOBJ= cms_lib.o cms_asn1.o cms_att.o cms_io.o cms_smime.o cms_err.o \
+- cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o \
+- cms_pwri.o cms_kari.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= cms_lcl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-test:
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c
+index d839935..81e9a53 100644
+--- a/crypto/cms/cms_asn1.c
++++ b/crypto/cms/cms_asn1.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/asn1t.h>
+diff --git a/crypto/cms/cms_att.c b/crypto/cms/cms_att.c
+index 834a254..5c560b4 100644
+--- a/crypto/cms/cms_att.c
++++ b/crypto/cms/cms_att.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/asn1t.h>
+diff --git a/crypto/cms/cms_cd.c b/crypto/cms/cms_cd.c
+index 9e12078..c0cb368 100644
+--- a/crypto/cms/cms_cd.c
++++ b/crypto/cms/cms_cd.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c
+index 54444b1..5da6802 100644
+--- a/crypto/cms/cms_dd.c
++++ b/crypto/cms/cms_dd.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
+index 23adc2f..ed91342 100644
+--- a/crypto/cms/cms_enc.c
++++ b/crypto/cms/cms_enc.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+@@ -175,8 +131,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
+ CMS_R_CIPHER_INITIALISATION_ERROR);
+ goto err;
+ }
+-
+- if (piv) {
++ if (enc) {
+ calg->parameter = ASN1_TYPE_new();
+ if (calg->parameter == NULL) {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+@@ -187,6 +142,11 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
+ CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+ goto err;
+ }
++ /* If parameter type not set omit parameter */
++ if (calg->parameter->type == V_ASN1_UNDEF) {
++ ASN1_TYPE_free(calg->parameter);
++ calg->parameter = NULL;
++ }
+ }
+ ok = 1;
+
+diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
+index c54667f..111b2aa 100644
+--- a/crypto/cms/cms_env.c
++++ b/crypto/cms/cms_env.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/cms/cms_err.c b/crypto/cms/cms_err.c
+index 8d43bb1..cfda019 100644
+--- a/crypto/cms/cms_err.c
++++ b/crypto/cms/cms_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -209,7 +159,6 @@ static ERR_STRING_DATA CMS_str_reasons[] = {
+ {ERR_REASON(CMS_R_CTRL_ERROR), "ctrl error"},
+ {ERR_REASON(CMS_R_CTRL_FAILURE), "ctrl failure"},
+ {ERR_REASON(CMS_R_DECRYPT_ERROR), "decrypt error"},
+- {ERR_REASON(CMS_R_DIGEST_ERROR), "digest error"},
+ {ERR_REASON(CMS_R_ERROR_GETTING_PUBLIC_KEY), "error getting public key"},
+ {ERR_REASON(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE),
+ "error reading messagedigest attribute"},
+diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c
+index 353ec0e..4780231 100644
+--- a/crypto/cms/cms_ess.c
++++ b/crypto/cms/cms_ess.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/cms/cms_io.c b/crypto/cms/cms_io.c
+index bac583e..d18f980 100644
+--- a/crypto/cms/cms_io.c
++++ b/crypto/cms/cms_io.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/asn1t.h>
+diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c
+index 562b1e5..8f44c81 100644
+--- a/crypto/cms/cms_kari.c
++++ b/crypto/cms/cms_kari.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/cms/cms_lcl.h b/crypto/cms/cms_lcl.h
+index 7f04f20..d0c0e81 100644
+--- a/crypto/cms/cms_lcl.h
++++ b/crypto/cms/cms_lcl.h
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_CMS_LCL_H
+diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
+index a0a1adb..53eade3 100644
+--- a/crypto/cms/cms_lib.c
++++ b/crypto/cms/cms_lib.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/asn1t.h>
+diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c
+index 5ab20e2..0571bb8 100644
+--- a/crypto/cms/cms_pwri.c
++++ b/crypto/cms/cms_pwri.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2009 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
++ * Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+@@ -323,7 +279,7 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+ CMS_PasswordRecipientInfo *pwri;
+ int r = 0;
+ X509_ALGOR *algtmp, *kekalg = NULL;
+- EVP_CIPHER_CTX *kekctx;
++ EVP_CIPHER_CTX *kekctx = NULL;
+ const EVP_CIPHER *kekcipher;
+ unsigned char *key = NULL;
+ size_t keylen;
+@@ -331,7 +287,6 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+ ec = cms->d.envelopedData->encryptedContentInfo;
+
+ pwri = ri->d.pwri;
+- kekctx = EVP_CIPHER_CTX_new();
+
+ if (!pwri->pass) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
+@@ -358,9 +313,14 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+
+ if (!kekcipher) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNKNOWN_CIPHER);
+- goto err;
++ return 0;
+ }
+
++ kekctx = EVP_CIPHER_CTX_new();
++ if (kekctx == NULL) {
++ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE);
++ return 0;
++ }
+ /* Fixup cipher based on AlgorithmIdentifier to set IV etc */
+ if (!EVP_CipherInit_ex(kekctx, kekcipher, NULL, NULL, NULL, en_de))
+ goto err;
+diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
+index 151f40f..6c3db3b 100644
+--- a/crypto/cms/cms_sd.c
++++ b/crypto/cms/cms_sd.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+@@ -588,7 +544,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
+
+ if (!si->pkey) {
+ CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY);
+- return 0;
++ goto err;
+ }
+
+ if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
+diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
+index 98054b3..4a8f819 100644
+--- a/crypto/cms/cms_smime.c
++++ b/crypto/cms/cms_smime.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/comp/Makefile.in b/crypto/comp/Makefile.in
+deleted file mode 100644
+index 0673d46..0000000
+--- a/crypto/comp/Makefile.in
++++ /dev/null
+@@ -1,46 +0,0 @@
+-#
+-# OpenSSL/crypto/comp/Makefile
+-#
+-
+-DIR= comp
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= comp_lib.c comp_err.c \
+- c_zlib.c
+-
+-LIBOBJ= comp_lib.o comp_err.o \
+- c_zlib.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c
+index 6dd7684..2f38c2e 100644
+--- a/crypto/comp/c_zlib.c
++++ b/crypto/comp/c_zlib.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/comp/comp_err.c b/crypto/comp/comp_err.c
+index 96f2a99..0233e94 100644
+--- a/crypto/comp/comp_err.c
++++ b/crypto/comp/comp_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/comp/comp_lcl.h b/crypto/comp/comp_lcl.h
+index 613437e..aa45fca 100644
+--- a/crypto/comp/comp_lcl.h
++++ b/crypto/comp/comp_lcl.h
+@@ -1,57 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2017 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+-
+ struct comp_method_st {
+ int type; /* NID for compression library */
+ const char *name; /* A text string to identify the library */
+diff --git a/crypto/comp/comp_lib.c b/crypto/comp/comp_lib.c
+index 83fea93..32afd0d 100644
+--- a/crypto/comp/comp_lib.c
++++ b/crypto/comp/comp_lib.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/conf/Makefile.in b/crypto/conf/Makefile.in
+deleted file mode 100644
+index 5acaa1c..0000000
+--- a/crypto/conf/Makefile.in
++++ /dev/null
+@@ -1,46 +0,0 @@
+-#
+-# OpenSSL/crypto/conf/Makefile
+-#
+-
+-DIR= conf
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \
+- conf_mall.c conf_sap.c
+-
+-LIBOBJ= conf_err.o conf_lib.o conf_api.o conf_def.o conf_mod.o \
+- conf_mall.o conf_sap.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= conf_def.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c
+index 5365c97..5535416 100644
+--- a/crypto/conf/conf_api.c
++++ b/crypto/conf/conf_api.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Part of the code in here was originally in conf.c, which is now removed */
+@@ -148,7 +100,7 @@ char *_CONF_get_string(const CONF *conf, const char *section,
+
+ static unsigned long conf_value_hash(const CONF_VALUE *v)
+ {
+- return (lh_strhash(v->section) << 2) ^ lh_strhash(v->name);
++ return (OPENSSL_LH_strhash(v->section) << 2) ^ OPENSSL_LH_strhash(v->name);
+ }
+
+ static int conf_value_cmp(const CONF_VALUE *a, const CONF_VALUE *b)
+diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
+index 0f3f52a..8861b3a 100644
+--- a/crypto/conf/conf_def.c
++++ b/crypto/conf/conf_def.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Part of the code in here was originally in conf.c, which is now removed */
+diff --git a/crypto/conf/conf_def.h b/crypto/conf/conf_def.h
+index 3ebb0f7..da4767e 100644
+--- a/crypto/conf/conf_def.h
++++ b/crypto/conf/conf_def.h
+@@ -1,63 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-
+ /*
+- * THIS FILE WAS AUTOMAGICALLY GENERATED! Please modify and use keysets.pl to
+- * regenerate it.
++ * WARNING: do not edit!
++ * Generated by crypto/conf/keysets.pl
++ *
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #define CONF_NUMBER 1
+@@ -95,18 +44,18 @@
+
+ #else /* CHARSET_EBCDIC */
+
+-# define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
+-# define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
+-# define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
+-# define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
+-# define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
+-# define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
+-# define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
++# define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_COMMENT)
++# define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_FCOMMENT)
++# define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_EOF)
++# define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_ESC)
++# define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_NUMBER)
++# define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_WS)
++# define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_ALPHA_NUMERIC)
+ # define IS_ALPHA_NUMERIC_PUNCT(c,a) \
+- (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
+-# define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
+-# define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
+-# define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
++ (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_ALPHA_NUMERIC_PUNCT)
++# define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_QUOTE)
++# define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_DQUOTE)
++# define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_HIGHBIT)
+ #endif /* CHARSET_EBCDIC */
+
+ static const unsigned short CONF_type_default[256] = {
+diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c
+index 80ea3ce..31bb15c 100644
+--- a/crypto/conf/conf_err.c
++++ b/crypto/conf/conf_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -71,9 +21,7 @@
+ static ERR_STRING_DATA CONF_str_functs[] = {
+ {ERR_FUNC(CONF_F_CONF_DUMP_FP), "CONF_dump_fp"},
+ {ERR_FUNC(CONF_F_CONF_LOAD), "CONF_load"},
+- {ERR_FUNC(CONF_F_CONF_LOAD_BIO), "CONF_load_bio"},
+ {ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"},
+- {ERR_FUNC(CONF_F_CONF_MODULES_LOAD), "CONF_modules_load"},
+ {ERR_FUNC(CONF_F_CONF_PARSE_LIST), "CONF_parse_list"},
+ {ERR_FUNC(CONF_F_DEF_LOAD), "def_load"},
+ {ERR_FUNC(CONF_F_DEF_LOAD_BIO), "def_load_bio"},
+@@ -82,7 +30,6 @@ static ERR_STRING_DATA CONF_str_functs[] = {
+ {ERR_FUNC(CONF_F_MODULE_RUN), "module_run"},
+ {ERR_FUNC(CONF_F_NCONF_DUMP_BIO), "NCONF_dump_bio"},
+ {ERR_FUNC(CONF_F_NCONF_DUMP_FP), "NCONF_dump_fp"},
+- {ERR_FUNC(CONF_F_NCONF_GET_NUMBER), "NCONF_get_number"},
+ {ERR_FUNC(CONF_F_NCONF_GET_NUMBER_E), "NCONF_get_number_e"},
+ {ERR_FUNC(CONF_F_NCONF_GET_SECTION), "NCONF_get_section"},
+ {ERR_FUNC(CONF_F_NCONF_GET_STRING), "NCONF_get_string"},
+@@ -100,7 +47,6 @@ static ERR_STRING_DATA CONF_str_reasons[] = {
+ {ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET),
+ "missing close square bracket"},
+ {ERR_REASON(CONF_R_MISSING_EQUAL_SIGN), "missing equal sign"},
+- {ERR_REASON(CONF_R_MISSING_FINISH_FUNCTION), "missing finish function"},
+ {ERR_REASON(CONF_R_MISSING_INIT_FUNCTION), "missing init function"},
+ {ERR_REASON(CONF_R_MODULE_INITIALIZATION_ERROR),
+ "module initialization error"},
+diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c
+index f197714..c998373 100644
+--- a/crypto/conf/conf_lib.c
++++ b/crypto/conf/conf_lib.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -64,6 +15,7 @@
+ #include <openssl/conf.h>
+ #include <openssl/conf_api.h>
+ #include <openssl/lhash.h>
++#include "e_os.h"
+
+ static CONF_METHOD *default_CONF_method = NULL;
+
+@@ -388,11 +340,21 @@ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void)
+
+
+ #ifndef OPENSSL_NO_STDIO
+-void OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
+- const char *config_file)
++int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
++ const char *config_file)
+ {
++ char *new_config_file = NULL;
++
++ if (config_file != NULL) {
++ new_config_file = strdup(config_file);
++ if (new_config_file == NULL)
++ return 0;
++ }
++
+ free(settings->config_name);
+- settings->config_name = config_file == NULL ? NULL : strdup(config_file);
++ settings->config_name = new_config_file;
++
++ return 1;
+ }
+ #endif
+
+diff --git a/crypto/conf/conf_mall.c b/crypto/conf/conf_mall.c
+index a5c961d..4e7a434 100644
+--- a/crypto/conf/conf_mall.c
++++ b/crypto/conf/conf_mall.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Stephen Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
+index cef805d..6235f50 100644
+--- a/crypto/conf/conf_mod.c
++++ b/crypto/conf/conf_mod.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Stephen Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -286,8 +237,13 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
+ tmod->name = OPENSSL_strdup(name);
+ tmod->init = ifunc;
+ tmod->finish = ffunc;
++ if (tmod->name == NULL) {
++ OPENSSL_free(tmod);
++ return NULL;
++ }
+
+ if (!sk_CONF_MODULE_push(supported_modules, tmod)) {
++ OPENSSL_free(tmod->name);
+ OPENSSL_free(tmod);
+ return NULL;
+ }
+diff --git a/crypto/conf/conf_sap.c b/crypto/conf/conf_sap.c
+index ab034c2..a1c25b3 100644
+--- a/crypto/conf/conf_sap.c
++++ b/crypto/conf/conf_sap.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Stephen Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/conf/keysets.pl b/crypto/conf/keysets.pl
+index 087c087..5af08ae 100644
+--- a/crypto/conf/keysets.pl
++++ b/crypto/conf/keysets.pl
+@@ -1,4 +1,10 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ $NUMBER=0x01;
+ $UPPER=0x02;
+@@ -52,66 +58,15 @@ foreach (0 .. 255)
+ }
+
+ print <<"EOF";
+-/* Copyright (C) 1995-1998 Eric Young (eay\@cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay\@cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh\@cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay\@cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh\@cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-
+ /*
+- * THIS FILE WAS AUTOMAGICALLY GENERATED! Please modify and use keysets.pl to
+- * regenerate it.
++ * WARNING: do not edit!
++ * Generated by crypto/conf/keysets.pl
++ *
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #define CONF_NUMBER $NUMBER
+@@ -149,18 +104,18 @@ print <<"EOF";
+
+ #else /* CHARSET_EBCDIC */
+
+-# define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
+-# define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
+-# define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
+-# define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
+-# define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
+-# define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
+-# define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
++# define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_COMMENT)
++# define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_FCOMMENT)
++# define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_EOF)
++# define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_ESC)
++# define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_NUMBER)
++# define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_WS)
++# define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_ALPHA_NUMERIC)
+ # define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
+- (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
+-# define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
+-# define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
+-# define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
++ (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_ALPHA_NUMERIC_PUNCT)
++# define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_QUOTE)
++# define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_DQUOTE)
++# define IS_HIGHBIT(c,a) (KEYTYPES(c)[os_toascii[a & 0xff]]&CONF_HIGHBIT)
+ #endif /* CHARSET_EBCDIC */
+
+ EOF
+diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c
+index 8ad93a9..3c6e8d5 100644
+--- a/crypto/cpt_err.c
++++ b/crypto/cpt_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -72,22 +22,14 @@ static ERR_STRING_DATA CRYPTO_str_functs[] = {
+ {ERR_FUNC(CRYPTO_F_CRYPTO_DUP_EX_DATA), "CRYPTO_dup_ex_data"},
+ {ERR_FUNC(CRYPTO_F_CRYPTO_FREE_EX_DATA), "CRYPTO_free_ex_data"},
+ {ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX), "CRYPTO_get_ex_new_index"},
+- {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID), "CRYPTO_get_new_dynlockid"},
+- {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_LOCKID), "CRYPTO_get_new_lockid"},
+ {ERR_FUNC(CRYPTO_F_CRYPTO_MEMDUP), "CRYPTO_memdup"},
+ {ERR_FUNC(CRYPTO_F_CRYPTO_NEW_EX_DATA), "CRYPTO_new_ex_data"},
+ {ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"},
+- {ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX), "DEF_ADD_INDEX"},
+- {ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "DEF_GET_CLASS"},
+ {ERR_FUNC(CRYPTO_F_FIPS_MODE_SET), "FIPS_mode_set"},
+ {ERR_FUNC(CRYPTO_F_GET_AND_LOCK), "get_and_lock"},
+- {ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
+- {ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
+- {ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},
+ {ERR_FUNC(CRYPTO_F_OPENSSL_BUF2HEXSTR), "OPENSSL_buf2hexstr"},
+- {ERR_FUNC(CRYPTO_F_OPENSSL_INIT_CRYPTO), "OPENSSL_init_crypto"},
+- {ERR_FUNC(CRYPTO_F_OPENSSL_MEMDUP), "OPENSSL_MEMDUP"},
+ {ERR_FUNC(CRYPTO_F_OPENSSL_HEXSTR2BUF), "OPENSSL_hexstr2buf"},
++ {ERR_FUNC(CRYPTO_F_OPENSSL_INIT_CRYPTO), "OPENSSL_init_crypto"},
+ {0, NULL}
+ };
+
+diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
+index 7e1d780..8e189ec 100644
+--- a/crypto/cryptlib.c
++++ b/crypto/cryptlib.c
+@@ -1,112 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+@@ -117,7 +17,6 @@
+ #include <openssl/safestack.h>
+
+ #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
+- defined(__INTEL__) || \
+ defined(__x86_64) || defined(__x86_64__) || \
+ defined(_M_AMD64) || defined(_M_X64)
+
+@@ -417,6 +316,7 @@ void OPENSSL_die(const char *message, const char *file, int line)
+ #endif
+ }
+
++#if !defined(OPENSSL_CPUID_OBJ)
+ /* volatile unsigned char* pointers are there because
+ * 1. Accessing a variable declared volatile via a pointer
+ * that lacks a volatile qualifier causes undefined behavior.
+@@ -448,3 +348,4 @@ int CRYPTO_memcmp(const volatile void * volatile in_a,
+
+ return x;
+ }
++#endif
+diff --git a/crypto/ct/Makefile.in b/crypto/ct/Makefile.in
+deleted file mode 100644
+index 794efbc..0000000
+--- a/crypto/ct/Makefile.in
++++ /dev/null
+@@ -1,45 +0,0 @@
+-#
+-# OpenSSL/crypto/ct/Makefile
+-#
+-
+-DIR= ct
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= ct_b64.c ct_err.c ct_log.c ct_oct.c ct_policy.c ct_prn.c ct_sct.c \
+- ct_sct_ctx.c ct_vfy.c ct_x509v3.c
+-LIBOBJ= ct_b64.o ct_err.o ct_log.o ct_oct.o ct_policy.o ct_prn.o ct_sct.o \
+- ct_sct_ctx.o ct_vfy.o ct_x509v3.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/ct/ct_b64.c b/crypto/ct/ct_b64.c
+index a1693a6..d6279d2 100644
+--- a/crypto/ct/ct_b64.c
++++ b/crypto/ct/ct_b64.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Rob Stradling (rob at comodo.com) and Stephen Henson
+- * (steve at openssl.org) for the OpenSSL project 2014.
+- */
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <limits.h>
+diff --git a/crypto/ct/ct_err.c b/crypto/ct/ct_err.c
+index 1754395..8581dbb 100644
+--- a/crypto/ct/ct_err.c
++++ b/crypto/ct/ct_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -73,26 +23,11 @@ static ERR_STRING_DATA CT_str_functs[] = {
+ {ERR_FUNC(CT_F_CTLOG_NEW_FROM_BASE64), "CTLOG_new_from_base64"},
+ {ERR_FUNC(CT_F_CTLOG_NEW_FROM_CONF), "ctlog_new_from_conf"},
+ {ERR_FUNC(CT_F_CTLOG_NEW_NULL), "CTLOG_new_null"},
+- {ERR_FUNC(CT_F_CTLOG_STORE_GET0_LOG_BY_ID), "CTLOG_STORE_get0_log_by_id"},
+ {ERR_FUNC(CT_F_CTLOG_STORE_LOAD_CTX_NEW), "ctlog_store_load_ctx_new"},
+ {ERR_FUNC(CT_F_CTLOG_STORE_LOAD_FILE), "CTLOG_STORE_load_file"},
+ {ERR_FUNC(CT_F_CT_BASE64_DECODE), "ct_base64_decode"},
+- {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_GET0_CERT),
+- "CT_POLICY_EVAL_CTX_get0_cert"},
+- {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_GET0_ISSUER),
+- "CT_POLICY_EVAL_CTX_get0_issuer"},
+- {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_GET0_LOG_STORE),
+- "CT_POLICY_EVAL_CTX_get0_log_store"},
+ {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_NEW), "CT_POLICY_EVAL_CTX_new"},
+- {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_SET0_CERT),
+- "CT_POLICY_EVAL_CTX_set0_cert"},
+- {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_SET0_ISSUER),
+- "CT_POLICY_EVAL_CTX_set0_issuer"},
+- {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_SET0_LOG_STORE),
+- "CT_POLICY_EVAL_CTX_set0_log_store"},
+ {ERR_FUNC(CT_F_CT_V1_LOG_ID_FROM_PKEY), "ct_v1_log_id_from_pkey"},
+- {ERR_FUNC(CT_F_D2I_SCT_LIST), "d2i_SCT_LIST"},
+- {ERR_FUNC(CT_F_I2D_SCT_LIST), "i2d_SCT_LIST"},
+ {ERR_FUNC(CT_F_I2O_SCT), "i2o_SCT"},
+ {ERR_FUNC(CT_F_I2O_SCT_LIST), "i2o_SCT_LIST"},
+ {ERR_FUNC(CT_F_I2O_SCT_SIGNATURE), "i2o_SCT_signature"},
+@@ -100,7 +35,6 @@ static ERR_STRING_DATA CT_str_functs[] = {
+ {ERR_FUNC(CT_F_O2I_SCT_LIST), "o2i_SCT_LIST"},
+ {ERR_FUNC(CT_F_O2I_SCT_SIGNATURE), "o2i_SCT_signature"},
+ {ERR_FUNC(CT_F_SCT_CTX_NEW), "SCT_CTX_new"},
+- {ERR_FUNC(CT_F_SCT_LIST_VALIDATE), "SCT_LIST_validate"},
+ {ERR_FUNC(CT_F_SCT_NEW), "SCT_new"},
+ {ERR_FUNC(CT_F_SCT_NEW_FROM_BASE64), "SCT_new_from_base64"},
+ {ERR_FUNC(CT_F_SCT_SET0_LOG_ID), "SCT_set0_log_id"},
+@@ -110,8 +44,6 @@ static ERR_STRING_DATA CT_str_functs[] = {
+ {ERR_FUNC(CT_F_SCT_SET_LOG_ENTRY_TYPE), "SCT_set_log_entry_type"},
+ {ERR_FUNC(CT_F_SCT_SET_SIGNATURE_NID), "SCT_set_signature_nid"},
+ {ERR_FUNC(CT_F_SCT_SET_VERSION), "SCT_set_version"},
+- {ERR_FUNC(CT_F_SCT_SIGNATURE_IS_VALID), "SCT_SIGNATURE_IS_VALID"},
+- {ERR_FUNC(CT_F_SCT_VALIDATE), "SCT_validate"},
+ {ERR_FUNC(CT_F_SCT_VERIFY), "SCT_verify"},
+ {ERR_FUNC(CT_F_SCT_VERIFY_V1), "SCT_verify_v1"},
+ {0, NULL}
+@@ -126,15 +58,12 @@ static ERR_STRING_DATA CT_str_reasons[] = {
+ "log conf missing description"},
+ {ERR_REASON(CT_R_LOG_CONF_MISSING_KEY), "log conf missing key"},
+ {ERR_REASON(CT_R_LOG_KEY_INVALID), "log key invalid"},
+- {ERR_REASON(CT_R_NOT_ENOUGH_SCTS), "not enough scts"},
+ {ERR_REASON(CT_R_SCT_INVALID), "sct invalid"},
+ {ERR_REASON(CT_R_SCT_INVALID_SIGNATURE), "sct invalid signature"},
+ {ERR_REASON(CT_R_SCT_LIST_INVALID), "sct list invalid"},
+ {ERR_REASON(CT_R_SCT_LOG_ID_MISMATCH), "sct log id mismatch"},
+ {ERR_REASON(CT_R_SCT_NOT_SET), "sct not set"},
+ {ERR_REASON(CT_R_SCT_UNSUPPORTED_VERSION), "sct unsupported version"},
+- {ERR_REASON(CT_R_SCT_VALIDATION_STATUS_NOT_SET),
+- "sct validation status not set"},
+ {ERR_REASON(CT_R_UNRECOGNIZED_SIGNATURE_NID),
+ "unrecognized signature nid"},
+ {ERR_REASON(CT_R_UNSUPPORTED_ENTRY_TYPE), "unsupported entry type"},
+diff --git a/crypto/ct/ct_locl.h b/crypto/ct/ct_locl.h
+index b1a65d6..e3ef4b7 100644
+--- a/crypto/ct/ct_locl.h
++++ b/crypto/ct/ct_locl.h
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Rob Percival (robpercival at google.com) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c
+index 47bd08f..6fc21b7 100644
+--- a/crypto/ct/ct_log.c
++++ b/crypto/ct/ct_log.c
+@@ -1,56 +1,10 @@
+-/* Author: Adam Eijdenberg <adam.eijdenberg at gmail.com>. */
+-/* ====================================================================
+- * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdlib.h>
+diff --git a/crypto/ct/ct_oct.c b/crypto/ct/ct_oct.c
+index ece353b..ced585f 100644
+--- a/crypto/ct/ct_oct.c
++++ b/crypto/ct/ct_oct.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Rob Stradling (rob at comodo.com) and Stephen Henson
+- * (steve at openssl.org) for the OpenSSL project 2014.
+- */
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifdef OPENSSL_NO_CT
+diff --git a/crypto/ct/ct_policy.c b/crypto/ct/ct_policy.c
+index f97cfdf..4c4f9b3 100644
+--- a/crypto/ct/ct_policy.c
++++ b/crypto/ct/ct_policy.c
+@@ -1,55 +1,11 @@
+ /*
+-* Implementations of Certificate Transparency SCT policies.
+-* Written by Rob Percival (robpercival at google.com) for the OpenSSL project.
+-*/
+-/* ====================================================================
+-* Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+-*
+-* Redistribution and use in source and binary forms, with or without
+-* modification, are permitted provided that the following conditions
+-* are met:
+-*
+-* 1. Redistributions of source code must retain the above copyright
+-* notice, this list of conditions and the following disclaimer.
+-*
+-* 2. Redistributions in binary form must reproduce the above copyright
+-* notice, this list of conditions and the following disclaimer in
+-* the documentation and/or other materials provided with the
+-* distribution.
+-*
+-* 3. All advertising materials mentioning features or use of this
+-* software must display the following acknowledgment:
+-* "This product includes software developed by the OpenSSL Project
+-* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+-*
+-* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-* endorse or promote products derived from this software without
+-* prior written permission. For written permission, please contact
+-* licensing at OpenSSL.org.
+-*
+-* 5. Products derived from this software may not be called "OpenSSL"
+-* nor may "OpenSSL" appear in their names without prior written
+-* permission of the OpenSSL Project.
+-*
+-* 6. Redistributions of any form whatsoever must retain the following
+-* acknowledgment:
+-* "This product includes software developed by the OpenSSL Project
+-* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+-*
+-* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-* OF THE POSSIBILITY OF SUCH DAMAGE.
+-* ====================================================================
+-*/
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ #ifdef OPENSSL_NO_CT
+ # error "CT is disabled"
+diff --git a/crypto/ct/ct_prn.c b/crypto/ct/ct_prn.c
+index 5004ae0..2786746 100644
+--- a/crypto/ct/ct_prn.c
++++ b/crypto/ct/ct_prn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Rob Stradling (rob at comodo.com) and Stephen Henson
+- * (steve at openssl.org) for the OpenSSL project 2014.
+- */
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifdef OPENSSL_NO_CT
+diff --git a/crypto/ct/ct_sct.c b/crypto/ct/ct_sct.c
+index 1fc7456..1aec3e2 100644
+--- a/crypto/ct/ct_sct.c
++++ b/crypto/ct/ct_sct.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Rob Stradling (rob at comodo.com), Stephen Henson (steve at openssl.org)
+- * and Adam Eijdenberg (adam.eijdenberg at gmail.com) for the OpenSSL project 2016.
+- */
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifdef OPENSSL_NO_CT
+diff --git a/crypto/ct/ct_sct_ctx.c b/crypto/ct/ct_sct_ctx.c
+index 13937c7..28fd044 100644
+--- a/crypto/ct/ct_sct_ctx.c
++++ b/crypto/ct/ct_sct_ctx.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Rob Stradling (rob at comodo.com) and Stephen Henson
+- * (steve at openssl.org) for the OpenSSL project 2014.
+- */
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifdef OPENSSL_NO_CT
+diff --git a/crypto/ct/ct_vfy.c b/crypto/ct/ct_vfy.c
+index 71c0361..8305ce6 100644
+--- a/crypto/ct/ct_vfy.c
++++ b/crypto/ct/ct_vfy.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Rob Stradling (rob at comodo.com) and Stephen Henson
+- * (steve at openssl.org) for the OpenSSL project 2014.
+- */
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/crypto/ct/ct_x509v3.c b/crypto/ct/ct_x509v3.c
+index ed361dc..4298e1e 100644
+--- a/crypto/ct/ct_x509v3.c
++++ b/crypto/ct/ct_x509v3.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Rob Stradling (rob at comodo.com) and Stephen Henson
+- * (steve at openssl.org) for the OpenSSL project 2014.
+- */
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifdef OPENSSL_NO_CT
+diff --git a/crypto/cversion.c b/crypto/cversion.c
+index a13ccf4..96d8a5b 100644
+--- a/crypto/cversion.c
++++ b/crypto/cversion.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/des/Makefile.in b/crypto/des/Makefile.in
+deleted file mode 100644
+index 5f87f22..0000000
+--- a/crypto/des/Makefile.in
++++ /dev/null
+@@ -1,72 +0,0 @@
+-#
+-# OpenSSL/crypto/des/Makefile
+-#
+-
+-DIR= des
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=-I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-RANLIB= ranlib
+-DES_ENC= des_enc.o fcrypt_b.o
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \
+- ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c \
+- fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c \
+- qud_cksm.c rand_key.c rpc_enc.c set_key.c \
+- des_enc.c fcrypt_b.c \
+- xcbc_enc.c \
+- str2key.c cfb64ede.c ofb64ede.c \
+- read2pwd.c
+-
+-LIBOBJ= set_key.o ecb_enc.o cbc_enc.o \
+- ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o \
+- enc_read.o enc_writ.o ofb64enc.o \
+- ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o \
+- ${DES_ENC} \
+- fcrypt.o xcbc_enc.o rpc_enc.o cbc_cksm.o \
+- read2pwd.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= des_locl.h rpc_des.h spr.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-des_enc-sparc.S: asm/des_enc.m4
+- m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S
+-dest4-sparcv9.S: asm/dest4-sparcv9.pl
+- $(PERL) asm/dest4-sparcv9.pl $(PERLASM_SCHEME) $@
+-
+-des-586.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+- $(PERL) asm/des-586.pl $(PERLASM_SCHEME) $(CFLAGS) $@
+-crypt586.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+- $(PERL) asm/crypt586.pl $(PERLASM_SCHEME) $(CFLAGS) $@
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/des/asm/crypt586.pl b/crypto/des/asm/crypt586.pl
+index d94528f..d5911a1 100644
+--- a/crypto/des/asm/crypt586.pl
++++ b/crypto/des/asm/crypt586.pl
+@@ -1,10 +1,13 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ # The inner loop instruction sequence and the IP/FP modifications are from
+ # Svend Olaf Mikkelsen <svolaf at inet.uni-c.dk>
+-# I've added the stuff needed for crypt() but I've not worried about making
+-# things perfect.
+-#
+
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+ push(@INC,"${dir}","${dir}../../perlasm");
+diff --git a/crypto/des/asm/des-586.pl b/crypto/des/asm/des-586.pl
+index e56eae4..3d7c7f1 100644
+--- a/crypto/des/asm/des-586.pl
++++ b/crypto/des/asm/des-586.pl
+@@ -1,8 +1,13 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ # The inner loop instruction sequence and the IP/FP modifications are from
+ # Svend Olaf Mikkelsen <svolaf at inet.uni-c.dk>
+-#
+
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+ push(@INC,"${dir}","${dir}../../perlasm");
+diff --git a/crypto/des/asm/desboth.pl b/crypto/des/asm/desboth.pl
+index eec0088..76759fb 100644
+--- a/crypto/des/asm/desboth.pl
++++ b/crypto/des/asm/desboth.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $L="edi";
+ $R="esi";
+diff --git a/crypto/des/asm/dest4-sparcv9.pl b/crypto/des/asm/dest4-sparcv9.pl
+index 858df0b..1d4f0d1 100644
+--- a/crypto/des/asm/dest4-sparcv9.pl
++++ b/crypto/des/asm/dest4-sparcv9.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by David S. Miller <davem at devemloft.net> and Andy Polyakov
+diff --git a/crypto/des/build.info b/crypto/des/build.info
+index 10927cc..c0306cf 100644
+--- a/crypto/des/build.info
++++ b/crypto/des/build.info
+@@ -1,12 +1,11 @@
+ LIBS=../../libcrypto
+ SOURCE[../../libcrypto]=\
+ set_key.c ecb_enc.c cbc_enc.c \
+- ecb3_enc.c cfb64enc.c cfb64ede.c cfb_enc.c ofb64ede.c \
+- enc_read.c enc_writ.c ofb64enc.c \
+- ofb_enc.c str2key.c pcbc_enc.c qud_cksm.c rand_key.c \
++ ecb3_enc.c cfb64enc.c cfb64ede.c cfb_enc.c \
++ ofb64ede.c ofb64enc.c ofb_enc.c \
++ str2key.c pcbc_enc.c qud_cksm.c rand_key.c \
+ {- $target{des_asm_src} -} \
+- fcrypt.c xcbc_enc.c rpc_enc.c cbc_cksm.c \
+- read2pwd.c
++ fcrypt.c xcbc_enc.c rpc_enc.c cbc_cksm.c
+
+ GENERATE[des_enc-sparc.S]=asm/des_enc.m4
+ GENERATE[dest4-sparcv9.S]=asm/dest4-sparcv9.pl $(PERLASM_SCHEME)
+diff --git a/crypto/des/cbc_cksm.c b/crypto/des/cbc_cksm.c
+index 1903765..a7bf068 100644
+--- a/crypto/des/cbc_cksm.c
++++ b/crypto/des/cbc_cksm.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "des_locl.h"
+diff --git a/crypto/des/cbc_enc.c b/crypto/des/cbc_enc.c
+index 5b84e84..92e773f 100644
+--- a/crypto/des/cbc_enc.c
++++ b/crypto/des/cbc_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #define CBC_ENC_C__DONT_UPDATE_IV
+diff --git a/crypto/des/cfb64ede.c b/crypto/des/cfb64ede.c
+index 4922245..5edb979 100644
+--- a/crypto/des/cfb64ede.c
++++ b/crypto/des/cfb64ede.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "des_locl.h"
+diff --git a/crypto/des/cfb64enc.c b/crypto/des/cfb64enc.c
+index f9dce3d..96de51b 100644
+--- a/crypto/des/cfb64enc.c
++++ b/crypto/des/cfb64enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "des_locl.h"
+diff --git a/crypto/des/cfb_enc.c b/crypto/des/cfb_enc.c
+index dd213b0..6c428ba 100644
+--- a/crypto/des/cfb_enc.c
++++ b/crypto/des/cfb_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "e_os.h"
+diff --git a/crypto/des/des_enc.c b/crypto/des/des_enc.c
+index 1f827f2..600f6df 100644
+--- a/crypto/des/des_enc.c
++++ b/crypto/des/des_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/des/des_locl.h b/crypto/des/des_locl.h
+index 7ed783c..53881d4 100644
+--- a/crypto/des/des_locl.h
++++ b/crypto/des/des_locl.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_DES_LOCL_H
+@@ -60,38 +12,12 @@
+
+ # include <openssl/e_os2.h>
+
+-# if defined(OPENSSL_SYS_WIN32)
+-# ifndef OPENSSL_SYS_MSDOS
+-# define OPENSSL_SYS_MSDOS
+-# endif
+-# endif
+-
+ # include <stdio.h>
+ # include <stdlib.h>
++# include <string.h>
+
+-# ifndef OPENSSL_SYS_MSDOS
+-# if !defined(OPENSSL_SYS_VMS) || defined(__DECC)
+-# ifdef OPENSSL_UNISTD
+-# include OPENSSL_UNISTD
+-# else
+-# include <unistd.h>
+-# endif
+-# include <math.h>
+-# endif
+-# endif
+ # include <openssl/des.h>
+
+-# ifdef OPENSSL_SYS_MSDOS /* Visual C++ 2.1 (Windows NT/95) */
+-# include <stdlib.h>
+-# include <errno.h>
+-# include <time.h>
+-# include <io.h>
+-# endif
+-
+-# if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
+-# include <string.h>
+-# endif
+-
+ # ifdef OPENSSL_BUILD_SHLIBCRYPTO
+ # undef OPENSSL_EXTERN
+ # define OPENSSL_EXTERN OPENSSL_EXPORT
+diff --git a/crypto/des/ecb3_enc.c b/crypto/des/ecb3_enc.c
+index e96dd9e..6ac89d4 100644
+--- a/crypto/des/ecb3_enc.c
++++ b/crypto/des/ecb3_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "des_locl.h"
+diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c
+index 109ffd4..bd130c6 100644
+--- a/crypto/des/ecb_enc.c
++++ b/crypto/des/ecb_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "des_locl.h"
+diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c
+deleted file mode 100644
+index a37e753..0000000
+--- a/crypto/des/enc_read.c
++++ /dev/null
+@@ -1,234 +0,0 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-
+-#include <stdio.h>
+-#include <errno.h>
+-#include "internal/cryptlib.h"
+-#include "des_locl.h"
+-
+-/* This has some uglies in it but it works - even over sockets. */
+-/*
+- * extern int errno;
+- */
+-OPENSSL_IMPLEMENT_GLOBAL(int, DES_rw_mode, DES_PCBC_MODE)
+-
+-/*-
+- * WARNINGS:
+- *
+- * - The data format used by DES_enc_write() and DES_enc_read()
+- * has a cryptographic weakness: When asked to write more
+- * than MAXWRITE bytes, DES_enc_write will split the data
+- * into several chunks that are all encrypted
+- * using the same IV. So don't use these functions unless you
+- * are sure you know what you do (in which case you might
+- * not want to use them anyway).
+- *
+- * - This code cannot handle non-blocking sockets.
+- *
+- * - This function uses an internal state and thus cannot be
+- * used on multiple files.
+- */
+-int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
+- DES_cblock *iv)
+-{
+-#if defined(OPENSSL_NO_POSIX_IO)
+- return (0);
+-#else
+- /* data to be unencrypted */
+- int net_num = 0;
+- static unsigned char *net = NULL;
+- /*
+- * extra unencrypted data for when a block of 100 comes in but is
+- * des_read one byte at a time.
+- */
+- static unsigned char *unnet = NULL;
+- static int unnet_start = 0;
+- static int unnet_left = 0;
+- static unsigned char *tmpbuf = NULL;
+- int i;
+- long num = 0, rnum;
+- unsigned char *p;
+-
+- if (tmpbuf == NULL) {
+- tmpbuf = OPENSSL_malloc(BSIZE);
+- if (tmpbuf == NULL)
+- return (-1);
+- }
+- if (net == NULL) {
+- net = OPENSSL_malloc(BSIZE);
+- if (net == NULL)
+- return (-1);
+- }
+- if (unnet == NULL) {
+- unnet = OPENSSL_malloc(BSIZE);
+- if (unnet == NULL)
+- return (-1);
+- }
+- /* left over data from last decrypt */
+- if (unnet_left != 0) {
+- if (unnet_left < len) {
+- /*
+- * we still still need more data but will return with the number
+- * of bytes we have - should always check the return value
+- */
+- memcpy(buf, &(unnet[unnet_start]), unnet_left);
+- /*
+- * eay 26/08/92 I had the next 2 lines reversed :-(
+- */
+- i = unnet_left;
+- unnet_start = unnet_left = 0;
+- } else {
+- memcpy(buf, &(unnet[unnet_start]), len);
+- unnet_start += len;
+- unnet_left -= len;
+- i = len;
+- }
+- return (i);
+- }
+-
+- /* We need to get more data. */
+- if (len > MAXWRITE)
+- len = MAXWRITE;
+-
+- /* first - get the length */
+- while (net_num < HDRSIZE) {
+-# ifndef OPENSSL_SYS_WIN32
+- i = read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
+-# else
+- i = _read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
+-# endif
+-# ifdef EINTR
+- if ((i == -1) && (errno == EINTR))
+- continue;
+-# endif
+- if (i <= 0)
+- return (0);
+- net_num += i;
+- }
+-
+- /* we now have at net_num bytes in net */
+- p = net;
+- /* num=0; */
+- n2l(p, num);
+- /*
+- * num should be rounded up to the next group of eight we make sure that
+- * we have read a multiple of 8 bytes from the net.
+- */
+- if ((num > MAXWRITE) || (num < 0)) /* error */
+- return (-1);
+- rnum = (num < 8) ? 8 : ((num + 7) / 8 * 8);
+-
+- net_num = 0;
+- while (net_num < rnum) {
+-# ifndef OPENSSL_SYS_WIN32
+- i = read(fd, (void *)&(net[net_num]), rnum - net_num);
+-# else
+- i = _read(fd, (void *)&(net[net_num]), rnum - net_num);
+-# endif
+-# ifdef EINTR
+- if ((i == -1) && (errno == EINTR))
+- continue;
+-# endif
+- if (i <= 0)
+- return (0);
+- net_num += i;
+- }
+-
+- /* Check if there will be data left over. */
+- if (len < num) {
+- if (DES_rw_mode & DES_PCBC_MODE)
+- DES_pcbc_encrypt(net, unnet, num, sched, iv, DES_DECRYPT);
+- else
+- DES_cbc_encrypt(net, unnet, num, sched, iv, DES_DECRYPT);
+- memcpy(buf, unnet, len);
+- unnet_start = len;
+- unnet_left = num - len;
+-
+- /*
+- * The following line is done because we return num as the number of
+- * bytes read.
+- */
+- num = len;
+- } else {
+- /*-
+- * >output is a multiple of 8 byes, if len < rnum
+- * >we must be careful. The user must be aware that this
+- * >routine will write more bytes than he asked for.
+- * >The length of the buffer must be correct.
+- * FIXED - Should be ok now 18-9-90 - eay */
+- if (len < rnum) {
+-
+- if (DES_rw_mode & DES_PCBC_MODE)
+- DES_pcbc_encrypt(net, tmpbuf, num, sched, iv, DES_DECRYPT);
+- else
+- DES_cbc_encrypt(net, tmpbuf, num, sched, iv, DES_DECRYPT);
+-
+- /*
+- * eay 26/08/92 fix a bug that returned more bytes than you asked
+- * for (returned len bytes :-(
+- */
+- memcpy(buf, tmpbuf, num);
+- } else {
+- if (DES_rw_mode & DES_PCBC_MODE)
+- DES_pcbc_encrypt(net, buf, num, sched, iv, DES_DECRYPT);
+- else
+- DES_cbc_encrypt(net, buf, num, sched, iv, DES_DECRYPT);
+- }
+- }
+- return num;
+-#endif /* OPENSSL_NO_POSIX_IO */
+-}
+diff --git a/crypto/des/enc_writ.c b/crypto/des/enc_writ.c
+deleted file mode 100644
+index dd1c0f9..0000000
+--- a/crypto/des/enc_writ.c
++++ /dev/null
+@@ -1,180 +0,0 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-
+-#include <errno.h>
+-#include <time.h>
+-#include <stdio.h>
+-#include "internal/cryptlib.h"
+-#include "des_locl.h"
+-#include <openssl/rand.h>
+-
+-/*-
+- * WARNINGS:
+- *
+- * - The data format used by DES_enc_write() and DES_enc_read()
+- * has a cryptographic weakness: When asked to write more
+- * than MAXWRITE bytes, DES_enc_write will split the data
+- * into several chunks that are all encrypted
+- * using the same IV. So don't use these functions unless you
+- * are sure you know what you do (in which case you might
+- * not want to use them anyway).
+- *
+- * - This code cannot handle non-blocking sockets.
+- */
+-
+-int DES_enc_write(int fd, const void *_buf, int len,
+- DES_key_schedule *sched, DES_cblock *iv)
+-{
+-#if defined(OPENSSL_NO_POSIX_IO)
+- return (-1);
+-#else
+-# ifdef _LIBC
+- extern unsigned long time();
+- extern int write();
+-# endif
+- const unsigned char *buf = _buf;
+- long rnum;
+- int i, j, k, outnum;
+- static unsigned char *outbuf = NULL;
+- unsigned char shortbuf[8];
+- unsigned char *p;
+- const unsigned char *cp;
+- static int start = 1;
+-
+- if (len < 0)
+- return -1;
+-
+- if (outbuf == NULL) {
+- outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);
+- if (outbuf == NULL)
+- return (-1);
+- }
+- /*
+- * If we are sending less than 8 bytes, the same char will look the same
+- * if we don't pad it out with random bytes
+- */
+- if (start) {
+- start = 0;
+- }
+-
+- /* lets recurse if we want to send the data in small chunks */
+- if (len > MAXWRITE) {
+- j = 0;
+- for (i = 0; i < len; i += k) {
+- k = DES_enc_write(fd, &(buf[i]),
+- ((len - i) > MAXWRITE) ? MAXWRITE : (len - i),
+- sched, iv);
+- if (k < 0)
+- return (k);
+- else
+- j += k;
+- }
+- return (j);
+- }
+-
+- /* write length first */
+- p = outbuf;
+- l2n(len, p);
+-
+- /* pad short strings */
+- if (len < 8) {
+- cp = shortbuf;
+- memcpy(shortbuf, buf, len);
+- if (RAND_bytes(shortbuf + len, 8 - len) <= 0)
+- return -1;
+- rnum = 8;
+- } else {
+- cp = buf;
+- rnum = ((len + 7) / 8 * 8); /* round up to nearest eight */
+- }
+-
+- if (DES_rw_mode & DES_PCBC_MODE)
+- DES_pcbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
+- iv, DES_ENCRYPT);
+- else
+- DES_cbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
+- iv, DES_ENCRYPT);
+-
+- /* output */
+- outnum = rnum + HDRSIZE;
+-
+- for (j = 0; j < outnum; j += i) {
+- /*
+- * eay 26/08/92 I was not doing writing from where we got up to.
+- */
+-# ifndef _WIN32
+- i = write(fd, (void *)&(outbuf[j]), outnum - j);
+-# else
+- i = _write(fd, (void *)&(outbuf[j]), outnum - j);
+-# endif
+- if (i == -1) {
+-# ifdef EINTR
+- if (errno == EINTR)
+- i = 0;
+- else
+-# endif
+- /*
+- * This is really a bad error - very bad It will stuff-up
+- * both ends.
+- */
+- return (-1);
+- }
+- }
+-
+- return (len);
+-#endif /* OPENSSL_NO_POSIX_IO */
+-}
+diff --git a/crypto/des/fcrypt.c b/crypto/des/fcrypt.c
+index 0c7484c..b52f486 100644
+--- a/crypto/des/fcrypt.c
++++ b/crypto/des/fcrypt.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* NOCW */
+ #include <stdio.h>
+ #ifdef _OSD_POSIX
+@@ -9,19 +18,6 @@
+ # include <openssl/ebcdic.h>
+ #endif
+
+-/*
+- * This version of crypt has been developed from my MIT compatible DES
+- * library. Eric Young (eay at cryptsoft.com)
+- */
+-
+-/*
+- * Modification by Jens Kupferschmidt (Cu) I have included directive PARA for
+- * shared memory computers. I have included a directive LONGCRYPT to using
+- * this routine to cipher passwords with more then 8 bytes like HP-UX 10.x it
+- * used. The MAXPLEN definition is the maximum of length of password and can
+- * changed. I have defined 24.
+- */
+-
+ #include <openssl/crypto.h>
+ #include "des_locl.h"
+
+diff --git a/crypto/des/fcrypt_b.c b/crypto/des/fcrypt_b.c
+index 6e02ac7..fe2369a 100644
+--- a/crypto/des/fcrypt_b.c
++++ b/crypto/des/fcrypt_b.c
+@@ -1,68 +1,14 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+
+-/*
+- * This version of crypt has been developed from my MIT compatible DES
+- * library. The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
+- * Eric Young (eay at cryptsoft.com)
+- */
+-
+ #define DES_FCRYPT
+ #include "des_locl.h"
+ #undef DES_FCRYPT
+diff --git a/crypto/des/ncbc_enc.c b/crypto/des/ncbc_enc.c
+index 208615d..244f15c 100644
+--- a/crypto/des/ncbc_enc.c
++++ b/crypto/des/ncbc_enc.c
+@@ -1,64 +1,17 @@
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /*-
+ * #included by:
+ * cbc_enc.c (DES_cbc_encrypt)
+ * des_enc.c (DES_ncbc_encrypt)
+ */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+
+ #include "des_locl.h"
+
+diff --git a/crypto/des/ofb64ede.c b/crypto/des/ofb64ede.c
+index 97d4f61..a551a07 100644
+--- a/crypto/des/ofb64ede.c
++++ b/crypto/des/ofb64ede.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "des_locl.h"
+diff --git a/crypto/des/ofb64enc.c b/crypto/des/ofb64enc.c
+index 53c558f..30976c8 100644
+--- a/crypto/des/ofb64enc.c
++++ b/crypto/des/ofb64enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "des_locl.h"
+diff --git a/crypto/des/ofb_enc.c b/crypto/des/ofb_enc.c
+index c37709b..65a9b86 100644
+--- a/crypto/des/ofb_enc.c
++++ b/crypto/des/ofb_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "des_locl.h"
+diff --git a/crypto/des/pcbc_enc.c b/crypto/des/pcbc_enc.c
+index 91a6caf..0fa058f 100644
+--- a/crypto/des/pcbc_enc.c
++++ b/crypto/des/pcbc_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "des_locl.h"
+diff --git a/crypto/des/qud_cksm.c b/crypto/des/qud_cksm.c
+index 1ff0b75..8710cec 100644
+--- a/crypto/des/qud_cksm.c
++++ b/crypto/des/qud_cksm.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/des/rand_key.c b/crypto/des/rand_key.c
+index da95bfe..61e4f9d 100644
+--- a/crypto/des/rand_key.c
++++ b/crypto/des/rand_key.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/des.h>
+diff --git a/crypto/des/read2pwd.c b/crypto/des/read2pwd.c
+deleted file mode 100644
+index 748d0e6..0000000
+--- a/crypto/des/read2pwd.c
++++ /dev/null
+@@ -1,146 +0,0 @@
+-/* ====================================================================
+- * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-
+-#include <string.h>
+-#include <openssl/des.h>
+-#include <openssl/ui.h>
+-#include <openssl/crypto.h>
+-
+-#ifndef OPENSSL_NO_UI
+-
+-#ifndef BUFSIZ
+-#define BUFSIZ 256
+-#endif
+-
+-int DES_read_password(DES_cblock *key, const char *prompt, int verify)
+-{
+- int ok;
+- char buf[BUFSIZ], buff[BUFSIZ];
+-
+- if ((ok = UI_UTIL_read_pw(buf, buff, BUFSIZ, prompt, verify)) == 0)
+- DES_string_to_key(buf, key);
+- OPENSSL_cleanse(buf, BUFSIZ);
+- OPENSSL_cleanse(buff, BUFSIZ);
+- return (ok);
+-}
+-
+-int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
+- const char *prompt, int verify)
+-{
+- int ok;
+- char buf[BUFSIZ], buff[BUFSIZ];
+-
+- if ((ok = UI_UTIL_read_pw(buf, buff, BUFSIZ, prompt, verify)) == 0)
+- DES_string_to_2keys(buf, key1, key2);
+- OPENSSL_cleanse(buf, BUFSIZ);
+- OPENSSL_cleanse(buff, BUFSIZ);
+- return (ok);
+-}
+-#endif
+diff --git a/crypto/des/rpc_des.h b/crypto/des/rpc_des.h
+index 727e285..fe59e22 100644
+--- a/crypto/des/rpc_des.h
++++ b/crypto/des/rpc_des.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* @(#)des.h 2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI */
+diff --git a/crypto/des/rpc_enc.c b/crypto/des/rpc_enc.c
+index 76cdd0c..bfa8511 100644
+--- a/crypto/des/rpc_enc.c
++++ b/crypto/des/rpc_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "rpc_des.h"
+diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
+index d9fc921..93adff3 100644
+--- a/crypto/des/set_key.c
++++ b/crypto/des/set_key.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*-
+diff --git a/crypto/des/spr.h b/crypto/des/spr.h
+index cd55a45..42adfbf 100644
+--- a/crypto/des/spr.h
++++ b/crypto/des/spr.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ OPENSSL_GLOBAL const DES_LONG DES_SPtrans[8][64] = {
+diff --git a/crypto/des/str2key.c b/crypto/des/str2key.c
+index e671d14..4dc661f 100644
+--- a/crypto/des/str2key.c
++++ b/crypto/des/str2key.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/des/xcbc_enc.c b/crypto/des/xcbc_enc.c
+index 11ee004..c4e455d 100644
+--- a/crypto/des/xcbc_enc.c
++++ b/crypto/des/xcbc_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "des_locl.h"
+diff --git a/crypto/dh/Makefile.in b/crypto/dh/Makefile.in
+deleted file mode 100644
+index 205909a..0000000
+--- a/crypto/dh/Makefile.in
++++ /dev/null
+@@ -1,45 +0,0 @@
+-#
+-# OpenSSL/crypto/dh/Makefile
+-#
+-
+-DIR= dh
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c \
+- dh_ameth.c dh_pmeth.c dh_prn.c dh_rfc5114.c dh_kdf.c dh_meth.c
+-LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o \
+- dh_ameth.o dh_pmeth.o dh_prn.o dh_rfc5114.o dh_kdf.o dh_meth.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c
+index 54d5ba5..222cb20 100644
+--- a/crypto/dh/dh_ameth.c
++++ b/crypto/dh/dh_ameth.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c
+index aa80291..7c72fd6 100644
+--- a/crypto/dh/dh_asn1.c
++++ b/crypto/dh/dh_asn1.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
+index 5d14265..523e31d 100644
+--- a/crypto/dh/dh_check.c
++++ b/crypto/dh/dh_check.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dh/dh_depr.c b/crypto/dh/dh_depr.c
+index 90ce0b0..f8ed1b7 100644
+--- a/crypto/dh/dh_depr.c
++++ b/crypto/dh/dh_depr.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* This file contains deprecated functions as wrappers to the new ones */
+diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
+index 4778b8d..a5348b1 100644
+--- a/crypto/dh/dh_err.c
++++ b/crypto/dh/dh_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -75,6 +25,9 @@ static ERR_STRING_DATA DH_str_functs[] = {
+ {ERR_FUNC(DH_F_DH_CMS_DECRYPT), "dh_cms_decrypt"},
+ {ERR_FUNC(DH_F_DH_CMS_SET_PEERKEY), "dh_cms_set_peerkey"},
+ {ERR_FUNC(DH_F_DH_CMS_SET_SHARED_INFO), "dh_cms_set_shared_info"},
++ {ERR_FUNC(DH_F_DH_METH_DUP), "DH_meth_dup"},
++ {ERR_FUNC(DH_F_DH_METH_NEW), "DH_meth_new"},
++ {ERR_FUNC(DH_F_DH_METH_SET1_NAME), "DH_meth_set1_name"},
+ {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
+ {ERR_FUNC(DH_F_DH_PARAM_DECODE), "dh_param_decode"},
+ {ERR_FUNC(DH_F_DH_PRIV_DECODE), "dh_priv_decode"},
+@@ -83,7 +36,6 @@ static ERR_STRING_DATA DH_str_functs[] = {
+ {ERR_FUNC(DH_F_DH_PUB_ENCODE), "dh_pub_encode"},
+ {ERR_FUNC(DH_F_DO_DH_PRINT), "do_dh_print"},
+ {ERR_FUNC(DH_F_GENERATE_KEY), "generate_key"},
+- {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"},
+ {ERR_FUNC(DH_F_PKEY_DH_DERIVE), "pkey_dh_derive"},
+ {ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "pkey_dh_keygen"},
+ {0, NULL}
+@@ -97,7 +49,6 @@ static ERR_STRING_DATA DH_str_reasons[] = {
+ {ERR_REASON(DH_R_INVALID_PUBKEY), "invalid public key"},
+ {ERR_REASON(DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
+ {ERR_REASON(DH_R_KEYS_NOT_SET), "keys not set"},
+- {ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL), "key size too small"},
+ {ERR_REASON(DH_R_MODULUS_TOO_LARGE), "modulus too large"},
+ {ERR_REASON(DH_R_NO_PARAMETERS_SET), "no parameters set"},
+ {ERR_REASON(DH_R_NO_PRIVATE_VALUE), "no private value"},
+diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c
+index 5c96dac..27ecb98 100644
+--- a/crypto/dh/dh_gen.c
++++ b/crypto/dh/dh_gen.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c
+index 6c31fec..f2f3d24 100644
+--- a/crypto/dh/dh_kdf.c
++++ b/crypto/dh/dh_kdf.c
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Stephen Henson for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <e_os.h>
+diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
+index d957550..9b79f39 100644
+--- a/crypto/dh/dh_key.c
++++ b/crypto/dh/dh_key.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
+index bf9f8d3..8645b67 100644
+--- a/crypto/dh/dh_lib.c
++++ b/crypto/dh/dh_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -109,13 +61,20 @@ DH *DH_new_method(ENGINE *engine)
+ return NULL;
+ }
+
++ ret->references = 1;
++ ret->lock = CRYPTO_THREAD_lock_new();
++ if (ret->lock == NULL) {
++ OPENSSL_free(ret);
++ return NULL;
++ }
++
+ ret->meth = DH_get_default_method();
+ #ifndef OPENSSL_NO_ENGINE
++ ret->flags = ret->meth->flags; /* early default init */
+ if (engine) {
+ if (!ENGINE_init(engine)) {
+ DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
+- OPENSSL_free(ret);
+- return NULL;
++ goto err;
+ }
+ ret->engine = engine;
+ } else
+@@ -124,29 +83,19 @@ DH *DH_new_method(ENGINE *engine)
+ ret->meth = ENGINE_get_DH(ret->engine);
+ if (ret->meth == NULL) {
+ DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
+- ENGINE_finish(ret->engine);
+- OPENSSL_free(ret);
+- return NULL;
++ goto err;
+ }
+ }
+ #endif
+
+- ret->references = 1;
+ ret->flags = ret->meth->flags;
+
+- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
+-
+- ret->lock = CRYPTO_THREAD_lock_new();
+- if (ret->lock == NULL) {
+-#ifndef OPENSSL_NO_ENGINE
+- ENGINE_finish(ret->engine);
+-#endif
+- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
+- OPENSSL_free(ret);
+- return NULL;
+- }
++ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data))
++ goto err;
+
+ if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
++ DHerr(DH_F_DH_NEW_METHOD, ERR_R_INIT_FAIL);
++err:
+ DH_free(ret);
+ ret = NULL;
+ }
+@@ -245,15 +194,27 @@ void DH_get0_pqg(const DH *dh, BIGNUM **p, BIGNUM **q, BIGNUM **g)
+
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
+ {
+- /* q is optional */
+- if (p == NULL || g == NULL)
++ /* If the fields p and g in d are NULL, the corresponding input
++ * parameters MUST be non-NULL. q may remain NULL.
++ *
++ * It is an error to give the results from get0 on d
++ * as input parameters.
++ */
++ if (p == dh->p || (dh->q != NULL && q == dh->q) || g == dh->g)
+ return 0;
+- BN_free(dh->p);
+- BN_free(dh->q);
+- BN_free(dh->g);
+- dh->p = p;
+- dh->q = q;
+- dh->g = g;
++
++ if (p != NULL) {
++ BN_free(dh->p);
++ dh->p = p;
++ }
++ if (q != NULL) {
++ BN_free(dh->q);
++ dh->q = q;
++ }
++ if (g != NULL) {
++ BN_free(dh->g);
++ dh->g = g;
++ }
+
+ if (q != NULL) {
+ dh->length = BN_num_bits(q);
+@@ -283,14 +244,25 @@ void DH_get0_key(const DH *dh, BIGNUM **pub_key, BIGNUM **priv_key)
+
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
+ {
+- /* Note that it is valid for priv_key to be NULL */
+- if (pub_key == NULL)
++ /* If the pub_key in dh is NULL, the corresponding input
++ * parameters MUST be non-NULL. The priv_key field may
++ * be left NULL.
++ *
++ * It is an error to give the results from get0 on dh
++ * as input parameters.
++ */
++ if (dh->pub_key == pub_key
++ || (dh->priv_key != NULL && priv_key == dh->priv_key))
+ return 0;
+
+- BN_free(dh->pub_key);
+- BN_free(dh->priv_key);
+- dh->pub_key = pub_key;
+- dh->priv_key = priv_key;
++ if (pub_key != NULL) {
++ BN_free(dh->pub_key);
++ dh->pub_key = pub_key;
++ }
++ if (priv_key != NULL) {
++ BN_free(dh->priv_key);
++ dh->priv_key = priv_key;
++ }
+
+ return 1;
+ }
+diff --git a/crypto/dh/dh_locl.h b/crypto/dh/dh_locl.h
+index 46e4bc7..19301c3 100644
+--- a/crypto/dh/dh_locl.h
++++ b/crypto/dh/dh_locl.h
+@@ -1,11 +1,10 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #include <openssl/dh.h>
+diff --git a/crypto/dh/dh_meth.c b/crypto/dh/dh_meth.c
+index 0bc5e53..45753b6 100644
+--- a/crypto/dh/dh_meth.c
++++ b/crypto/dh/dh_meth.c
+@@ -1,16 +1,15 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+-
+ #include "dh_locl.h"
+ #include <string.h>
++#include <openssl/err.h>
+
+ DH_METHOD *DH_meth_new(const char *name, int flags)
+ {
+@@ -18,6 +17,11 @@ DH_METHOD *DH_meth_new(const char *name, int flags)
+
+ if (dhm != NULL) {
+ dhm->name = OPENSSL_strdup(name);
++ if (dhm->name == NULL) {
++ OPENSSL_free(dhm);
++ DHerr(DH_F_DH_METH_NEW, ERR_R_MALLOC_FAILURE);
++ return NULL;
++ }
+ dhm->flags = flags;
+ }
+
+@@ -27,8 +31,7 @@ DH_METHOD *DH_meth_new(const char *name, int flags)
+ void DH_meth_free(DH_METHOD *dhm)
+ {
+ if (dhm != NULL) {
+- if (dhm->name != NULL)
+- OPENSSL_free(dhm->name);
++ OPENSSL_free(dhm->name);
+ OPENSSL_free(dhm);
+ }
+ }
+@@ -42,6 +45,11 @@ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm)
+ if (ret != NULL) {
+ memcpy(ret, dhm, sizeof(*dhm));
+ ret->name = OPENSSL_strdup(dhm->name);
++ if (ret->name == NULL) {
++ OPENSSL_free(ret);
++ DHerr(DH_F_DH_METH_DUP, ERR_R_MALLOC_FAILURE);
++ return NULL;
++ }
+ }
+
+ return ret;
+@@ -54,10 +62,18 @@ const char *DH_meth_get0_name(const DH_METHOD *dhm)
+
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name)
+ {
++ char *tmpname;
++
++ tmpname = OPENSSL_strdup(name);
++ if (tmpname == NULL) {
++ DHerr(DH_F_DH_METH_SET1_NAME, ERR_R_MALLOC_FAILURE);
++ return 0;
++ }
++
+ OPENSSL_free(dhm->name);
+- dhm->name = OPENSSL_strdup(name);
++ dhm->name = tmpname;
+
+- return dhm->name != NULL;
++ return 1;
+ }
+
+ int DH_meth_get_flags(DH_METHOD *dhm)
+diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
+index 5d357a3..c3e03c7 100644
+--- a/crypto/dh/dh_pmeth.c
++++ b/crypto/dh/dh_pmeth.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -112,6 +63,17 @@ static int pkey_dh_init(EVP_PKEY_CTX *ctx)
+ return 1;
+ }
+
++static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx)
++{
++ DH_PKEY_CTX *dctx = ctx->data;
++ if (dctx != NULL) {
++ OPENSSL_free(dctx->kdf_ukm);
++ ASN1_OBJECT_free(dctx->kdf_oid);
++ OPENSSL_free(dctx);
++ }
++}
++
++
+ static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+ {
+ DH_PKEY_CTX *dctx, *sctx;
+@@ -128,27 +90,19 @@ static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+
+ dctx->kdf_type = sctx->kdf_type;
+ dctx->kdf_oid = OBJ_dup(sctx->kdf_oid);
+- if (!dctx->kdf_oid)
++ if (dctx->kdf_oid == NULL)
+ return 0;
+ dctx->kdf_md = sctx->kdf_md;
+- if (dctx->kdf_ukm) {
++ if (sctx->kdf_ukm != NULL) {
+ dctx->kdf_ukm = OPENSSL_memdup(sctx->kdf_ukm, sctx->kdf_ukmlen);
++ if (dctx->kdf_ukm == NULL)
++ return 0;
+ dctx->kdf_ukmlen = sctx->kdf_ukmlen;
+ }
+ dctx->kdf_outlen = sctx->kdf_outlen;
+ return 1;
+ }
+
+-static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx)
+-{
+- DH_PKEY_CTX *dctx = ctx->data;
+- if (dctx) {
+- OPENSSL_free(dctx->kdf_ukm);
+- ASN1_OBJECT_free(dctx->kdf_oid);
+- OPENSSL_free(dctx);
+- }
+-}
+-
+ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+ {
+ DH_PKEY_CTX *dctx = ctx->data;
+diff --git a/crypto/dh/dh_prn.c b/crypto/dh/dh_prn.c
+index 4c89a14..283fb0f 100644
+--- a/crypto/dh/dh_prn.c
++++ b/crypto/dh/dh_prn.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dh/dh_rfc5114.c b/crypto/dh/dh_rfc5114.c
+index 48b199d..c4a2195 100644
+--- a/crypto/dh/dh_rfc5114.c
++++ b/crypto/dh/dh_rfc5114.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2011.
+- */
+-/* ====================================================================
+- * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dllmain.c b/crypto/dllmain.c
+index 0a229b5..91904aa 100644
+--- a/crypto/dllmain.c
++++ b/crypto/dllmain.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include "internal/cryptlib_int.h"
+
+ #if defined(_WIN32) || defined(__CYGWIN__)
+diff --git a/crypto/dsa/Makefile.in b/crypto/dsa/Makefile.in
+deleted file mode 100644
+index 145034e..0000000
+--- a/crypto/dsa/Makefile.in
++++ /dev/null
+@@ -1,47 +0,0 @@
+-#
+-# OpenSSL/crypto/dsa/Makefile
+-#
+-
+-DIR= dsa
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
+- dsa_err.c dsa_ossl.c dsa_depr.c dsa_ameth.c dsa_pmeth.c dsa_prn.c \
+- dsa_meth.c
+-LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
+- dsa_err.o dsa_ossl.o dsa_depr.o dsa_ameth.o dsa_pmeth.o dsa_prn.o \
+- dsa_meth.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= dsa_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c
+index 54cdb3d..1bb11a9 100644
+--- a/crypto/dsa/dsa_ameth.c
++++ b/crypto/dsa/dsa_ameth.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c
+index 1468fb1..93ce85f 100644
+--- a/crypto/dsa/dsa_asn1.c
++++ b/crypto/dsa/dsa_asn1.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dsa/dsa_depr.c b/crypto/dsa/dsa_depr.c
+index f50fcc0..b852fc7 100644
+--- a/crypto/dsa/dsa_depr.c
++++ b/crypto/dsa/dsa_depr.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
+index 2e29258..96bd4d3 100644
+--- a/crypto/dsa/dsa_err.c
++++ b/crypto/dsa/dsa_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -69,15 +19,15 @@
+ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason)
+
+ static ERR_STRING_DATA DSA_str_functs[] = {
+- {ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"},
+- {ERR_FUNC(DSA_F_DO_DSA_PRINT), "do_dsa_print"},
+ {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
+ {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
+- {ERR_FUNC(DSA_F_DSA_BUILTIN_KEYGEN), "DSA_BUILTIN_KEYGEN"},
+ {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"},
+ {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN2), "dsa_builtin_paramgen2"},
+ {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
+ {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
++ {ERR_FUNC(DSA_F_DSA_METH_DUP), "DSA_meth_dup"},
++ {ERR_FUNC(DSA_F_DSA_METH_NEW), "DSA_meth_new"},
++ {ERR_FUNC(DSA_F_DSA_METH_SET1_NAME), "DSA_meth_set1_name"},
+ {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
+ {ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "dsa_param_decode"},
+ {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
+@@ -87,14 +37,9 @@ static ERR_STRING_DATA DSA_str_functs[] = {
+ {ERR_FUNC(DSA_F_DSA_PUB_ENCODE), "dsa_pub_encode"},
+ {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
+ {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
+- {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
+- {ERR_FUNC(DSA_F_DSA_SIG_PRINT), "dsa_sig_print"},
+- {ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"},
+- {ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"},
+ {ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "old_dsa_priv_decode"},
+ {ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "pkey_dsa_ctrl"},
+ {ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "pkey_dsa_keygen"},
+- {ERR_FUNC(DSA_F_SIG_CB), "sig_cb"},
+ {0, NULL}
+ };
+
+@@ -102,15 +47,11 @@ static ERR_STRING_DATA DSA_str_reasons[] = {
+ {ERR_REASON(DSA_R_BAD_Q_VALUE), "bad q value"},
+ {ERR_REASON(DSA_R_BN_DECODE_ERROR), "bn decode error"},
+ {ERR_REASON(DSA_R_BN_ERROR), "bn error"},
+- {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
+- "data too large for key size"},
+ {ERR_REASON(DSA_R_DECODE_ERROR), "decode error"},
+ {ERR_REASON(DSA_R_INVALID_DIGEST_TYPE), "invalid digest type"},
+ {ERR_REASON(DSA_R_INVALID_PARAMETERS), "invalid parameters"},
+- {ERR_REASON(DSA_R_KEY_SIZE_TOO_SMALL), "key size too small"},
+ {ERR_REASON(DSA_R_MISSING_PARAMETERS), "missing parameters"},
+ {ERR_REASON(DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
+- {ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
+ {ERR_REASON(DSA_R_NO_PARAMETERS_SET), "no parameters set"},
+ {ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
+ {ERR_REASON(DSA_R_Q_NOT_PRIME), "q not prime"},
+diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
+index c278d98..3dac550 100644
+--- a/crypto/dsa/dsa_gen.c
++++ b/crypto/dsa/dsa_gen.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+@@ -406,6 +358,8 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
+ X = BN_CTX_get(ctx);
+ c = BN_CTX_get(ctx);
+ test = BN_CTX_get(ctx);
++ if (test == NULL)
++ goto err;
+
+ /* if p, q already supplied generate g only */
+ if (ret->p && ret->q) {
+diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
+index 4415884..2bb8454 100644
+--- a/crypto/dsa/dsa_key.c
++++ b/crypto/dsa/dsa_key.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
+index facb97f..9294594 100644
+--- a/crypto/dsa/dsa_lib.c
++++ b/crypto/dsa/dsa_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Original version from Steven Schoch <schoch at sheba.arc.nasa.gov> */
+@@ -111,20 +63,27 @@ const DSA_METHOD *DSA_get_method(DSA *d)
+
+ DSA *DSA_new_method(ENGINE *engine)
+ {
+- DSA *ret;
++ DSA *ret = OPENSSL_zalloc(sizeof(*ret));
+
+- ret = OPENSSL_zalloc(sizeof(*ret));
+ if (ret == NULL) {
+ DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
++
++ ret->references = 1;
++ ret->lock = CRYPTO_THREAD_lock_new();
++ if (ret->lock == NULL) {
++ OPENSSL_free(ret);
++ return NULL;
++ }
++
+ ret->meth = DSA_get_default_method();
+ #ifndef OPENSSL_NO_ENGINE
++ ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; /* early default init */
+ if (engine) {
+ if (!ENGINE_init(engine)) {
+ DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+- OPENSSL_free(ret);
+- return NULL;
++ goto err;
+ }
+ ret->engine = engine;
+ } else
+@@ -133,29 +92,19 @@ DSA *DSA_new_method(ENGINE *engine)
+ ret->meth = ENGINE_get_DSA(ret->engine);
+ if (ret->meth == NULL) {
+ DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+- ENGINE_finish(ret->engine);
+- OPENSSL_free(ret);
+- return NULL;
++ goto err;
+ }
+ }
+ #endif
+
+- ret->references = 1;
+ ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
+
+- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
+-
+- ret->lock = CRYPTO_THREAD_lock_new();
+- if (ret->lock == NULL) {
+-#ifndef OPENSSL_NO_ENGINE
+- ENGINE_finish(ret->engine);
+-#endif
+- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
+- OPENSSL_free(ret);
+- return NULL;
+- }
++ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data))
++ goto err;
+
+ if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
++ DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_INIT_FAIL);
++err:
+ DSA_free(ret);
+ ret = NULL;
+ }
+@@ -315,14 +264,27 @@ void DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g)
+
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
+ {
+- if (p == NULL || q == NULL || g == NULL)
++ /* If the fields in d are NULL, the corresponding input
++ * parameters MUST be non-NULL.
++ *
++ * It is an error to give the results from get0 on d
++ * as input parameters.
++ */
++ if (p == d->p || q == d->q || g == d->g)
+ return 0;
+- BN_free(d->p);
+- BN_free(d->q);
+- BN_free(d->g);
+- d->p = p;
+- d->q = q;
+- d->g = g;
++
++ if (p != NULL) {
++ BN_free(d->p);
++ d->p = p;
++ }
++ if (q != NULL) {
++ BN_free(d->q);
++ d->q = q;
++ }
++ if (g != NULL) {
++ BN_free(d->g);
++ d->g = g;
++ }
+
+ return 1;
+ }
+@@ -337,14 +299,25 @@ void DSA_get0_key(const DSA *d, BIGNUM **pub_key, BIGNUM **priv_key)
+
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
+ {
+- /* Note that it is valid for priv_key to be NULL */
+- if (pub_key == NULL)
++ /* If the pub_key in d is NULL, the corresponding input
++ * parameters MUST be non-NULL. The priv_key field may
++ * be left NULL.
++ *
++ * It is an error to give the results from get0 on d
++ * as input parameters.
++ */
++ if (d->pub_key == pub_key
++ || (d->priv_key != NULL && priv_key == d->priv_key))
+ return 0;
+
+- BN_free(d->pub_key);
+- BN_free(d->priv_key);
+- d->pub_key = pub_key;
+- d->priv_key = priv_key;
++ if (pub_key != NULL) {
++ BN_free(d->pub_key);
++ d->pub_key = pub_key;
++ }
++ if (priv_key != NULL) {
++ BN_free(d->priv_key);
++ d->priv_key = priv_key;
++ }
+
+ return 1;
+ }
+diff --git a/crypto/dsa/dsa_locl.h b/crypto/dsa/dsa_locl.h
+index 657fbff..d488951 100644
+--- a/crypto/dsa/dsa_locl.h
++++ b/crypto/dsa/dsa_locl.h
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/dsa.h>
+diff --git a/crypto/dsa/dsa_meth.c b/crypto/dsa/dsa_meth.c
+index 816e35e..1d27cea 100644
+--- a/crypto/dsa/dsa_meth.c
++++ b/crypto/dsa/dsa_meth.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Licensed under the OpenSSL licenses, (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+@@ -8,6 +17,7 @@
+
+ #include "dsa_locl.h"
+ #include <string.h>
++#include <openssl/err.h>
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags)
+ {
+@@ -15,6 +25,11 @@ DSA_METHOD *DSA_meth_new(const char *name, int flags)
+
+ if (dsam != NULL) {
+ dsam->name = OPENSSL_strdup(name);
++ if (dsam->name == NULL) {
++ OPENSSL_free(dsam);
++ DSAerr(DSA_F_DSA_METH_NEW, ERR_R_MALLOC_FAILURE);
++ return NULL;
++ }
+ dsam->flags = flags;
+ }
+
+@@ -24,8 +39,7 @@ DSA_METHOD *DSA_meth_new(const char *name, int flags)
+ void DSA_meth_free(DSA_METHOD *dsam)
+ {
+ if (dsam != NULL) {
+- if (dsam->name != NULL)
+- OPENSSL_free(dsam->name);
++ OPENSSL_free(dsam->name);
+ OPENSSL_free(dsam);
+ }
+ }
+@@ -39,6 +53,11 @@ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *dsam)
+ if (ret != NULL) {
+ memcpy(ret, dsam, sizeof(*dsam));
+ ret->name = OPENSSL_strdup(dsam->name);
++ if (ret->name == NULL) {
++ OPENSSL_free(ret);
++ DSAerr(DSA_F_DSA_METH_DUP, ERR_R_MALLOC_FAILURE);
++ return NULL;
++ }
+ }
+
+ return ret;
+@@ -51,10 +70,18 @@ const char *DSA_meth_get0_name(const DSA_METHOD *dsam)
+
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name)
+ {
++ char *tmpname;
++
++ tmpname = OPENSSL_strdup(name);
++ if (tmpname == NULL) {
++ DSAerr(DSA_F_DSA_METH_SET1_NAME, ERR_R_MALLOC_FAILURE);
++ return 0;
++ }
++
+ OPENSSL_free(dsam->name);
+- dsam->name = OPENSSL_strdup(name);
++ dsam->name = tmpname;
+
+- return dsam->name != NULL;
++ return 1;
+ }
+
+ int DSA_meth_get_flags(DSA_METHOD *dsam)
+diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
+index 9285553..ce1da1c 100644
+--- a/crypto/dsa/dsa_ossl.c
++++ b/crypto/dsa/dsa_ossl.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Original version from Steven Schoch <schoch at sheba.arc.nasa.gov> */
+@@ -140,7 +92,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+ BN_CTX *ctx = NULL;
+ int reason = ERR_R_BN_LIB;
+ DSA_SIG *ret = NULL;
+- int noredo = 0;
+ int rv = 0;
+
+ m = BN_new();
+@@ -191,13 +142,8 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+ * Redo if r or s is zero as required by FIPS 186-3: this is very
+ * unlikely.
+ */
+- if (BN_is_zero(r) || BN_is_zero(s)) {
+- if (noredo) {
+- reason = DSA_R_NEED_NEW_SETUP_VALUES;
+- goto err;
+- }
++ if (BN_is_zero(r) || BN_is_zero(s))
+ goto redo;
+- }
+
+ rv = 1;
+
+diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
+index 8eca37f..4180958 100644
+--- a/crypto/dsa/dsa_pmeth.c
++++ b/crypto/dsa/dsa_pmeth.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dsa/dsa_prn.c b/crypto/dsa/dsa_prn.c
+index de33745..f3c20ea 100644
+--- a/crypto/dsa/dsa_prn.c
++++ b/crypto/dsa/dsa_prn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
+index b9dcd5b..5692794 100644
+--- a/crypto/dsa/dsa_sign.c
++++ b/crypto/dsa/dsa_sign.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Original version from Steven Schoch <schoch at sheba.arc.nasa.gov> */
+diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c
+index 6ce9968..a84d521 100644
+--- a/crypto/dsa/dsa_vrf.c
++++ b/crypto/dsa/dsa_vrf.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Original version from Steven Schoch <schoch at sheba.arc.nasa.gov> */
+diff --git a/crypto/dso/Makefile.in b/crypto/dso/Makefile.in
+deleted file mode 100644
+index e2fec28..0000000
+--- a/crypto/dso/Makefile.in
++++ /dev/null
+@@ -1,45 +0,0 @@
+-#
+-# OpenSSL/crypto/dso/Makefile
+-#
+-
+-DIR= dso
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c \
+- dso_openssl.c dso_win32.c dso_vms.c
+-LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o \
+- dso_openssl.o dso_win32.o dso_vms.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/dso/dso_dl.c b/crypto/dso/dso_dl.c
+index 5a138b3..bc29fb2 100644
+--- a/crypto/dso/dso_dl.c
++++ b/crypto/dso/dso_dl.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "dso_locl.h"
+@@ -115,8 +66,10 @@ static int dl_load(DSO *dso)
+ (dso->flags & DSO_FLAG_NO_NAME_TRANSLATION ? 0 :
+ DYNAMIC_PATH), 0L);
+ if (ptr == NULL) {
++ char errbuf[160];
+ DSOerr(DSO_F_DL_LOAD, DSO_R_LOAD_FAILED);
+- ERR_add_error_data(4, "filename(", filename, "): ", strerror(errno));
++ if (openssl_strerror_r(errno, errbuf, sizeof(errbuf)))
++ ERR_add_error_data(4, "filename(", filename, "): ", errbuf);
+ goto err;
+ }
+ if (!sk_push(dso->meth_data, (char *)ptr)) {
+@@ -179,8 +132,10 @@ static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname)
+ return (NULL);
+ }
+ if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) {
++ char errbuf[160];
+ DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_SYM_FAILURE);
+- ERR_add_error_data(4, "symname(", symname, "): ", strerror(errno));
++ if (openssl_strerror_r(errno, errbuf, sizeof(errbuf)))
++ ERR_add_error_data(4, "symname(", symname, "): ", errbuf);
+ return (NULL);
+ }
+ return ((DSO_FUNC_TYPE)sym);
+diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c
+index f1773c8..624052b 100644
+--- a/crypto/dso/dso_dlfcn.c
++++ b/crypto/dso/dso_dlfcn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/dso/dso_err.c b/crypto/dso/dso_err.c
+index 136c4fe..870c80b 100644
+--- a/crypto/dso/dso_err.c
++++ b/crypto/dso/dso_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c
+index a6cc700..6bb9f5f 100644
+--- a/crypto/dso/dso_lib.c
++++ b/crypto/dso/dso_lib.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "dso_locl.h"
+diff --git a/crypto/dso/dso_locl.h b/crypto/dso/dso_locl.h
+index 622e69e..1976787 100644
+--- a/crypto/dso/dso_locl.h
++++ b/crypto/dso/dso_locl.h
+@@ -1,11 +1,12 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
+- * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include "internal/cryptlib.h"
+ #include "internal/dso.h"
+diff --git a/crypto/dso/dso_openssl.c b/crypto/dso/dso_openssl.c
+index 62191d7..6626331 100644
+--- a/crypto/dso/dso_openssl.c
++++ b/crypto/dso/dso_openssl.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "dso_locl.h"
+diff --git a/crypto/dso/dso_vms.c b/crypto/dso/dso_vms.c
+index 654e766..90d387e 100644
+--- a/crypto/dso/dso_vms.c
++++ b/crypto/dso/dso_vms.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "dso_locl.h"
+@@ -150,7 +101,7 @@ static int vms_load(DSO *dso)
+ # endif /* __INITIAL_POINTER_SIZE == 64 */
+
+ const char *sp1, *sp2; /* Search result */
+- const char *ext = NULL; /* possible extension to add */
++ const char *ext = NULL; /* possible extension to add */
+
+ if (filename == NULL) {
+ DSOerr(DSO_F_VMS_LOAD, DSO_R_NO_FILENAME);
+diff --git a/crypto/dso/dso_win32.c b/crypto/dso/dso_win32.c
+index 01d2a72..4ac6e71 100644
+--- a/crypto/dso/dso_win32.c
++++ b/crypto/dso/dso_win32.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "dso_locl.h"
+diff --git a/crypto/ebcdic.c b/crypto/ebcdic.c
+index 1248cba..6871953 100644
+--- a/crypto/ebcdic.c
++++ b/crypto/ebcdic.c
+@@ -1,17 +1,103 @@
++/*
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ # include <openssl/e_os2.h>
+ #ifndef CHARSET_EBCDIC
+ NON_EMPTY_TRANSLATION_UNIT
+ #else
+
+-# include "ebcdic.h"
++# include <openssl/ebcdic.h>
+
+ /*-
+ * Initial Port for Apache-1.3 by <Martin.Kraemer at Mch.SNI.De>
+ * Adapted for OpenSSL-0.9.4 by <Martin.Kraemer at Mch.SNI.De>
+ */
+
+-# ifdef _OSD_POSIX
++# ifdef CHARSET_EBCDIC_TEST
++/*
++ * Here we're looking to test the EBCDIC code on an ASCII system so we don't do
++ * any translation in these tables at all.
++ */
++
++/* The ebcdic-to-ascii table: */
++const unsigned char os_toascii[256] = {
++ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
++ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
++ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
++ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
++ 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
++ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
++ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
++ 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
++ 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
++ 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
++ 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
++ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
++ 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
++ 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
++ 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
++ 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
++ 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
++ 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
++ 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
++ 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
++ 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
++ 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
++ 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
++ 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
++ 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
++ 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
++ 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
++ 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
++ 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
++ 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
++ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
++ 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
++};
++
++/* The ascii-to-ebcdic table: */
++const unsigned char os_toebcdic[256] = {
++ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
++ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
++ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
++ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
++ 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
++ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
++ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
++ 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
++ 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
++ 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
++ 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
++ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
++ 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
++ 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
++ 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
++ 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
++ 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
++ 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
++ 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
++ 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
++ 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
++ 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
++ 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
++ 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
++ 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
++ 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
++ 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
++ 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
++ 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
++ 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
++ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
++ 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
++};
++
++# elif defined(_OSD_POSIX)
+ /*
+ * "BS2000 OSD" is a POSIX subsystem on a main frame. It is made by Siemens
+ * AG, Germany, for their BS2000 mainframe machines. Within the POSIX
+diff --git a/crypto/ec/Makefile.in b/crypto/ec/Makefile.in
+deleted file mode 100644
+index cc5e4b6..0000000
+--- a/crypto/ec/Makefile.in
++++ /dev/null
+@@ -1,73 +0,0 @@
+-#
+-# crypto/ec/Makefile
+-#
+-
+-DIR= ec
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../include -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c\
+- ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\
+- ec2_smpl.c ec2_mult.c ec_ameth.c ec_pmeth.c eck_prn.c \
+- ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c \
+- ecp_oct.c ec2_oct.c ec_oct.c ec_kmeth.c ecdh_ossl.c ecdh_kdf.c \
+- ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c ec_25519.c curve25519.c
+-
+-LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_nist.o ec_cvt.o ec_mult.o\
+- ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\
+- ec2_smpl.o ec2_mult.o ec_ameth.o ec_pmeth.o eck_prn.o \
+- ecp_nistp224.o ecp_nistp256.o ecp_nistp521.o ecp_nistputil.o \
+- ecp_oct.o ec2_oct.o ec_oct.o ec_kmeth.o ecdh_ossl.o ecdh_kdf.o \
+- ecdsa_ossl.o ecdsa_sign.o ecdsa_vrf.o ec_25519.o curve25519.o \
+- $(EC_ASM)
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= ec_lcl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-ecp_nistz256-x86.s: asm/ecp_nistz256-x86.pl
+- $(PERL) asm/ecp_nistz256-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-
+-ecp_nistz256-x86_64.s: asm/ecp_nistz256-x86_64.pl
+- $(PERL) asm/ecp_nistz256-x86_64.pl $(PERLASM_SCHEME) $@
+-
+-ecp_nistz256-avx2.s: asm/ecp_nistz256-avx2.pl
+- $(PERL) asm/ecp_nistz256-avx2.pl $(PERLASM_SCHEME) $@
+-
+-ecp_nistz256-sparcv9.S: asm/ecp_nistz256-sparcv9.pl
+- $(PERL) asm/ecp_nistz256-sparcv9.pl $(PERLASM_SCHEME) $@
+-
+-ecp_nistz256-%.S: asm/ecp_nistz256-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-ecp_nistz256-armv4.o: ecp_nistz256-armv4.S
+-ecp_nistz256-armv8.o: ecp_nistz256-armv8.S
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/ec/asm/ecp_nistz256-armv4.pl b/crypto/ec/asm/ecp_nistz256-armv4.pl
+index 6eafaa0..62761f8 100755
+--- a/crypto/ec/asm/ecp_nistz256-armv4.pl
++++ b/crypto/ec/asm/ecp_nistz256-armv4.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/ec/asm/ecp_nistz256-armv8.pl b/crypto/ec/asm/ecp_nistz256-armv8.pl
+index 53e974b..c5c1280 100644
+--- a/crypto/ec/asm/ecp_nistz256-armv8.pl
++++ b/crypto/ec/asm/ecp_nistz256-armv8.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/ec/asm/ecp_nistz256-avx2.pl b/crypto/ec/asm/ecp_nistz256-avx2.pl
+index 43f3c1d..3bdd2cf 100755
+--- a/crypto/ec/asm/ecp_nistz256-avx2.pl
++++ b/crypto/ec/asm/ecp_nistz256-avx2.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ ##############################################################################
+ # #
+diff --git a/crypto/ec/asm/ecp_nistz256-sparcv9.pl b/crypto/ec/asm/ecp_nistz256-sparcv9.pl
+index 3c4b071..ed95b20 100755
+--- a/crypto/ec/asm/ecp_nistz256-sparcv9.pl
++++ b/crypto/ec/asm/ecp_nistz256-sparcv9.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/ec/asm/ecp_nistz256-x86.pl b/crypto/ec/asm/ecp_nistz256-x86.pl
+index 7aa9b0f..e9fa038 100755
+--- a/crypto/ec/asm/ecp_nistz256-x86.pl
++++ b/crypto/ec/asm/ecp_nistz256-x86.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/ec/asm/ecp_nistz256-x86_64.pl b/crypto/ec/asm/ecp_nistz256-x86_64.pl
+index 824d7b5..b87211d 100755
+--- a/crypto/ec/asm/ecp_nistz256-x86_64.pl
++++ b/crypto/ec/asm/ecp_nistz256-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ ##############################################################################
+ # #
+diff --git a/crypto/ec/curve25519.c b/crypto/ec/curve25519.c
+index 3dbf4ac..e535823 100644
+--- a/crypto/ec/curve25519.c
++++ b/crypto/ec/curve25519.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* This code is mostly taken from the ref10 version of Ed25519 in SUPERCOP
+@@ -670,60 +630,91 @@ static void fe_invert(fe out, const fe z) {
+ fe t3;
+ int i;
+
++ /*
++ * Compute z ** -1 = z ** (2 ** 255 - 19 - 2) with the exponent as
++ * 2 ** 255 - 21 = (2 ** 5) * (2 ** 250 - 1) + 11.
++ */
++
++ /* t0 = z ** 2 */
+ fe_sq(t0, z);
+- for (i = 1; i < 1; ++i) {
+- fe_sq(t0, t0);
+- }
++
++ /* t1 = t0 ** (2 ** 2) = z ** 8 */
+ fe_sq(t1, t0);
+- for (i = 1; i < 2; ++i) {
+- fe_sq(t1, t1);
+- }
++ fe_sq(t1, t1);
++
++ /* t1 = z * t1 = z ** 9 */
+ fe_mul(t1, z, t1);
++ /* t0 = t0 * t1 = z ** 11 -- stash t0 away for the end. */
+ fe_mul(t0, t0, t1);
++
++ /* t2 = t0 ** 2 = z ** 22 */
+ fe_sq(t2, t0);
+- for (i = 1; i < 1; ++i) {
+- fe_sq(t2, t2);
+- }
++
++ /* t1 = t1 * t2 = z ** (2 ** 5 - 1) */
+ fe_mul(t1, t1, t2);
++
++ /* t2 = t1 ** (2 ** 5) = z ** ((2 ** 5) * (2 ** 5 - 1)) */
+ fe_sq(t2, t1);
+ for (i = 1; i < 5; ++i) {
+ fe_sq(t2, t2);
+ }
++
++ /* t1 = t1 * t2 = z ** ((2 ** 5 + 1) * (2 ** 5 - 1)) = z ** (2 ** 10 - 1) */
+ fe_mul(t1, t2, t1);
++
++ /* Continuing similarly... */
++
++ /* t2 = z ** (2 ** 20 - 1) */
+ fe_sq(t2, t1);
+ for (i = 1; i < 10; ++i) {
+ fe_sq(t2, t2);
+ }
+ fe_mul(t2, t2, t1);
++
++ /* t2 = z ** (2 ** 40 - 1) */
+ fe_sq(t3, t2);
+ for (i = 1; i < 20; ++i) {
+ fe_sq(t3, t3);
+ }
+ fe_mul(t2, t3, t2);
+- fe_sq(t2, t2);
+- for (i = 1; i < 10; ++i) {
++
++ /* t2 = z ** (2 ** 10) * (2 ** 40 - 1) */
++ for (i = 0; i < 10; ++i) {
+ fe_sq(t2, t2);
+ }
++ /* t1 = z ** (2 ** 50 - 1) */
+ fe_mul(t1, t2, t1);
++
++ /* t2 = z ** (2 ** 100 - 1) */
+ fe_sq(t2, t1);
+ for (i = 1; i < 50; ++i) {
+ fe_sq(t2, t2);
+ }
+ fe_mul(t2, t2, t1);
++
++ /* t2 = z ** (2 ** 200 - 1) */
+ fe_sq(t3, t2);
+ for (i = 1; i < 100; ++i) {
+ fe_sq(t3, t3);
+ }
+ fe_mul(t2, t3, t2);
++
++ /* t2 = z ** ((2 ** 50) * (2 ** 200 - 1) */
+ fe_sq(t2, t2);
+ for (i = 1; i < 50; ++i) {
+ fe_sq(t2, t2);
+ }
++
++ /* t1 = z ** (2 ** 250 - 1) */
+ fe_mul(t1, t2, t1);
++
++ /* t1 = z ** ((2 ** 5) * (2 ** 250 - 1)) */
+ fe_sq(t1, t1);
+ for (i = 1; i < 5; ++i) {
+ fe_sq(t1, t1);
+ }
++
++ /* Recall t0 = z ** 11; out = z ** (2 ** 255 - 21) */
+ fe_mul(out, t1, t0);
+ }
+
+diff --git a/crypto/ec/ec2_mult.c b/crypto/ec/ec2_mult.c
+index c9723bf..d253eba 100644
+--- a/crypto/ec/ec2_mult.c
++++ b/crypto/ec/ec2_mult.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -12,59 +21,6 @@
+ * Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+-/* ====================================================================
+- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+
+ #include <openssl/err.h>
+
+diff --git a/crypto/ec/ec2_oct.c b/crypto/ec/ec2_oct.c
+index 8c88607..4ac96fd 100644
+--- a/crypto/ec/ec2_oct.c
++++ b/crypto/ec/ec2_oct.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -12,59 +21,6 @@
+ * Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+
+ #include <openssl/err.h>
+
+diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c
+index 8d8d853..cfeef5f 100644
+--- a/crypto/ec/ec2_smpl.c
++++ b/crypto/ec/ec2_smpl.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -12,59 +21,6 @@
+ * Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+
+ #include <openssl/err.h>
+
+diff --git a/crypto/ec/ec_25519.c b/crypto/ec/ec_25519.c
+index 3acb275..4a9e3c9 100644
+--- a/crypto/ec/ec_25519.c
++++ b/crypto/ec/ec_25519.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
+index ca354c0..684da95 100644
+--- a/crypto/ec/ec_ameth.c
++++ b/crypto/ec/ec_ameth.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
+index bc43878..9272e1f 100644
+--- a/crypto/ec/ec_asn1.c
++++ b/crypto/ec/ec_asn1.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c
+index 601559f..eeb06ec 100644
+--- a/crypto/ec/ec_check.c
++++ b/crypto/ec/ec_check.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "ec_lcl.h"
+@@ -73,9 +28,6 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
+ goto err;
+ }
+ }
+- BN_CTX_start(ctx);
+- if ((order = BN_CTX_get(ctx)) == NULL)
+- goto err;
+
+ /* check the discriminant */
+ if (!EC_GROUP_check_discriminant(group, ctx)) {
+@@ -114,8 +66,6 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
+ ret = 1;
+
+ err:
+- if (ctx != NULL)
+- BN_CTX_end(ctx);
+ BN_CTX_free(new_ctx);
+ EC_POINT_free(point);
+ return ret;
+diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c
+index a95d519..6e125f4 100644
+--- a/crypto/ec/ec_curve.c
++++ b/crypto/ec/ec_curve.c
+@@ -1,59 +1,12 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+diff --git a/crypto/ec/ec_cvt.c b/crypto/ec/ec_cvt.c
+index c995141..bfff6d6 100644
+--- a/crypto/ec/ec_cvt.c
++++ b/crypto/ec/ec_cvt.c
+@@ -1,59 +1,12 @@
+ /*
+- * Originally written by Bodo Moeller for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c
+index 8e2a7fc..56aacd4 100644
+--- a/crypto/ec/ec_err.c
++++ b/crypto/ec/ec_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -70,7 +20,6 @@
+
+ static ERR_STRING_DATA EC_str_functs[] = {
+ {ERR_FUNC(EC_F_BN_TO_FELEM), "BN_to_felem"},
+- {ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"},
+ {ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"},
+ {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"},
+ {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"},
+@@ -101,13 +50,8 @@ static ERR_STRING_DATA EC_str_functs[] = {
+ {ERR_FUNC(EC_F_ECP_NISTZ256_POINTS_MUL), "ecp_nistz256_points_mul"},
+ {ERR_FUNC(EC_F_ECP_NISTZ256_PRE_COMP_NEW), "ecp_nistz256_pre_comp_new"},
+ {ERR_FUNC(EC_F_ECP_NISTZ256_WINDOWED_MUL), "ecp_nistz256_windowed_mul"},
+- {ERR_FUNC(EC_F_ECP_NIST_MOD_192), "ECP_NIST_MOD_192"},
+- {ERR_FUNC(EC_F_ECP_NIST_MOD_224), "ECP_NIST_MOD_224"},
+- {ERR_FUNC(EC_F_ECP_NIST_MOD_256), "ECP_NIST_MOD_256"},
+- {ERR_FUNC(EC_F_ECP_NIST_MOD_521), "ECP_NIST_MOD_521"},
+ {ERR_FUNC(EC_F_EC_ASN1_GROUP2CURVE), "ec_asn1_group2curve"},
+ {ERR_FUNC(EC_F_EC_ASN1_GROUP2FIELDID), "ec_asn1_group2fieldid"},
+- {ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA), "EC_EX_DATA_set_data"},
+ {ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY),
+ "ec_GF2m_montgomery_point_multiply"},
+ {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT),
+@@ -130,8 +74,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
+ {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"},
+ {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE),
+ "ec_GFp_mont_group_set_curve"},
+- {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP),
+- "EC_GFP_MONT_GROUP_SET_CURVE_GFP"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE),
+ "ec_GFp_nistp224_group_set_curve"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP224_POINTS_MUL), "ec_GFp_nistp224_points_mul"},
+@@ -155,10 +97,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
+ "ec_GFp_simple_group_check_discriminant"},
+ {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE),
+ "ec_GFp_simple_group_set_curve"},
+- {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP),
+- "EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP"},
+- {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR),
+- "EC_GFP_SIMPLE_GROUP_SET_GENERATOR"},
+ {ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE), "ec_GFp_simple_make_affine"},
+ {ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT), "ec_GFp_simple_oct2point"},
+ {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT), "ec_GFp_simple_point2oct"},
+@@ -166,29 +104,20 @@ static ERR_STRING_DATA EC_str_functs[] = {
+ "ec_GFp_simple_points_make_affine"},
+ {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES),
+ "ec_GFp_simple_point_get_affine_coordinates"},
+- {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP),
+- "EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP"},
+ {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES),
+ "ec_GFp_simple_point_set_affine_coordinates"},
+- {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP),
+- "EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP"},
+ {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES),
+ "ec_GFp_simple_set_compressed_coordinates"},
+- {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP),
+- "EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP"},
+ {ERR_FUNC(EC_F_EC_GROUP_CHECK), "EC_GROUP_check"},
+ {ERR_FUNC(EC_F_EC_GROUP_CHECK_DISCRIMINANT),
+ "EC_GROUP_check_discriminant"},
+ {ERR_FUNC(EC_F_EC_GROUP_COPY), "EC_GROUP_copy"},
+- {ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR), "EC_GROUP_get0_generator"},
+- {ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR), "EC_GROUP_get_cofactor"},
+ {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GF2M), "EC_GROUP_get_curve_GF2m"},
+ {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"},
+ {ERR_FUNC(EC_F_EC_GROUP_GET_DEGREE), "EC_GROUP_get_degree"},
+ {ERR_FUNC(EC_F_EC_GROUP_GET_ECPARAMETERS), "EC_GROUP_get_ecparameters"},
+ {ERR_FUNC(EC_F_EC_GROUP_GET_ECPKPARAMETERS),
+ "EC_GROUP_get_ecpkparameters"},
+- {ERR_FUNC(EC_F_EC_GROUP_GET_ORDER), "EC_GROUP_get_order"},
+ {ERR_FUNC(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS),
+ "EC_GROUP_get_pentanomial_basis"},
+ {ERR_FUNC(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS),
+@@ -200,10 +129,8 @@ static ERR_STRING_DATA EC_str_functs[] = {
+ "EC_GROUP_new_from_ecparameters"},
+ {ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS),
+ "EC_GROUP_new_from_ecpkparameters"},
+- {ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT), "EC_GROUP_precompute_mult"},
+ {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M), "EC_GROUP_set_curve_GF2m"},
+ {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"},
+- {ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_SET_EXTRA_DATA"},
+ {ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"},
+ {ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"},
+ {ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"},
+@@ -234,7 +161,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
+ {ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY), "EC_POINT_is_at_infinity"},
+ {ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE), "EC_POINT_is_on_curve"},
+ {ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE), "EC_POINT_make_affine"},
+- {ERR_FUNC(EC_F_EC_POINT_MUL), "EC_POINT_mul"},
+ {ERR_FUNC(EC_F_EC_POINT_NEW), "EC_POINT_new"},
+ {ERR_FUNC(EC_F_EC_POINT_OCT2POINT), "EC_POINT_oct2point"},
+ {ERR_FUNC(EC_F_EC_POINT_POINT2OCT), "EC_POINT_point2oct"},
+@@ -249,7 +175,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
+ {ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP),
+ "EC_POINT_set_Jprojective_coordinates_GFp"},
+ {ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"},
+- {ERR_FUNC(EC_F_EC_PRE_COMP_DUP), "EC_PRE_COMP_DUP"},
+ {ERR_FUNC(EC_F_EC_PRE_COMP_NEW), "ec_pre_comp_new"},
+ {ERR_FUNC(EC_F_EC_WNAF_MUL), "ec_wNAF_mul"},
+ {ERR_FUNC(EC_F_EC_WNAF_PRECOMPUTE_MULT), "ec_wNAF_precompute_mult"},
+@@ -276,7 +201,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
+
+ static ERR_STRING_DATA EC_str_reasons[] = {
+ {ERR_REASON(EC_R_ASN1_ERROR), "asn1 error"},
+- {ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD), "asn1 unknown field"},
+ {ERR_REASON(EC_R_BAD_SIGNATURE), "bad signature"},
+ {ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"},
+ {ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"},
+@@ -312,18 +236,14 @@ static ERR_STRING_DATA EC_str_reasons[] = {
+ {ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"},
+ {ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"},
+ {ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS), "invalid trinomial basis"},
+- {ERR_REASON(EC_R_KDF_FAILED), "kdf failed"},
+ {ERR_REASON(EC_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
+ {ERR_REASON(EC_R_KEYS_NOT_SET), "keys not set"},
+ {ERR_REASON(EC_R_MISSING_PARAMETERS), "missing parameters"},
+ {ERR_REASON(EC_R_MISSING_PRIVATE_KEY), "missing private key"},
+ {ERR_REASON(EC_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
+ {ERR_REASON(EC_R_NOT_A_NIST_PRIME), "not a NIST prime"},
+- {ERR_REASON(EC_R_NOT_A_SUPPORTED_NIST_PRIME),
+- "not a supported NIST prime"},
+ {ERR_REASON(EC_R_NOT_IMPLEMENTED), "not implemented"},
+ {ERR_REASON(EC_R_NOT_INITIALIZED), "not initialized"},
+- {ERR_REASON(EC_R_NO_FIELD_MOD), "no field mod"},
+ {ERR_REASON(EC_R_NO_PARAMETERS_SET), "no parameters set"},
+ {ERR_REASON(EC_R_NO_PRIVATE_VALUE), "no private value"},
+ {ERR_REASON(EC_R_OPERATION_NOT_SUPPORTED), "operation not supported"},
+diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
+index f7948cc..b3ea1b0 100644
+--- a/crypto/ec/ec_key.c
++++ b/crypto/ec/ec_key.c
+@@ -1,59 +1,12 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions originally developed by SUN MICROSYSTEMS, INC., and
+@@ -148,28 +101,29 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, EC_KEY *src)
+ return NULL;
+ if (!EC_GROUP_copy(dest->group, src->group))
+ return NULL;
+- }
+- /* copy the public key */
+- if (src->pub_key != NULL && src->group != NULL) {
+- EC_POINT_free(dest->pub_key);
+- dest->pub_key = EC_POINT_new(src->group);
+- if (dest->pub_key == NULL)
+- return NULL;
+- if (!EC_POINT_copy(dest->pub_key, src->pub_key))
+- return NULL;
+- }
+- /* copy the private key */
+- if (src->priv_key != NULL) {
+- if (dest->priv_key == NULL) {
+- dest->priv_key = BN_new();
+- if (dest->priv_key == NULL)
++
++ /* copy the public key */
++ if (src->pub_key != NULL) {
++ EC_POINT_free(dest->pub_key);
++ dest->pub_key = EC_POINT_new(src->group);
++ if (dest->pub_key == NULL)
++ return NULL;
++ if (!EC_POINT_copy(dest->pub_key, src->pub_key))
++ return NULL;
++ }
++ /* copy the private key */
++ if (src->priv_key != NULL) {
++ if (dest->priv_key == NULL) {
++ dest->priv_key = BN_new();
++ if (dest->priv_key == NULL)
++ return NULL;
++ }
++ if (!BN_copy(dest->priv_key, src->priv_key))
++ return NULL;
++ if (src->group->meth->keycopy
++ && src->group->meth->keycopy(dest, src) == 0)
+ return NULL;
+ }
+- if (!BN_copy(dest->priv_key, src->priv_key))
+- return NULL;
+- if (src->group->meth->keycopy
+- && src->group->meth->keycopy(dest, src) == 0)
+- return NULL;
+ }
+
+
+@@ -398,8 +352,9 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
+ }
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+- goto err;
++ return 0;
+
++ BN_CTX_start(ctx);
+ point = EC_POINT_new(key->group);
+
+ if (point == NULL)
+@@ -454,6 +409,7 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
+ ok = 1;
+
+ err:
++ BN_CTX_end(ctx);
+ BN_CTX_free(ctx);
+ EC_POINT_free(point);
+ return ok;
+@@ -483,8 +439,8 @@ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key)
+ {
+ if (key->group == NULL || key->group->meth == NULL)
+ return 0;
+- if (key->group->meth->set_private
+- && key->meth->set_private(key, priv_key) == 0)
++ if (key->group->meth->set_private != NULL
++ && key->group->meth->set_private(key, priv_key) == 0)
+ return 0;
+ if (key->meth->set_private != NULL
+ && key->meth->set_private(key, priv_key) == 0)
+diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c
+index 003421e..eb469ba 100644
+--- a/crypto/ec/ec_kmeth.c
++++ b/crypto/ec/ec_kmeth.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+@@ -122,15 +78,11 @@ EC_KEY *EC_KEY_new_method(ENGINE *engine)
+ ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+- if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) {
+- OPENSSL_free(ret);
+- return NULL;
+- }
+
++ ret->references = 1;
+ ret->lock = CRYPTO_THREAD_lock_new();
+ if (ret->lock == NULL) {
+ ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data);
+ OPENSSL_free(ret);
+ return NULL;
+ }
+@@ -140,10 +92,7 @@ EC_KEY *EC_KEY_new_method(ENGINE *engine)
+ if (engine != NULL) {
+ if (!ENGINE_init(engine)) {
+ ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
+- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data);
+- CRYPTO_THREAD_lock_free(ret->lock);
+- OPENSSL_free(ret);
+- return NULL;
++ goto err;
+ }
+ ret->engine = engine;
+ } else
+@@ -152,24 +101,27 @@ EC_KEY *EC_KEY_new_method(ENGINE *engine)
+ ret->meth = ENGINE_get_EC(ret->engine);
+ if (ret->meth == NULL) {
+ ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
+- ENGINE_finish(ret->engine);
+- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data);
+- CRYPTO_THREAD_lock_free(ret->lock);
+- OPENSSL_free(ret);
+- return NULL;
++ goto err;
+ }
+ }
+ #endif
+
+ ret->version = 1;
+ ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
+- ret->references = 1;
++
++ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) {
++ goto err;
++ }
+
+ if (ret->meth->init != NULL && ret->meth->init(ret) == 0) {
+- EC_KEY_free(ret);
+- return NULL;
++ ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_INIT_FAIL);
++ goto err;
+ }
+ return ret;
++
++err:
++ EC_KEY_free(ret);
++ return NULL;
+ }
+
+ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h
+index 15caf4e..2cef3bc 100644
+--- a/crypto/ec/ec_lcl.h
++++ b/crypto/ec/ec_lcl.h
+@@ -1,59 +1,12 @@
+ /*
+- * Originally written by Bodo Moeller for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
+index 67e322f..d7383d6 100644
+--- a/crypto/ec/ec_lib.c
++++ b/crypto/ec/ec_lib.c
+@@ -1,59 +1,12 @@
+ /*
+- * Originally written by Bodo Moeller for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Binary polynomial ECC support in OpenSSL originally developed by
+diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
+index 3c283e5..4215dc7 100644
+--- a/crypto/ec/ec_mult.c
++++ b/crypto/ec/ec_mult.c
+@@ -1,59 +1,12 @@
+ /*
+- * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+diff --git a/crypto/ec/ec_oct.c b/crypto/ec/ec_oct.c
+index d6bb62a..effc42a 100644
+--- a/crypto/ec/ec_oct.c
++++ b/crypto/ec/ec_oct.c
+@@ -1,59 +1,12 @@
+ /*
+- * Originally written by Bodo Moeller for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Binary polynomial ECC support in OpenSSL originally developed by
+diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
+index bcb5063..68ff2bb 100644
+--- a/crypto/ec/ec_pmeth.c
++++ b/crypto/ec/ec_pmeth.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ec/ec_print.c b/crypto/ec/ec_print.c
+index b80ce38..1afa2ce 100644
+--- a/crypto/ec/ec_print.c
++++ b/crypto/ec/ec_print.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/ec/ecdh_kdf.c b/crypto/ec/ecdh_kdf.c
+index e60574f..6cb0e11 100644
+--- a/crypto/ec/ecdh_kdf.c
++++ b/crypto/ec/ecdh_kdf.c
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Stephen Henson for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/crypto/ec/ecdh_ossl.c b/crypto/ec/ecdh_ossl.c
+index d1bebc4..715465c 100644
+--- a/crypto/ec/ecdh_ossl.c
++++ b/crypto/ec/ecdh_ossl.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -12,59 +21,6 @@
+ * Sun Microsystems Laboratories.
+ *
+ */
+-/* ====================================================================
+- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+
+ #include <string.h>
+ #include <limits.h>
+diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c
+index 113bcdf..6ff5a46 100644
+--- a/crypto/ec/ecdsa_ossl.c
++++ b/crypto/ec/ecdsa_ossl.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/crypto/ec/ecdsa_sign.c b/crypto/ec/ecdsa_sign.c
+index 738c276..84a56a3 100644
+--- a/crypto/ec/ecdsa_sign.c
++++ b/crypto/ec/ecdsa_sign.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/ec.h>
+diff --git a/crypto/ec/ecdsa_vrf.c b/crypto/ec/ecdsa_vrf.c
+index f519b59..bc9ebf4 100644
+--- a/crypto/ec/ecdsa_vrf.c
++++ b/crypto/ec/ecdsa_vrf.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/ec.h>
+diff --git a/crypto/ec/eck_prn.c b/crypto/ec/eck_prn.c
+index eacdb9e..c23d36f 100644
+--- a/crypto/ec/eck_prn.c
++++ b/crypto/ec/eck_prn.c
+@@ -1,59 +1,12 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions originally developed by SUN MICROSYSTEMS, INC., and
+diff --git a/crypto/ec/ecp_mont.c b/crypto/ec/ecp_mont.c
+index aa1f451..a9c6040 100644
+--- a/crypto/ec/ecp_mont.c
++++ b/crypto/ec/ecp_mont.c
+@@ -1,59 +1,12 @@
+ /*
+- * Originally written by Bodo Moeller for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+diff --git a/crypto/ec/ecp_nist.c b/crypto/ec/ecp_nist.c
+index c4729bf..615563b 100644
+--- a/crypto/ec/ecp_nist.c
++++ b/crypto/ec/ecp_nist.c
+@@ -1,59 +1,12 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c
+index 78bdc35..0c11abc 100644
+--- a/crypto/ec/ecp_nistp224.c
++++ b/crypto/ec/ecp_nistp224.c
+@@ -1,6 +1,12 @@
+ /*
+- * Written by Emilia Kasper (Google) for the OpenSSL project.
++ * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c
+index 2da266c..8cd7222 100644
+--- a/crypto/ec/ecp_nistp256.c
++++ b/crypto/ec/ecp_nistp256.c
+@@ -1,6 +1,12 @@
+ /*
+- * Written by Adam Langley (Google) for the OpenSSL project
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
+index a9b4295..7207494 100644
+--- a/crypto/ec/ecp_nistp521.c
++++ b/crypto/ec/ecp_nistp521.c
+@@ -1,6 +1,12 @@
+ /*
+- * Written by Adam Langley (Google) for the OpenSSL project
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+diff --git a/crypto/ec/ecp_nistputil.c b/crypto/ec/ecp_nistputil.c
+index 01c88d8..97fb631 100644
+--- a/crypto/ec/ecp_nistputil.c
++++ b/crypto/ec/ecp_nistputil.c
+@@ -1,6 +1,12 @@
+ /*
+- * Written by Bodo Moeller for the OpenSSL project.
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c
+index f2ef9be..f824a82 100644
+--- a/crypto/ec/ecp_nistz256.c
++++ b/crypto/ec/ecp_nistz256.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /******************************************************************************
+ * *
+ * Copyright 2014 Intel Corporation *
+@@ -625,9 +634,9 @@ __owur static int ecp_nistz256_windowed_mul(const EC_GROUP *group,
+ }
+
+ /*
+- * row[0] is implicitly (0,0,0) (the point at infinity), therefore it
+- * is not stored. All other values are actually stored with an offset
+- * of -1 in table.
++ * row[0] is implicitly (0,0,0) (the point at infinity), therefore it
++ * is not stored. All other values are actually stored with an offset
++ * of -1 in table.
+ */
+
+ ecp_nistz256_scatter_w5 (row, &temp[0], 1);
+diff --git a/crypto/ec/ecp_nistz256_table.c b/crypto/ec/ecp_nistz256_table.c
+index 216d024..3f5625c 100644
+--- a/crypto/ec/ecp_nistz256_table.c
++++ b/crypto/ec/ecp_nistz256_table.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * This is the precomputed constant time access table for the code in
+ * ecp_montp256.c, for the default generator. The table consists of 37
+ * subtables, each subtable contains 64 affine points. The affine points are
+diff --git a/crypto/ec/ecp_oct.c b/crypto/ec/ecp_oct.c
+index 14f6252..299f8c5 100644
+--- a/crypto/ec/ecp_oct.c
++++ b/crypto/ec/ecp_oct.c
+@@ -1,61 +1,12 @@
+ /*
+- * Includes code written by Lenka Fibikova <fibikova at exp-math.uni-essen.de>
+- * for the OpenSSL project. Includes code written by Bodo Moeller for the
+- * OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c
+index a5f3610..76e0caf 100644
+--- a/crypto/ec/ecp_smpl.c
++++ b/crypto/ec/ecp_smpl.c
+@@ -1,61 +1,12 @@
+ /*
+- * Includes code written by Lenka Fibikova <fibikova at exp-math.uni-essen.de>
+- * for the OpenSSL project. Includes code written by Bodo Moeller for the
+- * OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+diff --git a/crypto/engine/Makefile.in b/crypto/engine/Makefile.in
+deleted file mode 100644
+index 9f4edc6..0000000
+--- a/crypto/engine/Makefile.in
++++ /dev/null
+@@ -1,53 +0,0 @@
+-#
+-# OpenSSL/crypto/engine/Makefile
+-#
+-
+-DIR= engine
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
+- eng_table.c eng_pkey.c eng_fat.c eng_all.c \
+- tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c \
+- tb_cipher.c tb_digest.c tb_pkmeth.c tb_asnmth.c tb_eckey.c \
+- eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c \
+- eng_rdrand.c
+-LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
+- eng_table.o eng_pkey.o eng_fat.o eng_all.o \
+- tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o \
+- tb_cipher.o tb_digest.o tb_pkmeth.o tb_asnmth.o tb_eckey.o \
+- eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o \
+- eng_rdrand.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
+index 6df6ef1..4600acb 100644
+--- a/crypto/engine/eng_all.c
++++ b/crypto/engine/eng_all.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte <richard at levitte.org> for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c
+index 400b229..8bea37f 100644
+--- a/crypto/engine/eng_cnf.c
++++ b/crypto/engine/eng_cnf.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Stephen Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
+index 1959123..79a0641 100644
+--- a/crypto/engine/eng_cryptodev.c
++++ b/crypto/engine/eng_cryptodev.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Copyright (c) 2002 Bob Beck <beck at openbsd.org>
+ * Copyright (c) 2002 Theo de Raadt
+ * Copyright (c) 2002 Markus Friedl
+@@ -446,7 +455,7 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ cryp.op = EVP_CIPHER_CTX_encrypting(ctx) ? COP_ENCRYPT : COP_DECRYPT;
+
+ if (EVP_CIPHER_CTX_iv_length(ctx) > 0) {
+- cryp.iv = *(caddr_t*) EVP_CIPHER_CTX_iv(ctx);
++ cryp.iv = (caddr_t) EVP_CIPHER_CTX_iv(ctx);
+ if (!EVP_CIPHER_CTX_encrypting(ctx)) {
+ iiv = in + inl - EVP_CIPHER_CTX_iv_length(ctx);
+ memcpy(save_iv, iiv, EVP_CIPHER_CTX_iv_length(ctx));
+diff --git a/crypto/engine/eng_ctrl.c b/crypto/engine/eng_ctrl.c
+index c912c1d..7589c21 100644
+--- a/crypto/engine/eng_ctrl.c
++++ b/crypto/engine/eng_ctrl.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
+index f224255..718599f 100644
+--- a/crypto/engine/eng_dyn.c
++++ b/crypto/engine/eng_dyn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+@@ -203,6 +154,7 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr,
+ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
+ {
+ dynamic_data_ctx *c = OPENSSL_zalloc(sizeof(*c));
++ int ret = 1;
+
+ if (c == NULL) {
+ ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
+@@ -222,9 +174,11 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
+ dynamic_ex_data_idx))
+ == NULL) {
+ /* Good, we're the first */
+- ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
+- *ctx = c;
+- c = NULL;
++ ret = ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
++ if (ret) {
++ *ctx = c;
++ c = NULL;
++ }
+ }
+ CRYPTO_THREAD_unlock(global_engine_lock);
+ /*
+@@ -234,7 +188,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
+ if (c)
+ sk_OPENSSL_STRING_free(c->dirs);
+ OPENSSL_free(c);
+- return 1;
++ return ret;
+ }
+
+ /*
+diff --git a/crypto/engine/eng_err.c b/crypto/engine/eng_err.c
+index 9a9337a..c8f628b 100644
+--- a/crypto/engine/eng_err.c
++++ b/crypto/engine/eng_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -80,9 +30,7 @@ static ERR_STRING_DATA ENGINE_str_functs[] = {
+ {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"},
+ {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"},
+ {ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"},
+- {ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"},
+ {ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"},
+- {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"},
+ {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"},
+ {ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"},
+ {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH),
+@@ -100,17 +48,14 @@ static ERR_STRING_DATA ENGINE_str_functs[] = {
+ {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"},
+ {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING),
+ "ENGINE_set_default_string"},
+- {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE), "ENGINE_SET_DEFAULT_TYPE"},
+ {ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"},
+ {ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"},
+ {ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "engine_table_register"},
+- {ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"},
+ {ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "engine_unlocked_finish"},
+ {ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"},
+ {ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "int_ctrl_helper"},
+ {ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "int_engine_configure"},
+ {ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "int_engine_module_init"},
+- {ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"},
+ {0, NULL}
+ };
+
+@@ -124,8 +69,6 @@ static ERR_STRING_DATA ENGINE_str_reasons[] = {
+ {ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"},
+ {ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),
+ "ctrl command not implemented"},
+- {ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED), "dh not implemented"},
+- {ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED), "dsa not implemented"},
+ {ERR_REASON(ENGINE_R_DSO_FAILURE), "DSO failure"},
+ {ERR_REASON(ENGINE_R_DSO_NOT_FOUND), "dso not found"},
+ {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"},
+@@ -138,8 +81,6 @@ static ERR_STRING_DATA ENGINE_str_reasons[] = {
+ {ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY),
+ "failed loading public key"},
+ {ERR_REASON(ENGINE_R_FINISH_FAILED), "finish failed"},
+- {ERR_REASON(ENGINE_R_GET_HANDLE_FAILED),
+- "could not obtain hardware handle"},
+ {ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING), "'id' or 'name' missing"},
+ {ERR_REASON(ENGINE_R_INIT_FAILED), "init failed"},
+ {ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"},
+@@ -155,9 +96,6 @@ static ERR_STRING_DATA ENGINE_str_reasons[] = {
+ {ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION), "no load function"},
+ {ERR_REASON(ENGINE_R_NO_REFERENCE), "no reference"},
+ {ERR_REASON(ENGINE_R_NO_SUCH_ENGINE), "no such engine"},
+- {ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION), "no unload function"},
+- {ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS), "provide parameters"},
+- {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"},
+ {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"},
+ {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"},
+ {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),
+diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c
+index b331608..631aa39 100644
+--- a/crypto/engine/eng_fat.c
++++ b/crypto/engine/eng_fat.c
+@@ -1,56 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+diff --git a/crypto/engine/eng_init.c b/crypto/engine/eng_init.c
+index f3c0de9..c51a38d 100644
+--- a/crypto/engine/eng_init.c
++++ b/crypto/engine/eng_init.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h
+index beaa878..6b6ff9f 100644
+--- a/crypto/engine/eng_int.h
++++ b/crypto/engine/eng_int.h
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+@@ -65,7 +17,6 @@
+ # define HEADER_ENGINE_INT_H
+
+ # include "internal/cryptlib.h"
+-# include "internal/threads.h"
+ # include <internal/engine.h>
+
+ #ifdef __cplusplus
+@@ -207,7 +158,7 @@ struct engine_st {
+ int struct_ref;
+ /*
+ * reference count on usability of the engine type. NB: This controls the
+- * loading and initialisation of any functionlity required by this
++ * loading and initialisation of any functionality required by this
+ * engine, whereas the previous count is simply to cope with
+ * (de)allocation of this structure. Hence, running_ref <= struct_ref at
+ * all times.
+diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c
+index d0bc716..f7d0216 100644
+--- a/crypto/engine/eng_lib.c
++++ b/crypto/engine/eng_lib.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+@@ -83,7 +34,10 @@ ENGINE *ENGINE_new(void)
+ }
+ ret->struct_ref = 1;
+ engine_ref_debug(ret, 0, 1);
+- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
++ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data)) {
++ OPENSSL_free(ret);
++ return NULL;
++ }
+ return ret;
+ }
+
+diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c
+index 15ba1ca..a7252e9 100644
+--- a/crypto/engine/eng_list.c
++++ b/crypto/engine/eng_list.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c
+index 0ec51bb..7e28604 100644
+--- a/crypto/engine/eng_openssl.c
++++ b/crypto/engine/eng_openssl.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+@@ -489,6 +441,10 @@ static int ossl_hmac_init(EVP_PKEY_CTX *ctx)
+ return 0;
+ hctx->ktmp.type = V_ASN1_OCTET_STRING;
+ hctx->ctx = HMAC_CTX_new();
++ if (hctx->ctx == NULL) {
++ OPENSSL_free(hctx);
++ return 0;
++ }
+ EVP_PKEY_CTX_set_data(ctx, hctx);
+ EVP_PKEY_CTX_set0_keygen_info(ctx, NULL, 0);
+ # ifdef TEST_ENG_OPENSSL_HMAC_INIT
+@@ -497,31 +453,42 @@ static int ossl_hmac_init(EVP_PKEY_CTX *ctx)
+ return 1;
+ }
+
++static void ossl_hmac_cleanup(EVP_PKEY_CTX *ctx);
++
+ static int ossl_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+ {
+ OSSL_HMAC_PKEY_CTX *sctx, *dctx;
++
++ /* allocate memory for dst->data and a new HMAC_CTX in dst->data->ctx */
+ if (!ossl_hmac_init(dst))
+ return 0;
+ sctx = EVP_PKEY_CTX_get_data(src);
+ dctx = EVP_PKEY_CTX_get_data(dst);
+ dctx->md = sctx->md;
+ if (!HMAC_CTX_copy(dctx->ctx, sctx->ctx))
+- return 0;
++ goto err;
+ if (sctx->ktmp.data) {
+ if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
+ sctx->ktmp.data, sctx->ktmp.length))
+- return 0;
++ goto err;
+ }
+ return 1;
++err:
++ /* release HMAC_CTX in dst->data->ctx and memory allocated for dst->data */
++ ossl_hmac_cleanup(dst);
++ return 0;
+ }
+
+ static void ossl_hmac_cleanup(EVP_PKEY_CTX *ctx)
+ {
+ OSSL_HMAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);
+
+- HMAC_CTX_free(hctx->ctx);
+- OPENSSL_clear_free(hctx->ktmp.data, hctx->ktmp.length);
+- OPENSSL_free(hctx);
++ if (hctx) {
++ HMAC_CTX_free(hctx->ctx);
++ OPENSSL_clear_free(hctx->ktmp.data, hctx->ktmp.length);
++ OPENSSL_free(hctx);
++ EVP_PKEY_CTX_set_data(ctx, NULL);
++ }
+ }
+
+ static int ossl_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+diff --git a/crypto/engine/eng_pkey.c b/crypto/engine/eng_pkey.c
+index ee6ba28..305a648 100644
+--- a/crypto/engine/eng_pkey.c
++++ b/crypto/engine/eng_pkey.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/eng_rdrand.c b/crypto/engine/eng_rdrand.c
+index b62f910..b3defcb 100644
+--- a/crypto/engine/eng_rdrand.c
++++ b/crypto/engine/eng_rdrand.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+diff --git a/crypto/engine/eng_table.c b/crypto/engine/eng_table.c
+index 9648c0c..219253a 100644
+--- a/crypto/engine/eng_table.c
++++ b/crypto/engine/eng_table.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/engine/tb_asnmth.c b/crypto/engine/tb_asnmth.c
+index 28aa8e8..2a6a4ae 100644
+--- a/crypto/engine/tb_asnmth.c
++++ b/crypto/engine/tb_asnmth.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/tb_cipher.c b/crypto/engine/tb_cipher.c
+index 7df01ca..ac49141 100644
+--- a/crypto/engine/tb_cipher.c
++++ b/crypto/engine/tb_cipher.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/tb_dh.c b/crypto/engine/tb_dh.c
+index 4f68975..c6440df 100644
+--- a/crypto/engine/tb_dh.c
++++ b/crypto/engine/tb_dh.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/tb_digest.c b/crypto/engine/tb_digest.c
+index 03096b3..194b9c7 100644
+--- a/crypto/engine/tb_digest.c
++++ b/crypto/engine/tb_digest.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/tb_dsa.c b/crypto/engine/tb_dsa.c
+index adfb11f..fdb80cd 100644
+--- a/crypto/engine/tb_dsa.c
++++ b/crypto/engine/tb_dsa.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/tb_eckey.c b/crypto/engine/tb_eckey.c
+index 7c05c01..75750b2 100644
+--- a/crypto/engine/tb_eckey.c
++++ b/crypto/engine/tb_eckey.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/tb_pkmeth.c b/crypto/engine/tb_pkmeth.c
+index 947e139..2e82d85 100644
+--- a/crypto/engine/tb_pkmeth.c
++++ b/crypto/engine/tb_pkmeth.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/tb_rand.c b/crypto/engine/tb_rand.c
+index b67cff5..225e7c8 100644
+--- a/crypto/engine/tb_rand.c
++++ b/crypto/engine/tb_rand.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/engine/tb_rsa.c b/crypto/engine/tb_rsa.c
+index 4405d67..e2cc680 100644
+--- a/crypto/engine/tb_rsa.c
++++ b/crypto/engine/tb_rsa.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "eng_int.h"
+diff --git a/crypto/err/Makefile.in b/crypto/err/Makefile.in
+deleted file mode 100644
+index c12ea3f..0000000
+--- a/crypto/err/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/err/Makefile
+-#
+-
+-DIR= err
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=err.c err_all.c err_prn.c
+-LIBOBJ=err.o err_all.o err_prn.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/err/err.c b/crypto/err/err.c
+index b0fd19e..9b679d9 100644
+--- a/crypto/err/err.c
++++ b/crypto/err/err.c
+@@ -1,118 +1,16 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+ #include <stdarg.h>
+ #include <string.h>
+ #include <internal/cryptlib_int.h>
+-#include <internal/threads.h>
+ #include <internal/err.h>
+ #include <internal/err_int.h>
+ #include <openssl/lhash.h>
+@@ -197,26 +95,14 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
+ {ERR_R_DSA_LIB, "DSA lib"},
+ {ERR_R_X509_LIB, "X509 lib"},
+ {ERR_R_ASN1_LIB, "ASN1 lib"},
+- {ERR_R_CONF_LIB, "CONF lib"},
+- {ERR_R_CRYPTO_LIB, "CRYPTO lib"},
+ {ERR_R_EC_LIB, "EC lib"},
+- {ERR_R_SSL_LIB, "SSL lib"},
+ {ERR_R_BIO_LIB, "BIO lib"},
+ {ERR_R_PKCS7_LIB, "PKCS7 lib"},
+ {ERR_R_X509V3_LIB, "X509V3 lib"},
+- {ERR_R_PKCS12_LIB, "PKCS12 lib"},
+- {ERR_R_RAND_LIB, "RAND lib"},
+- {ERR_R_DSO_LIB, "DSO lib"},
+ {ERR_R_ENGINE_LIB, "ENGINE lib"},
+- {ERR_R_OCSP_LIB, "OCSP lib"},
+- {ERR_R_TS_LIB, "TS lib"},
+ {ERR_R_ECDSA_LIB, "ECDSA lib"},
+
+ {ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"},
+- {ERR_R_BAD_ASN1_OBJECT_HEADER, "bad asn1 object header"},
+- {ERR_R_BAD_GET_ASN1_OBJECT_CALL, "bad get asn1 object call"},
+- {ERR_R_EXPECTING_AN_ASN1_SEQUENCE, "expecting an asn1 sequence"},
+- {ERR_R_ASN1_LENGTH_MISMATCH, "asn1 length mismatch"},
+ {ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"},
+
+ {ERR_R_FATAL, "fatal"},
+@@ -334,12 +220,8 @@ static void build_SYS_str_reasons(void)
+ str->error = (unsigned long)i;
+ if (str->string == NULL) {
+ char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
+- char *src = strerror(i);
+- if (src != NULL) {
+- strncpy(*dest, src, sizeof(*dest));
+- (*dest)[sizeof(*dest) - 1] = '\0';
++ if (openssl_strerror_r(i, *dest, sizeof(*dest)))
+ str->string = *dest;
+- }
+ }
+ if (str->string == NULL)
+ str->string = "unknown";
+@@ -740,7 +622,7 @@ const char *ERR_reason_error_string(unsigned long e)
+ return ((p == NULL) ? NULL : p->string);
+ }
+
+-void ERR_remove_thread_state(void)
++void err_delete_thread_state(void)
+ {
+ ERR_STATE *state = ERR_get_state();
+ if (state == NULL)
+@@ -751,9 +633,14 @@ void ERR_remove_thread_state(void)
+ }
+
+ #if OPENSSL_API_COMPAT < 0x10000000L
++void ERR_remove_thread_state(void *dummy)
++{
++}
++#endif
++
++#if OPENSSL_API_COMPAT < 0x10000000L
+ void ERR_remove_state(unsigned long pid)
+ {
+- ERR_remove_thread_state();
+ }
+ #endif
+
+diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c
+index 97078b4..f617dd1 100644
+--- a/crypto/err/err_all.c
++++ b/crypto/err/err_all.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/err/err_prn.c b/crypto/err/err_prn.c
+index 0f7d40c..c7dc1d1 100644
+--- a/crypto/err/err_prn.c
++++ b/crypto/err/err_prn.c
+@@ -1,63 +1,14 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+ #include "internal/cryptlib.h"
+-#include "internal/threads.h"
+ #include <openssl/lhash.h>
+ #include <openssl/crypto.h>
+ #include <openssl/buffer.h>
+diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec
+index a969d7a..1abd774 100644
+--- a/crypto/err/openssl.ec
++++ b/crypto/err/openssl.ec
+@@ -28,11 +28,10 @@ L ENGINE include/openssl/engine.h crypto/engine/eng_err.c
+ L OCSP include/openssl/ocsp.h crypto/ocsp/ocsp_err.c
+ L UI include/openssl/ui.h crypto/ui/ui_err.c
+ L COMP include/openssl/comp.h crypto/comp/comp_err.c
+-L STORE include/openssl/store.h crypto/store/str_err.c
+ L TS include/openssl/ts.h crypto/ts/ts_err.c
+-L HMAC include/openssl/hmac.h crypto/hmac/hmac_err.c
++#L HMAC include/openssl/hmac.h crypto/hmac/hmac_err.c
+ L CMS include/openssl/cms.h crypto/cms/cms_err.c
+-L FIPS include/openssl/fips.h crypto/fips_err.h
++#L FIPS include/openssl/fips.h crypto/fips_err.h
+ L CT include/openssl/ct.h crypto/ct/ct_err.c
+ L ASYNC include/openssl/async.h crypto/async/async_err.c
+ L KDF include/openssl/kdf.h crypto/kdf/kdf_err.c
+diff --git a/crypto/evp/Makefile.in b/crypto/evp/Makefile.in
+deleted file mode 100644
+index 15080d0..0000000
+--- a/crypto/evp/Makefile.in
++++ /dev/null
+@@ -1,68 +0,0 @@
+-#
+-# OpenSSL/crypto/evp/Makefile
+-#
+-
+-DIR= evp
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_cnf.c \
+- e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
+- e_rc4.c e_aes.c names.c e_seed.c \
+- e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
+- m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \
+- m_md5_sha1.c m_mdc2.c m_ripemd.c \
+- p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
+- bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
+- c_allc.c c_alld.c evp_lib.c bio_ok.c \
+- evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c scrypt.c \
+- e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
+- e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
+- e_chacha20_poly1305.c cmeth_lib.c
+-
+-LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_cnf.o \
+- e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
+- e_rc4.o e_aes.o names.o e_seed.o \
+- e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
+- m_null.o m_md2.o m_md4.o m_md5.o m_sha1.o m_wp.o \
+- m_md5_sha1.o m_mdc2.o m_ripemd.o \
+- p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
+- bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
+- c_allc.o c_alld.o evp_lib.o bio_ok.o \
+- evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o scrypt.o \
+- e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o \
+- e_aes_cbc_hmac_sha1.o e_aes_cbc_hmac_sha256.o e_rc4_hmac_md5.o \
+- e_chacha20_poly1305.o cmeth_lib.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= evp_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
+index cdb50b4..9067848 100644
+--- a/crypto/evp/bio_b64.c
++++ b/crypto/evp/bio_b64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -118,11 +70,16 @@ static int b64_new(BIO *bi)
+
+ ctx = OPENSSL_zalloc(sizeof(*ctx));
+ if (ctx == NULL)
+- return (0);
++ return 0;
+
+ ctx->cont = 1;
+ ctx->start = 1;
+ ctx->base64 = EVP_ENCODE_CTX_new();
++ if (ctx->base64 == NULL) {
++ OPENSSL_free(ctx);
++ return 0;
++ }
++
+ BIO_set_data(bi, ctx);
+ BIO_set_init(bi, 1);
+
+diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
+index ad94ba4..5a4d9c5 100644
+--- a/crypto/evp/bio_enc.c
++++ b/crypto/evp/bio_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c
+index 46c5583..cd968ec 100644
+--- a/crypto/evp/bio_md.c
++++ b/crypto/evp/bio_md.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c
+index 0ac1a31..33066e8 100644
+--- a/crypto/evp/bio_ok.c
++++ b/crypto/evp/bio_ok.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*-
+@@ -183,6 +135,10 @@ static int ok_new(BIO *bi)
+ ctx->cont = 1;
+ ctx->sigio = 1;
+ ctx->md = EVP_MD_CTX_new();
++ if (ctx->md == NULL) {
++ OPENSSL_free(ctx);
++ return 0;
++ }
+ BIO_set_init(bi, 0);
+ BIO_set_data(bi, ctx);
+
+diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
+index ac172e8..6ed31ed 100644
+--- a/crypto/evp/c_allc.c
++++ b/crypto/evp/c_allc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -92,7 +44,11 @@ void openssl_add_all_ciphers_int(void)
+
+ EVP_add_cipher(EVP_des_ecb());
+ EVP_add_cipher(EVP_des_ede());
++ EVP_add_cipher_alias(SN_des_ede_ecb, "DES-EDE-ECB");
++ EVP_add_cipher_alias(SN_des_ede_ecb, "des-ede-ecb");
+ EVP_add_cipher(EVP_des_ede3());
++ EVP_add_cipher_alias(SN_des_ede3_ecb, "DES-EDE3-ECB");
++ EVP_add_cipher_alias(SN_des_ede3_ecb, "des-ede3-ecb");
+ EVP_add_cipher(EVP_des_ede3_wrap());
+ EVP_add_cipher_alias(SN_id_smime_alg_CMS3DESwrap, "des3-wrap");
+ #endif
+diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c
+index 1612c2f..ec79734 100644
+--- a/crypto/evp/c_alld.c
++++ b/crypto/evp/c_alld.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/cmeth_lib.c b/crypto/evp/cmeth_lib.c
+index 33944e1..e2295c4 100644
+--- a/crypto/evp/cmeth_lib.c
++++ b/crypto/evp/cmeth_lib.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte (levitte at openssl.org) for the OpenSSL project
+- * 2015.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
+index aee8127..c594a0a 100644
+--- a/crypto/evp/digest.c
++++ b/crypto/evp/digest.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -169,10 +68,8 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
+ * previous handle, re-querying for an ENGINE, and having a
+ * reinitialisation, when it may all be unnecessary.
+ */
+- if (ctx->engine && ctx->digest && (!type ||
+- (type
+- && (type->type ==
+- ctx->digest->type))))
++ if (ctx->engine && ctx->digest &&
++ (type == NULL || (type->type == ctx->digest->type)))
+ goto skip_to_init;
+ if (type) {
+ /*
+@@ -218,7 +115,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
+ #endif
+ if (ctx->digest != type) {
+ if (ctx->digest && ctx->digest->ctx_size) {
+- OPENSSL_free(ctx->md_data);
++ OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
+ ctx->md_data = NULL;
+ }
+ ctx->digest = type;
+diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
+index f0e410f..cfa65b8 100644
+--- a/crypto/evp/e_aes.c
++++ b/crypto/evp/e_aes.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2001-2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -184,7 +143,7 @@ void AES_xts_decrypt(const char *inp, char *out, size_t len,
+ const unsigned char iv[16]);
+ #endif
+
+-#if defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
++#if defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
+ # include "ppc_arch.h"
+ # ifdef VPAES_ASM
+ # define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC)
+@@ -202,8 +161,7 @@ void AES_xts_decrypt(const char *inp, char *out, size_t len,
+ ((defined(__i386) || defined(__i386__) || \
+ defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
+ defined(__x86_64) || defined(__x86_64__) || \
+- defined(_M_AMD64) || defined(_M_X64) || \
+- defined(__INTEL__) )
++ defined(_M_AMD64) || defined(_M_X64) )
+
+ extern unsigned int OPENSSL_ia32cap_P[];
+
+@@ -587,6 +545,15 @@ const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+
+ extern unsigned int OPENSSL_sparcv9cap_P[];
+
++/*
++ * Initial Fujitsu SPARC64 X support
++ */
++# define HWAES_CAPABLE (OPENSSL_sparcv9cap_P[0] & SPARCV9_FJAESX)
++# define HWAES_set_encrypt_key aes_fx_set_encrypt_key
++# define HWAES_set_decrypt_key aes_fx_set_decrypt_key
++# define HWAES_encrypt aes_fx_encrypt
++# define HWAES_decrypt aes_fx_decrypt
++
+ # define SPARC_AES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_AES)
+
+ void aes_t4_set_encrypt_key(const unsigned char *key, int bits, AES_KEY *ks);
+@@ -1060,7 +1027,7 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+
+ mode = EVP_CIPHER_CTX_mode(ctx);
+ if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+- && !enc)
++ && !enc) {
+ #ifdef HWAES_CAPABLE
+ if (HWAES_CAPABLE) {
+ ret = HWAES_set_decrypt_key(key,
+@@ -1099,6 +1066,7 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ dat->block = (block128_f) AES_decrypt;
+ dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+ (cbc128_f) AES_cbc_encrypt : NULL;
++ }
+ } else
+ #ifdef HWAES_CAPABLE
+ if (HWAES_CAPABLE) {
+diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
+index 4d8c973..be1deaa 100644
+--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
++++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -59,6 +19,7 @@
+ #include <openssl/rand.h>
+ #include "modes_lcl.h"
+ #include "internal/evp_int.h"
++#include "internal/constant_time_locl.h"
+
+ #ifndef EVP_CIPH_FLAG_AEAD_CIPHER
+ # define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
+@@ -90,8 +51,7 @@ typedef struct {
+
+ #if defined(AES_ASM) && ( \
+ defined(__x86_64) || defined(__x86_64__) || \
+- defined(_M_AMD64) || defined(_M_X64) || \
+- defined(__INTEL__) )
++ defined(_M_AMD64) || defined(_M_X64) )
+
+ extern unsigned int OPENSSL_ia32cap_P[];
+ # define AESNI_CAPABLE (1<<(57-32))
+@@ -584,6 +544,8 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
+ maxpad &= 255;
+
++ ret &= constant_time_ge(maxpad, pad);
++
+ inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
+ mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
+ inp_len &= mask;
+diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
+index 075a8e8..b89d873 100644
+--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
++++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -59,6 +19,7 @@
+ #include <openssl/sha.h>
+ #include <openssl/rand.h>
+ #include "modes_lcl.h"
++#include "internal/constant_time_locl.h"
+ #include "internal/evp_int.h"
+
+ #ifndef EVP_CIPH_FLAG_AEAD_CIPHER
+@@ -91,8 +52,7 @@ typedef struct {
+
+ #if defined(AES_ASM) && ( \
+ defined(__x86_64) || defined(__x86_64__) || \
+- defined(_M_AMD64) || defined(_M_X64) || \
+- defined(__INTEL__) )
++ defined(_M_AMD64) || defined(_M_X64) )
+
+ extern unsigned int OPENSSL_ia32cap_P[];
+ # define AESNI_CAPABLE (1<<(57-32))
+@@ -595,6 +555,8 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
+ maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
+ maxpad &= 255;
+
++ ret &= constant_time_ge(maxpad, pad);
++
+ inp_len = len - (SHA256_DIGEST_LENGTH + pad + 1);
+ mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
+ inp_len &= mask;
+diff --git a/crypto/evp/e_bf.c b/crypto/evp/e_bf.c
+index 108a80b..dc38690 100644
+--- a/crypto/evp/e_bf.c
++++ b/crypto/evp/e_bf.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/e_camellia.c b/crypto/evp/e_camellia.c
+index 0d9f7f1..b50fa0b 100644
+--- a/crypto/evp/e_camellia.c
++++ b/crypto/evp/e_camellia.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+diff --git a/crypto/evp/e_cast.c b/crypto/evp/e_cast.c
+index e4df25f..259d440 100644
+--- a/crypto/evp/e_cast.c
++++ b/crypto/evp/e_cast.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c
+index c3c72a1..26fefd9 100644
+--- a/crypto/evp/e_chacha20_poly1305.c
++++ b/crypto/evp/e_chacha20_poly1305.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -205,7 +164,6 @@ static int chacha20_poly1305_init_key(EVP_CIPHER_CTX *ctx,
+ const unsigned char *iv, int enc)
+ {
+ EVP_CHACHA_AEAD_CTX *actx = aead_data(ctx);
+- unsigned char temp[CHACHA_CTR_SIZE];
+
+ if (!inkey && !iv)
+ return 1;
+@@ -216,16 +174,21 @@ static int chacha20_poly1305_init_key(EVP_CIPHER_CTX *ctx,
+ actx->mac_inited = 0;
+ actx->tls_payload_length = NO_TLS_PAYLOAD_LENGTH;
+
+- /* pad on the left */
+- memset(temp, 0, sizeof(temp));
+- if (actx->nonce_len <= CHACHA_CTR_SIZE)
+- memcpy(temp + CHACHA_CTR_SIZE - actx->nonce_len, iv, actx->nonce_len);
++ if (iv != NULL) {
++ unsigned char temp[CHACHA_CTR_SIZE] = { 0 };
+
+- chacha_init_key(ctx, inkey, temp, enc);
++ /* pad on the left */
++ if (actx->nonce_len <= CHACHA_CTR_SIZE)
++ memcpy(temp + CHACHA_CTR_SIZE - actx->nonce_len, iv, actx->nonce_len);
+
+- actx->nonce[0] = actx->key.counter[1];
+- actx->nonce[1] = actx->key.counter[2];
+- actx->nonce[2] = actx->key.counter[3];
++ chacha_init_key(ctx, inkey, temp, enc);
++
++ actx->nonce[0] = actx->key.counter[1];
++ actx->nonce[1] = actx->key.counter[2];
++ actx->nonce[2] = actx->key.counter[3];
++ } else {
++ chacha_init_key(ctx, inkey, NULL, enc);
++ }
+
+ return 1;
+ }
+diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c
+index ebdaadf..9b2facf 100644
+--- a/crypto/evp/e_des.c
++++ b/crypto/evp/e_des.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
+index 100ae3c..e21c045 100644
+--- a/crypto/evp/e_des3.c
++++ b/crypto/evp/e_des3.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c
+index 38e0c0a..93f6a41 100644
+--- a/crypto/evp/e_idea.c
++++ b/crypto/evp/e_idea.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -82,13 +34,13 @@ static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
+ {
+ BLOCK_CIPHER_ecb_loop()
+- idea_ecb_encrypt(in + i, out + i, &EVP_C_DATA(EVP_IDEA_KEY,ctx)->ks);
++ IDEA_ecb_encrypt(in + i, out + i, &EVP_C_DATA(EVP_IDEA_KEY,ctx)->ks);
+ return 1;
+ }
+
+-BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks)
+-BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks)
+-BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks)
++BLOCK_CIPHER_func_cbc(idea, IDEA, EVP_IDEA_KEY, ks)
++BLOCK_CIPHER_func_ofb(idea, IDEA, 64, EVP_IDEA_KEY, ks)
++BLOCK_CIPHER_func_cfb(idea, IDEA, 64, EVP_IDEA_KEY, ks)
+
+ BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64,
+ 0, idea_init_key, NULL,
+diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c
+index 7843196..0dfc48a 100644
+--- a/crypto/evp/e_null.c
++++ b/crypto/evp/e_null.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/e_old.c b/crypto/evp/e_old.c
+index 5f0cbee..927908f 100644
+--- a/crypto/evp/e_old.c
++++ b/crypto/evp/e_old.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c
+index 8a56723..8286424 100644
+--- a/crypto/evp/e_rc2.c
++++ b/crypto/evp/e_rc2.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c
+index be6b6a0..1a2895f 100644
+--- a/crypto/evp/e_rc4.c
++++ b/crypto/evp/e_rc4.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
+index ded3090..28b12c7 100644
+--- a/crypto/evp/e_rc4_hmac_md5.c
++++ b/crypto/evp/e_rc4_hmac_md5.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -102,8 +62,7 @@ static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
+
+ # if !defined(OPENSSL_NO_ASM) && ( \
+ defined(__x86_64) || defined(__x86_64__) || \
+- defined(_M_AMD64) || defined(_M_X64) || \
+- defined(__INTEL__) )
++ defined(_M_AMD64) || defined(_M_X64) )
+ # define STITCHED_CALL
+ # endif
+
+diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c
+index 58980f5..1bc8141 100644
+--- a/crypto/evp/e_rc5.c
++++ b/crypto/evp/e_rc5.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/e_seed.c b/crypto/evp/e_seed.c
+index 6964b1e..40aec5f 100644
+--- a/crypto/evp/e_seed.c
++++ b/crypto/evp/e_seed.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+@@ -71,7 +26,8 @@ typedef struct {
+ } EVP_SEED_KEY;
+
+ IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
+- 16, 16, 16, 128, 0, seed_init_key, 0, 0, 0, 0)
++ 16, 16, 16, 128, EVP_CIPH_FLAG_DEFAULT_ASN1,
++ seed_init_key, 0, 0, 0, 0)
+
+ static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c
+index 92fe893..effaf5c 100644
+--- a/crypto/evp/e_xcbc_d.c
++++ b/crypto/evp/e_xcbc_d.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c
+index ed85f89..bd2bbc0 100644
+--- a/crypto/evp/encode.c
++++ b/crypto/evp/encode.c
+@@ -1,61 +1,14 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
++#include <limits.h>
+ #include "internal/cryptlib.h"
+ #include <openssl/evp.h>
+ #include "evp_locl.h"
+@@ -165,13 +118,13 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl)
+ {
+ int i, j;
+- unsigned int total = 0;
++ size_t total = 0;
+
+ *outl = 0;
+ if (inl <= 0)
+ return;
+ OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
+- if ((ctx->num + inl) < ctx->length) {
++ if (ctx->length - ctx->num > inl) {
+ memcpy(&(ctx->enc_data[ctx->num]), in, inl);
+ ctx->num += inl;
+ return;
+@@ -188,7 +141,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ *out = '\0';
+ total = j + 1;
+ }
+- while (inl >= ctx->length) {
++ while (inl >= ctx->length && total <= INT_MAX) {
+ j = EVP_EncodeBlock(out, in, ctx->length);
+ in += ctx->length;
+ inl -= ctx->length;
+@@ -197,6 +150,11 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ *out = '\0';
+ total += j + 1;
+ }
++ if (total > INT_MAX) {
++ /* Too much output data! */
++ *outl = 0;
++ return;
++ }
+ if (inl != 0)
+ memcpy(&(ctx->enc_data[0]), in, inl);
+ ctx->num = inl;
+diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c
+index 45e82c9..71d13b8 100644
+--- a/crypto/evp/evp_cnf.c
++++ b/crypto/evp/evp_cnf.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Stephen Henson (steve at openssl.org) for the OpenSSL project
+- * 2007.
+- */
+-/* ====================================================================
+- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
+index d7cc1f4..acb6b8b 100644
+--- a/crypto/evp/evp_enc.c
++++ b/crypto/evp/evp_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -120,7 +72,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ * reinitialisation, when it may all be unnecessary.
+ */
+ if (ctx->engine && ctx->cipher
+- && (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
++ && (cipher == NULL || cipher->nid == ctx->cipher->nid))
+ goto skip_to_init;
+ #endif
+ if (cipher) {
+@@ -332,7 +284,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
+ bl = ctx->cipher->block_size;
+ OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
+ if (i != 0) {
+- if (i + inl < bl) {
++ if (bl - i > inl) {
+ memcpy(&(ctx->buf[i]), in, inl);
+ ctx->buf_len += inl;
+ *outl = 0;
+diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
+index 3b77e3b..c9c9dc7 100644
+--- a/crypto/evp/evp_err.c
++++ b/crypto/evp/evp_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -70,22 +20,13 @@
+
+ static ERR_STRING_DATA EVP_str_functs[] = {
+ {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "aesni_init_key"},
+- {ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
+ {ERR_FUNC(EVP_F_AES_INIT_KEY), "aes_init_key"},
+ {ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "aes_t4_init_key"},
+- {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
+- {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
+ {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "alg_module_init"},
+ {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "camellia_init_key"},
+ {ERR_FUNC(EVP_F_CHACHA20_POLY1305_CTRL), "chacha20_poly1305_ctrl"},
+- {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
+ {ERR_FUNC(EVP_F_CMLL_T4_INIT_KEY), "cmll_t4_init_key"},
+- {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
+ {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "do_sigver_init"},
+- {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
+- {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
+- {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
+- {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
+ {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
+ {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
+ {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
+@@ -118,7 +59,6 @@ static ERR_STRING_DATA EVP_str_functs[] = {
+ {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_GET0_DH), "EVP_PKEY_get0_DH"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_GET0_DSA), "EVP_PKEY_get0_DSA"},
+- {ERR_FUNC(EVP_F_EVP_PKEY_GET0_ECDSA), "EVP_PKEY_GET0_ECDSA"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_GET0_EC_KEY), "EVP_PKEY_get0_EC_KEY"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_GET0_RSA), "EVP_PKEY_get0_RSA"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
+@@ -133,23 +73,13 @@ static ERR_STRING_DATA EVP_str_functs[] = {
+ {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT),
+ "EVP_PKEY_verify_recover_init"},
+- {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
+ {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
+ {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
+- {ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_cipherinit"},
+- {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
+- {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
+- {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH),
+- "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
+- {ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_digestinit"},
+- {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
+- {ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
+ {ERR_FUNC(EVP_F_INT_CTX_NEW), "int_ctx_new"},
+ {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
+ {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
+ {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_v2_PBKDF2_keyivgen"},
+ {ERR_FUNC(EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN), "PKCS5_v2_scrypt_keyivgen"},
+- {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
+ {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "pkey_set_type"},
+ {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "rc2_magic_to_meth"},
+ {ERR_FUNC(EVP_F_RC5_CTRL), "rc5_ctrl"},
+@@ -157,16 +87,11 @@ static ERR_STRING_DATA EVP_str_functs[] = {
+ };
+
+ static ERR_STRING_DATA EVP_str_reasons[] = {
+- {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED), "aes iv setup failed"},
+ {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED), "aes key setup failed"},
+- {ERR_REASON(EVP_R_ASN1_LIB), "asn1 lib"},
+- {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH), "bad block length"},
+ {ERR_REASON(EVP_R_BAD_DECRYPT), "bad decrypt"},
+- {ERR_REASON(EVP_R_BAD_KEY_LENGTH), "bad key length"},
+- {ERR_REASON(EVP_R_BN_DECODE_ERROR), "bn decode error"},
+- {ERR_REASON(EVP_R_BN_PUBKEY_ERROR), "bn pubkey error"},
+ {ERR_REASON(EVP_R_BUFFER_TOO_SMALL), "buffer too small"},
+- {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED), "camellia key setup failed"},
++ {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),
++ "camellia key setup failed"},
+ {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"},
+ {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED), "command not supported"},
+ {ERR_REASON(EVP_R_COPY_ERROR), "copy error"},
+@@ -178,25 +103,21 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
+ {ERR_REASON(EVP_R_DECODE_ERROR), "decode error"},
+ {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES), "different key types"},
+ {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS), "different parameters"},
+- {ERR_REASON(EVP_R_DISABLED_FOR_FIPS), "disabled for fips"},
+- {ERR_REASON(EVP_R_ENCODE_ERROR), "encode error"},
+ {ERR_REASON(EVP_R_ERROR_LOADING_SECTION), "error loading section"},
+ {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"},
+- {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR), "evp pbe cipherinit error"},
+ {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY), "expecting an rsa key"},
+ {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY), "expecting a dh key"},
+ {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY), "expecting a dsa key"},
+- {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY), "expecting a ecdsa key"},
+ {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY), "expecting a ec key"},
+ {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
+- {ERR_REASON(EVP_R_ILLEGAL_SCRYPT_PARAMETERS), "illegal scrypt parameters"},
++ {ERR_REASON(EVP_R_ILLEGAL_SCRYPT_PARAMETERS),
++ "illegal scrypt parameters"},
+ {ERR_REASON(EVP_R_INITIALIZATION_ERROR), "initialization error"},
+ {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"},
+ {ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"},
+ {ERR_REASON(EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
+ {ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
+ {ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"},
+- {ERR_REASON(EVP_R_IV_TOO_LARGE), "iv too large"},
+ {ERR_REASON(EVP_R_KEYGEN_FAILURE), "keygen failure"},
+ {ERR_REASON(EVP_R_MEMORY_LIMIT_EXCEEDED), "memory limit exceeded"},
+ {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"},
+@@ -205,21 +126,14 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
+ {ERR_REASON(EVP_R_NO_CIPHER_SET), "no cipher set"},
+ {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST), "no default digest"},
+ {ERR_REASON(EVP_R_NO_DIGEST_SET), "no digest set"},
+- {ERR_REASON(EVP_R_NO_DSA_PARAMETERS), "no dsa parameters"},
+ {ERR_REASON(EVP_R_NO_KEY_SET), "no key set"},
+ {ERR_REASON(EVP_R_NO_OPERATION_SET), "no operation set"},
+- {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),
+- "no sign function configured"},
+- {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),
+- "no verify function configured"},
+ {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
+ "operation not supported for this keytype"},
+ {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
+- {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE), "pkcs8 unknown broken type"},
+ {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
+ {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
+ {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
+- {ERR_REASON(EVP_R_TOO_LARGE), "too large"},
+ {ERR_REASON(EVP_R_UNKNOWN_CIPHER), "unknown cipher"},
+ {ERR_REASON(EVP_R_UNKNOWN_DIGEST), "unknown digest"},
+ {ERR_REASON(EVP_R_UNKNOWN_OPTION), "unknown option"},
+@@ -238,7 +152,6 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
+ {ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE), "unsupported salt type"},
+ {ERR_REASON(EVP_R_WRAP_MODE_NOT_ALLOWED), "wrap mode not allowed"},
+ {ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"},
+- {ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
+ {0, NULL}
+ };
+
+diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
+index 995d355..8a4297c 100644
+--- a/crypto/evp/evp_key.c
++++ b/crypto/evp/evp_key.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
+index bc24d5a..4333fb9 100644
+--- a/crypto/evp/evp_lib.c
++++ b/crypto/evp/evp_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
+index c85a46a..7f3526f 100644
+--- a/crypto/evp/evp_locl.h
++++ b/crypto/evp/evp_locl.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* EVP_MD_CTX related stuff */
+diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c
+index ddf9bff..623f447 100644
+--- a/crypto/evp/evp_pbe.c
++++ b/crypto/evp/evp_pbe.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
+index a44d972..c84ddc3 100644
+--- a/crypto/evp/evp_pkey.c
++++ b/crypto/evp/evp_pkey.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c
+index 0e83dfe..c4e28ae 100644
+--- a/crypto/evp/m_md2.c
++++ b/crypto/evp/m_md2.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/m_md4.c b/crypto/evp/m_md4.c
+index 933d82a..f3decaa 100644
+--- a/crypto/evp/m_md4.c
++++ b/crypto/evp/m_md4.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c
+index b28be91..f4dc0c4 100644
+--- a/crypto/evp/m_md5.c
++++ b/crypto/evp/m_md5.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/m_md5_sha1.c b/crypto/evp/m_md5_sha1.c
+index 6367dc7..1213ff6 100644
+--- a/crypto/evp/m_md5_sha1.c
++++ b/crypto/evp/m_md5_sha1.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #if !defined(OPENSSL_NO_MD5)
+diff --git a/crypto/evp/m_mdc2.c b/crypto/evp/m_mdc2.c
+index f7fa600..b7f0fd8 100644
+--- a/crypto/evp/m_mdc2.c
++++ b/crypto/evp/m_mdc2.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/m_null.c b/crypto/evp/m_null.c
+index 0fc8c99..6c4daf5 100644
+--- a/crypto/evp/m_null.c
++++ b/crypto/evp/m_null.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/m_ripemd.c b/crypto/evp/m_ripemd.c
+index d4488be..07b46bd 100644
+--- a/crypto/evp/m_ripemd.c
++++ b/crypto/evp/m_ripemd.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c
+index e673e41..4f00956 100644
+--- a/crypto/evp/m_sha1.c
++++ b/crypto/evp/m_sha1.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
+index 0fe223f..3b74f72 100644
+--- a/crypto/evp/m_sigver.c
++++ b/crypto/evp/m_sigver.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/m_wp.c b/crypto/evp/m_wp.c
+index 12b7765..94fac22 100644
+--- a/crypto/evp/m_wp.c
++++ b/crypto/evp/m_wp.c
+@@ -1,3 +1,11 @@
++/*
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ #include <stdio.h>
+ #include "internal/cryptlib.h"
+diff --git a/crypto/evp/names.c b/crypto/evp/names.c
+index 2e8281a..a92be1f 100644
+--- a/crypto/evp/names.c
++++ b/crypto/evp/names.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c
+index 7900e28..7e55d0b 100644
+--- a/crypto/evp/p5_crpt.c
++++ b/crypto/evp/p5_crpt.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
+index 76dcf02..2e45aa3 100644
+--- a/crypto/evp/p5_crpt2.c
++++ b/crypto/evp/p5_crpt2.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include "internal/cryptlib.h"
+@@ -213,7 +165,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+
+ /* See if we recognise the key derivation function */
+ if (!EVP_PBE_find(EVP_PBE_TYPE_KDF, OBJ_obj2nid(pbe2->keyfunc->algorithm),
+- NULL, NULL, &kdf)) {
++ NULL, NULL, &kdf)) {
+ EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
+ EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
+ goto err;
+diff --git a/crypto/evp/p_dec.c b/crypto/evp/p_dec.c
+index 5729ed7..6171bb9 100644
+--- a/crypto/evp/p_dec.c
++++ b/crypto/evp/p_dec.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/p_enc.c b/crypto/evp/p_enc.c
+index f1fc818..645f973 100644
+--- a/crypto/evp/p_enc.c
++++ b/crypto/evp/p_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
+index a8fa301..0b7884f 100644
+--- a/crypto/evp/p_lib.c
++++ b/crypto/evp/p_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -196,10 +148,16 @@ EVP_PKEY *EVP_PKEY_new(void)
+ return ret;
+ }
+
+-void EVP_PKEY_up_ref(EVP_PKEY *pkey)
++int EVP_PKEY_up_ref(EVP_PKEY *pkey)
+ {
+ int i;
+- CRYPTO_atomic_add(&pkey->references, 1, &i, pkey->lock);
++
++ if (CRYPTO_atomic_add(&pkey->references, 1, &i, pkey->lock) <= 0)
++ return 0;
++
++ REF_PRINT_COUNT("EVP_PKEY", pkey);
++ REF_ASSERT_ISNT(i < 2);
++ return ((i > 1) ? 1 : 0);
+ }
+
+ /*
+diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c
+index 7f9c733..b65bc74 100644
+--- a/crypto/evp/p_open.c
++++ b/crypto/evp/p_open.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c
+index d802d84..faa2464 100644
+--- a/crypto/evp/p_seal.c
++++ b/crypto/evp/p_seal.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
+index 46d2dcc..6cb442e 100644
+--- a/crypto/evp/p_sign.c
++++ b/crypto/evp/p_sign.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
+index 631ce35..6e8c565 100644
+--- a/crypto/evp/p_verify.c
++++ b/crypto/evp/p_verify.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
+index 872947a..8ff50da 100644
+--- a/crypto/evp/pmeth_fn.c
++++ b/crypto/evp/pmeth_fn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
+index 6d58f1b..6adc3a9 100644
+--- a/crypto/evp/pmeth_gn.c
++++ b/crypto/evp/pmeth_gn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
+index 08466ef..2e5e932 100644
+--- a/crypto/evp/pmeth_lib.c
++++ b/crypto/evp/pmeth_lib.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/evp/scrypt.c b/crypto/evp/scrypt.c
+index f9b368b..101bb1e 100644
+--- a/crypto/evp/scrypt.c
++++ b/crypto/evp/scrypt.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2015.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+diff --git a/crypto/ex_data.c b/crypto/ex_data.c
+index ca1c204..0666393 100644
+--- a/crypto/ex_data.c
++++ b/crypto/ex_data.c
+@@ -1,115 +1,13 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib_int.h"
+-#include "internal/threads.h"
+ #include <openssl/lhash.h>
+
+ /*
+diff --git a/crypto/fips_err.h b/crypto/fips_err.h
+deleted file mode 100644
+index b2fcabd..0000000
+--- a/crypto/fips_err.h
++++ /dev/null
+@@ -1,226 +0,0 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+-/*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
+- */
+-
+-#include <stdio.h>
+-#include <openssl/err.h>
+-#include <openssl/fips.h>
+-
+-/* BEGIN ERROR CODES */
+-#ifndef OPENSSL_NO_ERR
+-
+-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0)
+-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason)
+-
+-static ERR_STRING_DATA FIPS_str_functs[] = {
+- {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
+- {ERR_FUNC(FIPS_F_DH_INIT), "DH_INIT"},
+- {ERR_FUNC(FIPS_F_DRBG_RESEED), "DRBG_RESEED"},
+- {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"},
+- {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"},
+- {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"},
+- {ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"},
+- {ERR_FUNC(FIPS_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
+- {ERR_FUNC(FIPS_F_ECDSA_DO_SIGN), "ECDSA_do_sign"},
+- {ERR_FUNC(FIPS_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"},
+- {ERR_FUNC(FIPS_F_EC_KEY_GENERATE_KEY), "EC_KEY_generate_key"},
+- {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"},
+- {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA_PRNG), "fips_check_dsa_prng"},
+- {ERR_FUNC(FIPS_F_FIPS_CHECK_EC), "FIPS_CHECK_EC"},
+- {ERR_FUNC(FIPS_F_FIPS_CHECK_EC_PRNG), "fips_check_ec_prng"},
+- {ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT),
+- "FIPS_check_incore_fingerprint"},
+- {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"},
+- {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA_PRNG), "fips_check_rsa_prng"},
+- {ERR_FUNC(FIPS_F_FIPS_CIPHER), "FIPS_cipher"},
+- {ERR_FUNC(FIPS_F_FIPS_CIPHERINIT), "FIPS_cipherinit"},
+- {ERR_FUNC(FIPS_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
+- {ERR_FUNC(FIPS_F_FIPS_DIGESTFINAL), "FIPS_digestfinal"},
+- {ERR_FUNC(FIPS_F_FIPS_DIGESTINIT), "FIPS_digestinit"},
+- {ERR_FUNC(FIPS_F_FIPS_DIGESTUPDATE), "FIPS_digestupdate"},
+- {ERR_FUNC(FIPS_F_FIPS_DRBG_BYTES), "FIPS_DRBG_BYTES"},
+- {ERR_FUNC(FIPS_F_FIPS_DRBG_CHECK), "FIPS_DRBG_CHECK"},
+- {ERR_FUNC(FIPS_F_FIPS_DRBG_CPRNG_TEST), "FIPS_DRBG_CPRNG_TEST"},
+- {ERR_FUNC(FIPS_F_FIPS_DRBG_ERROR_CHECK), "FIPS_DRBG_ERROR_CHECK"},
+- {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"},
+- {ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"},
+- {ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"},
+- {ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"},
+- {ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"},
+- {ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"},
+- {ERR_FUNC(FIPS_F_FIPS_DSA_SIGN_DIGEST), "FIPS_dsa_sign_digest"},
+- {ERR_FUNC(FIPS_F_FIPS_DSA_VERIFY_DIGEST), "FIPS_dsa_verify_digest"},
+- {ERR_FUNC(FIPS_F_FIPS_GET_ENTROPY), "FIPS_GET_ENTROPY"},
+- {ERR_FUNC(FIPS_F_FIPS_MODULE_MODE_SET), "FIPS_module_mode_set"},
+- {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"},
+- {ERR_FUNC(FIPS_F_FIPS_RAND_ADD), "FIPS_rand_add"},
+- {ERR_FUNC(FIPS_F_FIPS_RAND_BYTES), "FIPS_rand_bytes"},
+- {ERR_FUNC(FIPS_F_FIPS_RAND_PSEUDO_BYTES), "FIPS_rand_pseudo_bytes"},
+- {ERR_FUNC(FIPS_F_FIPS_RAND_SEED), "FIPS_rand_seed"},
+- {ERR_FUNC(FIPS_F_FIPS_RAND_SET_METHOD), "FIPS_rand_set_method"},
+- {ERR_FUNC(FIPS_F_FIPS_RAND_STATUS), "FIPS_rand_status"},
+- {ERR_FUNC(FIPS_F_FIPS_RSA_SIGN_DIGEST), "FIPS_rsa_sign_digest"},
+- {ERR_FUNC(FIPS_F_FIPS_RSA_VERIFY_DIGEST), "FIPS_rsa_verify_digest"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_CCM), "FIPS_selftest_aes_ccm"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_GCM), "FIPS_selftest_aes_gcm"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_XTS), "FIPS_selftest_aes_xts"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_CMAC), "FIPS_selftest_cmac"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"},
+- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_X931), "FIPS_selftest_x931"},
+- {ERR_FUNC(FIPS_F_FIPS_SET_PRNG_KEY), "FIPS_SET_PRNG_KEY"},
+- {ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"},
+- {ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
+- {ERR_FUNC(FIPS_F_RSA_EAY_INIT), "RSA_EAY_INIT"},
+- {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
+- {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
+- {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
+- {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
+- {ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY_EX), "RSA_X931_generate_key_ex"},
+- {0, NULL}
+-};
+-
+-static ERR_STRING_DATA FIPS_str_reasons[] = {
+- {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED),
+- "additional input error undetected"},
+- {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_TOO_LONG),
+- "additional input too long"},
+- {ERR_REASON(FIPS_R_ALREADY_INSTANTIATED), "already instantiated"},
+- {ERR_REASON(FIPS_R_AUTHENTICATION_FAILURE), "authentication failure"},
+- {ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE), "contradicting evidence"},
+- {ERR_REASON(FIPS_R_DRBG_NOT_INITIALISED), "drbg not initialised"},
+- {ERR_REASON(FIPS_R_DRBG_STUCK), "drbg stuck"},
+- {ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED), "entropy error undetected"},
+- {ERR_REASON(FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED),
+- "entropy not requested for reseed"},
+- {ERR_REASON(FIPS_R_ENTROPY_SOURCE_STUCK), "entropy source stuck"},
+- {ERR_REASON(FIPS_R_ERROR_INITIALISING_DRBG), "error initialising drbg"},
+- {ERR_REASON(FIPS_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"},
+- {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT),
+- "error retrieving additional input"},
+- {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY), "error retrieving entropy"},
+- {ERR_REASON(FIPS_R_ERROR_RETRIEVING_NONCE), "error retrieving nonce"},
+- {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),
+- "fingerprint does not match"},
+- {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),
+- "fingerprint does not match nonpic relocated"},
+- {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),
+- "fingerprint does not match segment aliasing"},
+- {ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET), "fips mode already set"},
+- {ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED), "fips selftest failed"},
+- {ERR_REASON(FIPS_R_FUNCTION_ERROR), "function error"},
+- {ERR_REASON(FIPS_R_GENERATE_ERROR), "generate error"},
+- {ERR_REASON(FIPS_R_GENERATE_ERROR_UNDETECTED),
+- "generate error undetected"},
+- {ERR_REASON(FIPS_R_INSTANTIATE_ERROR), "instantiate error"},
+- {ERR_REASON(FIPS_R_INSUFFICIENT_SECURITY_STRENGTH),
+- "insufficient security strength"},
+- {ERR_REASON(FIPS_R_INTERNAL_ERROR), "internal error"},
+- {ERR_REASON(FIPS_R_INVALID_KEY_LENGTH), "invalid key length"},
+- {ERR_REASON(FIPS_R_INVALID_PARAMETERS), "invalid parameters"},
+- {ERR_REASON(FIPS_R_IN_ERROR_STATE), "in error state"},
+- {ERR_REASON(FIPS_R_KEY_TOO_SHORT), "key too short"},
+- {ERR_REASON(FIPS_R_NONCE_ERROR_UNDETECTED), "nonce error undetected"},
+- {ERR_REASON(FIPS_R_NON_FIPS_METHOD), "non fips method"},
+- {ERR_REASON(FIPS_R_NOPR_TEST1_FAILURE), "nopr test1 failure"},
+- {ERR_REASON(FIPS_R_NOPR_TEST2_FAILURE), "nopr test2 failure"},
+- {ERR_REASON(FIPS_R_NOT_INSTANTIATED), "not instantiated"},
+- {ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED), "pairwise test failed"},
+- {ERR_REASON(FIPS_R_PERSONALISATION_ERROR_UNDETECTED),
+- "personalisation error undetected"},
+- {ERR_REASON(FIPS_R_PERSONALISATION_STRING_TOO_LONG),
+- "personalisation string too long"},
+- {ERR_REASON(FIPS_R_PRNG_STRENGTH_TOO_LOW), "prng strength too low"},
+- {ERR_REASON(FIPS_R_PR_TEST1_FAILURE), "pr test1 failure"},
+- {ERR_REASON(FIPS_R_PR_TEST2_FAILURE), "pr test2 failure"},
+- {ERR_REASON(FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED),
+- "request length error undetected"},
+- {ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG),
+- "request too large for drbg"},
+- {ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR), "reseed counter error"},
+- {ERR_REASON(FIPS_R_RESEED_ERROR), "reseed error"},
+- {ERR_REASON(FIPS_R_SELFTEST_FAILED), "selftest failed"},
+- {ERR_REASON(FIPS_R_SELFTEST_FAILURE), "selftest failure"},
+- {ERR_REASON(FIPS_R_STRENGTH_ERROR_UNDETECTED),
+- "strength error undetected"},
+- {ERR_REASON(FIPS_R_TEST_FAILURE), "test failure"},
+- {ERR_REASON(FIPS_R_UNINSTANTIATE_ERROR), "uninstantiate error"},
+- {ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),
+- "uninstantiate zeroise error"},
+- {ERR_REASON(FIPS_R_UNSUPPORTED_DRBG_TYPE), "unsupported drbg type"},
+- {ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM), "unsupported platform"},
+- {0, NULL}
+-};
+-
+-#endif
+-
+-void ERR_load_FIPS_strings(void)
+-{
+-#ifndef OPENSSL_NO_ERR
+-
+- if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) {
+- ERR_load_strings(0, FIPS_str_functs);
+- ERR_load_strings(0, FIPS_str_reasons);
+- }
+-#endif
+-}
+diff --git a/crypto/fips_ers.c b/crypto/fips_ers.c
+deleted file mode 100644
+index ad6935f..0000000
+--- a/crypto/fips_ers.c
++++ /dev/null
+@@ -1,7 +0,0 @@
+-#include <openssl/opensslconf.h>
+-
+-#ifndef OPENSSL_FIPS
+-NON_EMPTY_TRANSLATION_UNIT
+-#else
+-# include "fips_err.h"
+-#endif
+diff --git a/crypto/hmac/Makefile.in b/crypto/hmac/Makefile.in
+deleted file mode 100644
+index 2da801c..0000000
+--- a/crypto/hmac/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/md/Makefile
+-#
+-
+-DIR= hmac
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=hmac.c hm_ameth.c hm_pmeth.c
+-LIBOBJ=hmac.o hm_ameth.o hm_pmeth.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/hmac/hm_ameth.c b/crypto/hmac/hm_ameth.c
+index 98e73e9..714068d 100644
+--- a/crypto/hmac/hm_ameth.c
++++ b/crypto/hmac/hm_ameth.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2007.
+- */
+-/* ====================================================================
+- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c
+index 268b48d..5b98477 100644
+--- a/crypto/hmac/hm_pmeth.c
++++ b/crypto/hmac/hm_pmeth.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2007.
+- */
+-/* ====================================================================
+- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -81,6 +32,10 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
+ return 0;
+ hctx->ktmp.type = V_ASN1_OCTET_STRING;
+ hctx->ctx = HMAC_CTX_new();
++ if (hctx->ctx == NULL) {
++ OPENSSL_free(hctx);
++ return 0;
++ }
+
+ ctx->data = hctx;
+ ctx->keygen_info_count = 0;
+@@ -88,33 +43,41 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
+ return 1;
+ }
+
++static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx);
++
+ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+ {
+ HMAC_PKEY_CTX *sctx, *dctx;
++
++ /* allocate memory for dst->data and a new HMAC_CTX in dst->data->ctx */
+ if (!pkey_hmac_init(dst))
+ return 0;
+- sctx = src->data;
+- dctx = dst->data;
++ sctx = EVP_PKEY_CTX_get_data(src);
++ dctx = EVP_PKEY_CTX_get_data(dst);
+ dctx->md = sctx->md;
+ if (!HMAC_CTX_copy(dctx->ctx, sctx->ctx))
+- return 0;
++ goto err;
+ if (sctx->ktmp.data) {
+ if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
+ sctx->ktmp.data, sctx->ktmp.length))
+- return 0;
++ goto err;
+ }
+ return 1;
++err:
++ /* release HMAC_CTX in dst->data->ctx and memory allocated for dst->data */
++ pkey_hmac_cleanup (dst);
++ return 0;
+ }
+
+ static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
+ {
+- HMAC_PKEY_CTX *hctx = ctx->data;
++ HMAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);
+
+ if (hctx != NULL) {
+ HMAC_CTX_free(hctx->ctx);
+ OPENSSL_clear_free(hctx->ktmp.data, hctx->ktmp.length);
+ OPENSSL_free(hctx);
+- ctx->data = NULL;
++ EVP_PKEY_CTX_set_data(ctx, NULL);
+ }
+ }
+
+diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
+index 9504aad..848b581 100644
+--- a/crypto/hmac/hmac.c
++++ b/crypto/hmac/hmac.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -164,7 +116,7 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
+ return 0;
+ }
+
+-size_t HMAC_size(HMAC_CTX *ctx)
++size_t HMAC_size(const HMAC_CTX *ctx)
+ {
+ return EVP_MD_size((ctx)->md);
+ }
+diff --git a/crypto/hmac/hmac_lcl.h b/crypto/hmac/hmac_lcl.h
+index f93e61f..4c156dc 100644
+--- a/crypto/hmac/hmac_lcl.h
++++ b/crypto/hmac/hmac_lcl.h
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #ifndef HEADER_HMAC_LCL_H
+ # define HEADER_HMAC_LCL_H
+
+diff --git a/crypto/ia64cpuid.S b/crypto/ia64cpuid.S
+index bf5abc3..f942648 100644
+--- a/crypto/ia64cpuid.S
++++ b/crypto/ia64cpuid.S
+@@ -2,6 +2,12 @@
+ // On Win64i compile with ias.exe.
+ .text
+
++#if defined(_HPUX_SOURCE) && !defined(_LP64)
++#define ADDP addp4
++#else
++#define ADDP add
++#endif
++
+ .global OPENSSL_cpuid_setup#
+ .proc OPENSSL_cpuid_setup#
+ OPENSSL_cpuid_setup:
+@@ -131,9 +137,7 @@ OPENSSL_wipe_cpu:
+ .proc OPENSSL_cleanse#
+ OPENSSL_cleanse:
+ { .mib; cmp.eq p6,p0=0,r33 // len==0
+-#if defined(_HPUX_SOURCE) && !defined(_LP64)
+- addp4 r32=0,r32
+-#endif
++ ADDP r32=0,r32
+ (p6) br.ret.spnt b0 };;
+ { .mib; and r2=7,r32
+ cmp.leu p6,p0=15,r33 // len>=15
+@@ -166,14 +170,51 @@ OPENSSL_cleanse:
+ (p6) br.ret.sptk.many b0 };;
+ .endp OPENSSL_cleanse#
+
++.global CRYPTO_memcmp#
++.proc CRYPTO_memcmp#
++.align 32
++.skip 16
++CRYPTO_memcmp:
++ .prologue
++{ .mib; mov r8=0
++ cmp.eq p6,p0=0,r34 // len==0?
++(p6) br.ret.spnt b0 };;
++ .save ar.pfs,r2
++{ .mib; alloc r2=ar.pfs,3,5,0,8
++ .save ar.lc,r3
++ mov r3=ar.lc
++ brp.loop.imp .Loop_cmp_ctop,.Loop_cmp_cend-16
++ }
++{ .mib; sub r10=r34,r0,1
++ .save pr,r9
++ mov r9=pr };;
++{ .mii; ADDP r16=0,r32
++ mov ar.lc=r10
++ mov ar.ec=4 }
++{ .mib; ADDP r17=0,r33
++ mov pr.rot=1<<16 };;
++
++.Loop_cmp_ctop:
++{ .mib; (p16) ld1 r32=[r16],1
++ (p18) xor r34=r34,r38 }
++{ .mib; (p16) ld1 r36=[r17],1
++ (p19) or r8=r8,r35
++ br.ctop.sptk .Loop_cmp_ctop };;
++.Loop_cmp_cend:
++
++{ .mib; cmp.ne p6,p0=0,r8
++ mov ar.lc=r3 };;
++{ .mib;
++(p6) mov r8=1
++ mov pr=r9,0x1ffff
++ br.ret.sptk.many b0 };;
++.endp CRYPTO_memcmp#
++
+ .global OPENSSL_instrument_bus#
+ .proc OPENSSL_instrument_bus#
+ OPENSSL_instrument_bus:
+ { .mmi; mov r2=r33
+-#if defined(_HPUX_SOURCE) && !defined(_LP64)
+- addp4 r32=0,r32
+-#endif
+- }
++ ADDP r32=0,r32 }
+ { .mmi; mov r8=ar.itc;;
+ mov r10=r0
+ mov r9=r8 };;
+@@ -208,10 +249,7 @@ OPENSSL_instrument_bus:
+ .proc OPENSSL_instrument_bus2#
+ OPENSSL_instrument_bus2:
+ { .mmi; mov r2=r33 // put aside cnt
+-#if defined(_HPUX_SOURCE) && !defined(_LP64)
+- addp4 r32=0,r32
+-#endif
+- }
++ ADDP r32=0,r32 }
+ { .mmi; mov r8=ar.itc;;
+ mov r10=r0
+ mov r9=r8 };;
+diff --git a/crypto/idea/Makefile.in b/crypto/idea/Makefile.in
+deleted file mode 100644
+index 61ab62b..0000000
+--- a/crypto/idea/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/idea/Makefile
+-#
+-
+-DIR= idea
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+-LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= idea_lcl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/idea/i_cbc.c b/crypto/idea/i_cbc.c
+index 5cdcc64..a70a868 100644
+--- a/crypto/idea/i_cbc.c
++++ b/crypto/idea/i_cbc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/idea.h>
+diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c
+index f6ed632..daf467e 100644
+--- a/crypto/idea/i_cfb64.c
++++ b/crypto/idea/i_cfb64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/idea.h>
+diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c
+index 9ab64b7..2208287 100644
+--- a/crypto/idea/i_ecb.c
++++ b/crypto/idea/i_ecb.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/idea.h>
+diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c
+index 174f635..997a7b8 100644
+--- a/crypto/idea/i_ofb64.c
++++ b/crypto/idea/i_ofb64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/idea.h>
+diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c
+index c86140f..0285324 100644
+--- a/crypto/idea/i_skey.c
++++ b/crypto/idea/i_skey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/idea.h>
+diff --git a/crypto/idea/idea_lcl.h b/crypto/idea/idea_lcl.h
+index 9be76cd..f227d0d 100644
+--- a/crypto/idea/idea_lcl.h
++++ b/crypto/idea/idea_lcl.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/include/internal/asn1_int.h b/crypto/include/internal/asn1_int.h
+index 0b38eaa..4524fe2 100644
+--- a/crypto/include/internal/asn1_int.h
++++ b/crypto/include/internal/asn1_int.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2015.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Internal ASN1 structures and functions: not for application use */
+diff --git a/crypto/include/internal/async.h b/crypto/include/internal/async.h
+index 76fe4d1..db56258 100644
+--- a/crypto/include/internal/async.h
++++ b/crypto/include/internal/async.h
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project
+- */
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/async.h>
+diff --git a/crypto/include/internal/bn_conf.h.in b/crypto/include/internal/bn_conf.h.in
+index e25a435..ec6e4f6 100644
+--- a/crypto/include/internal/bn_conf.h.in
++++ b/crypto/include/internal/bn_conf.h.in
+@@ -1,56 +1,11 @@
+ {- join("\n",map { "/* $_ */" } @autowarntext) -}
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_BN_CONF_H
+diff --git a/crypto/include/internal/bn_dh.h b/crypto/include/internal/bn_dh.h
+index 3810514..b4bca40 100644
+--- a/crypto/include/internal/bn_dh.h
++++ b/crypto/include/internal/bn_dh.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #define declare_dh_bn(x) \
+ const extern BIGNUM _bignum_dh##x##_p; \
+ const extern BIGNUM _bignum_dh##x##_g; \
+diff --git a/crypto/include/internal/bn_int.h b/crypto/include/internal/bn_int.h
+index 8ea5193..9c984ba 100644
+--- a/crypto/include/internal/bn_int.h
++++ b/crypto/include/internal/bn_int.h
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_BN_INT_H
+diff --git a/crypto/include/internal/bn_srp.h b/crypto/include/internal/bn_srp.h
+index 153c8cd..d4b282a 100644
+--- a/crypto/include/internal/bn_srp.h
++++ b/crypto/include/internal/bn_srp.h
+@@ -1,3 +1,11 @@
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ #ifndef OPENSSL_NO_SRP
+
+diff --git a/crypto/include/internal/chacha.h b/crypto/include/internal/chacha.h
+index dacbdf5..7d4366e 100644
+--- a/crypto/include/internal/chacha.h
++++ b/crypto/include/internal/chacha.h
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_CHACHA_H
+diff --git a/crypto/include/internal/cryptlib.h b/crypto/include/internal/cryptlib.h
+index 5fc7f0d..f2377d1 100644
+--- a/crypto/include/internal/cryptlib.h
++++ b/crypto/include/internal/cryptlib.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_CRYPTLIB_H
+@@ -115,6 +67,8 @@ void OPENSSL_showfatal(const char *fmta, ...);
+ extern int OPENSSL_NONPIC_relocated;
+ void crypto_cleanup_all_ex_data_int(void);
+
++int openssl_strerror_r(int errnum, char *buf, size_t buflen);
++
+ #ifdef __cplusplus
+ }
+ #endif
+diff --git a/crypto/include/internal/cryptlib_int.h b/crypto/include/internal/cryptlib_int.h
+index a38ac18..aa02ddc 100644
+--- a/crypto/include/internal/cryptlib_int.h
++++ b/crypto/include/internal/cryptlib_int.h
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <internal/cryptlib.h>
+@@ -68,7 +20,7 @@ int ossl_init_thread_start(uint64_t opts);
+
+ /*
+ * OPENSSL_INIT flags. The primary list of these is in crypto.h. Flags below
+- * are those ommitted from crypto.h because they are "reserverd for internal
++ * are those ommitted from crypto.h because they are "reserved for internal
+ * use".
+ */
+ # define OPENSSL_INIT_ZLIB 0x00010000L
+diff --git a/crypto/include/internal/dso_conf.h.in b/crypto/include/internal/dso_conf.h.in
+index e78e727..daa5e24 100644
+--- a/crypto/include/internal/dso_conf.h.in
++++ b/crypto/include/internal/dso_conf.h.in
+@@ -1,56 +1,11 @@
+ {- join("\n",map { "/* $_ */" } @autowarntext) -}
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_DSO_CONF_H
+diff --git a/crypto/include/internal/engine.h b/crypto/include/internal/engine.h
+index fffce40..977cf06 100644
+--- a/crypto/include/internal/engine.h
++++ b/crypto/include/internal/engine.h
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/engine.h>
+diff --git a/crypto/include/internal/err_int.h b/crypto/include/internal/err_int.h
+index 7f1037e..749a8db 100644
+--- a/crypto/include/internal/err_int.h
++++ b/crypto/include/internal/err_int.h
+@@ -1,11 +1,10 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #ifndef INTERNAL_ERR_INT_H
+@@ -13,5 +12,6 @@
+
+ void err_load_crypto_strings_int(void);
+ void err_cleanup(void);
++void err_delete_thread_state(void);
+
+ #endif
+diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h
+index ca130c2..1c35319 100644
+--- a/crypto/include/internal/evp_int.h
++++ b/crypto/include/internal/evp_int.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2015.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ struct evp_pkey_ctx_st {
+diff --git a/crypto/include/internal/md32_common.h b/crypto/include/internal/md32_common.h
+index 156fa3a..21133a3 100644
+--- a/crypto/include/internal/md32_common.h
++++ b/crypto/include/internal/md32_common.h
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*-
+@@ -387,7 +346,7 @@ int HASH_FINAL(unsigned char *md, HASH_CTX *c)
+ # if defined(__alpha) || defined(__sparcv9) || defined(__mips)
+ # define MD32_REG_T long
+ /*
+- * This comment was originaly written for MD5, which is why it
++ * This comment was originally written for MD5, which is why it
+ * discusses A-D. But it basically applies to all 32-bit digests,
+ * which is why it was moved to common header file.
+ *
+diff --git a/crypto/include/internal/objects.h b/crypto/include/internal/objects.h
+index 86000b6..76e1b4d 100644
+--- a/crypto/include/internal/objects.h
++++ b/crypto/include/internal/objects.h
+@@ -1,9 +1,10 @@
+ /*
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #include <openssl/objects.h>
+diff --git a/crypto/include/internal/poly1305.h b/crypto/include/internal/poly1305.h
+index 8e2cac5..1bc8716 100644
+--- a/crypto/include/internal/poly1305.h
++++ b/crypto/include/internal/poly1305.h
+@@ -1,52 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stddef.h>
+
+ #define POLY1305_BLOCK_SIZE 16
+diff --git a/crypto/include/internal/rand.h b/crypto/include/internal/rand.h
+index be92fa1..30887c4 100644
+--- a/crypto/include/internal/rand.h
++++ b/crypto/include/internal/rand.h
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Licensed under the OpenSSL licenses, (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h
+index ee49f2a..d8ec623 100644
+--- a/crypto/include/internal/x509_int.h
++++ b/crypto/include/internal/x509_int.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2015.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Internal X509 structures and functions: not for application use */
+@@ -109,7 +60,7 @@ struct X509_req_st {
+
+ struct X509_crl_info_st {
+ ASN1_INTEGER *version; /* version: defaults to v1(0) so may be NULL */
+- X509_ALGOR sig_alg; /* signagture algorithm */
++ X509_ALGOR sig_alg; /* signature algorithm */
+ X509_NAME *issuer; /* CRL issuer name */
+ ASN1_TIME *lastUpdate; /* lastUpdate field */
+ ASN1_TIME *nextUpdate; /* nextUpdate field: optional */
+diff --git a/crypto/init.c b/crypto/init.c
+index 48f74c4..2344f99 100644
+--- a/crypto/init.c
++++ b/crypto/init.c
+@@ -1,61 +1,12 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+-#include <internal/threads.h>
+ #include <internal/cryptlib_int.h>
+ #include <openssl/err.h>
+ #include <internal/rand.h>
+@@ -351,9 +302,9 @@ static void ossl_init_thread_stop(struct thread_local_inits_st *locals)
+ if (locals->err_state) {
+ #ifdef OPENSSL_INIT_DEBUG
+ fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: "
+- "ERR_remove_thread_state()\n");
++ "err_delete_thread_state()\n");
+ #endif
+- ERR_remove_thread_state();
++ err_delete_thread_state();
+ }
+
+ OPENSSL_free(locals);
+diff --git a/crypto/kdf/Makefile.in b/crypto/kdf/Makefile.in
+deleted file mode 100644
+index 5ab2cbf..0000000
+--- a/crypto/kdf/Makefile.in
++++ /dev/null
+@@ -1,53 +0,0 @@
+-#
+-# OpenSSL/crypto/kdf/Makefile
+-#
+-
+-DIR= kdf
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=tls1_prf.c kdf_err.c hkdf.c
+-LIBOBJ=tls1_prf.o kdf_err.o hkdf.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-tags:
+- ctags $(SRC)
+-
+-tests:
+-
+-lint:
+- lint -DLINT $(INCLUDES) $(SRC)>fluff
+-
+-update: depend
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/kdf/hkdf.c b/crypto/kdf/hkdf.c
+index bbe4334..00b95b5 100644
+--- a/crypto/kdf/hkdf.c
++++ b/crypto/kdf/hkdf.c
+@@ -1,49 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdlib.h>
+diff --git a/crypto/kdf/kdf_err.c b/crypto/kdf/kdf_err.c
+index b0321c5..6707a52 100644
+--- a/crypto/kdf/kdf_err.c
++++ b/crypto/kdf/kdf_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/kdf/tls1_prf.c b/crypto/kdf/tls1_prf.c
+index 4b40c88..fa13732 100644
+--- a/crypto/kdf/tls1_prf.c
++++ b/crypto/kdf/tls1_prf.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2016.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/lhash/Makefile.in b/crypto/lhash/Makefile.in
+deleted file mode 100644
+index 9b9281f..0000000
+--- a/crypto/lhash/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/lhash/Makefile
+-#
+-
+-DIR= lhash
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=lhash.c lh_stats.c
+-LIBOBJ=lhash.o lh_stats.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/lhash/lh_stats.c b/crypto/lhash/lh_stats.c
+index cad3a61..7337832 100644
+--- a/crypto/lhash/lh_stats.c
++++ b/crypto/lhash/lh_stats.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -66,50 +18,48 @@
+
+ #include <openssl/bio.h>
+ #include <openssl/lhash.h>
++#include "lhash_lcl.h"
+
+ # ifndef OPENSSL_NO_STDIO
+-void lh_stats(const _LHASH *lh, FILE *fp)
++void OPENSSL_LH_stats(const OPENSSL_LHASH *lh, FILE *fp)
+ {
+ BIO *bp;
+
+ bp = BIO_new(BIO_s_file());
+ if (bp == NULL)
+- goto end;
++ return;
+ BIO_set_fp(bp, fp, BIO_NOCLOSE);
+- lh_stats_bio(lh, bp);
++ OPENSSL_LH_stats_bio(lh, bp);
+ BIO_free(bp);
+- end:;
+ }
+
+-void lh_node_stats(const _LHASH *lh, FILE *fp)
++void OPENSSL_LH_node_stats(const OPENSSL_LHASH *lh, FILE *fp)
+ {
+ BIO *bp;
+
+ bp = BIO_new(BIO_s_file());
+ if (bp == NULL)
+- goto end;
++ return;
+ BIO_set_fp(bp, fp, BIO_NOCLOSE);
+- lh_node_stats_bio(lh, bp);
++ OPENSSL_LH_node_stats_bio(lh, bp);
+ BIO_free(bp);
+- end:;
+ }
+
+-void lh_node_usage_stats(const _LHASH *lh, FILE *fp)
++void OPENSSL_LH_node_usage_stats(const OPENSSL_LHASH *lh, FILE *fp)
+ {
+ BIO *bp;
+
+ bp = BIO_new(BIO_s_file());
+ if (bp == NULL)
+- goto end;
++ return;
+ BIO_set_fp(bp, fp, BIO_NOCLOSE);
+- lh_node_usage_stats_bio(lh, bp);
++ OPENSSL_LH_node_usage_stats_bio(lh, bp);
+ BIO_free(bp);
+- end:;
+ }
+
+ # endif
+
+-void lh_stats_bio(const _LHASH *lh, BIO *out)
++void OPENSSL_LH_stats_bio(const OPENSSL_LHASH *lh, BIO *out)
+ {
+ BIO_printf(out, "num_items = %lu\n", lh->num_items);
+ BIO_printf(out, "num_nodes = %u\n", lh->num_nodes);
+@@ -130,9 +80,9 @@ void lh_stats_bio(const _LHASH *lh, BIO *out)
+ BIO_printf(out, "num_hash_comps = %lu\n", lh->num_hash_comps);
+ }
+
+-void lh_node_stats_bio(const _LHASH *lh, BIO *out)
++void OPENSSL_LH_node_stats_bio(const OPENSSL_LHASH *lh, BIO *out)
+ {
+- LHASH_NODE *n;
++ OPENSSL_LH_NODE *n;
+ unsigned int i, num;
+
+ for (i = 0; i < lh->num_nodes; i++) {
+@@ -142,9 +92,9 @@ void lh_node_stats_bio(const _LHASH *lh, BIO *out)
+ }
+ }
+
+-void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out)
++void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out)
+ {
+- LHASH_NODE *n;
++ OPENSSL_LH_NODE *n;
+ unsigned long num;
+ unsigned int i;
+ unsigned long total = 0, n_used = 0;
+diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
+index 60e9223..3e58eea 100644
+--- a/crypto/lhash/lhash.c
++++ b/crypto/lhash/lhash.c
+@@ -1,124 +1,39 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+-/*-
+- * Code for dynamic hash table routines
+- * Author - Eric Young v 2.0
+- *
+- * 2.2 eay - added #include "crypto.h" so the memory leak checking code is
+- * present. eay 18-Jun-98
+- *
+- * 2.1 eay - Added an 'error in last operation' flag. eay 6-May-98
+- *
+- * 2.0 eay - Fixed a bug that occurred when using lh_delete
+- * from inside lh_doall(). As entries were deleted,
+- * the 'table' was 'contract()ed', making some entries
+- * jump from the end of the table to the start, there by
+- * skipping the lh_doall() processing. eay - 4/12/95
+- *
+- * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
+- * were not being free()ed. 21/11/95
+- *
+- * 1.8 eay - Put the stats routines into a separate file, lh_stats.c
+- * 19/09/95
+- *
+- * 1.7 eay - Removed the fputs() for realloc failures - the code
+- * should silently tolerate them. I have also fixed things
+- * lint complained about 04/05/95
+- *
+- * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92
+- *
+- * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992
+- *
+- * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91
+- *
+- * 1.3 eay - Fixed a few lint problems 19/3/1991
+- *
+- * 1.2 eay - Fixed lh_doall problem 13/3/1991
+- *
+- * 1.1 eay - Added lh_doall
+- *
+- * 1.0 eay - First version
+- */
+ #include <stdio.h>
+ #include <string.h>
+ #include <stdlib.h>
+ #include <openssl/crypto.h>
+ #include <openssl/lhash.h>
++#include "lhash_lcl.h"
++
+
+ #undef MIN_NODES
+ #define MIN_NODES 16
+ #define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */
+ #define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */
+
+-static void expand(_LHASH *lh);
+-static void contract(_LHASH *lh);
+-static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash);
++static void expand(OPENSSL_LHASH *lh);
++static void contract(OPENSSL_LHASH *lh);
++static OPENSSL_LH_NODE **getrn(OPENSSL_LHASH *lh, const void *data, unsigned long *rhash);
+
+-_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
++OPENSSL_LHASH *OPENSSL_LH_new(OPENSSL_LH_HASHFUNC h, OPENSSL_LH_COMPFUNC c)
+ {
+- _LHASH *ret;
++ OPENSSL_LHASH *ret;
+
+ if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL)
+ goto err0;
+ if ((ret->b = OPENSSL_zalloc(sizeof(*ret->b) * MIN_NODES)) == NULL)
+ goto err1;
+- ret->comp = ((c == NULL) ? (LHASH_COMP_FN_TYPE)strcmp : c);
+- ret->hash = ((h == NULL) ? (LHASH_HASH_FN_TYPE)lh_strhash : h);
++ ret->comp = ((c == NULL) ? (OPENSSL_LH_COMPFUNC)strcmp : c);
++ ret->hash = ((h == NULL) ? (OPENSSL_LH_HASHFUNC)OPENSSL_LH_strhash : h);
+ ret->num_nodes = MIN_NODES / 2;
+ ret->num_alloc_nodes = MIN_NODES;
+ ret->pmax = MIN_NODES / 2;
+@@ -132,10 +47,10 @@ _LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
+ return (NULL);
+ }
+
+-void lh_free(_LHASH *lh)
++void OPENSSL_LH_free(OPENSSL_LHASH *lh)
+ {
+ unsigned int i;
+- LHASH_NODE *n, *nn;
++ OPENSSL_LH_NODE *n, *nn;
+
+ if (lh == NULL)
+ return;
+@@ -152,10 +67,10 @@ void lh_free(_LHASH *lh)
+ OPENSSL_free(lh);
+ }
+
+-void *lh_insert(_LHASH *lh, void *data)
++void *OPENSSL_LH_insert(OPENSSL_LHASH *lh, void *data)
+ {
+ unsigned long hash;
+- LHASH_NODE *nn, **rn;
++ OPENSSL_LH_NODE *nn, **rn;
+ void *ret;
+
+ lh->error = 0;
+@@ -185,10 +100,10 @@ void *lh_insert(_LHASH *lh, void *data)
+ return (ret);
+ }
+
+-void *lh_delete(_LHASH *lh, const void *data)
++void *OPENSSL_LH_delete(OPENSSL_LHASH *lh, const void *data)
+ {
+ unsigned long hash;
+- LHASH_NODE *nn, **rn;
++ OPENSSL_LH_NODE *nn, **rn;
+ void *ret;
+
+ lh->error = 0;
+@@ -213,10 +128,10 @@ void *lh_delete(_LHASH *lh, const void *data)
+ return (ret);
+ }
+
+-void *lh_retrieve(_LHASH *lh, const void *data)
++void *OPENSSL_LH_retrieve(OPENSSL_LHASH *lh, const void *data)
+ {
+ unsigned long hash;
+- LHASH_NODE **rn;
++ OPENSSL_LH_NODE **rn;
+ void *ret;
+
+ lh->error = 0;
+@@ -232,11 +147,12 @@ void *lh_retrieve(_LHASH *lh, const void *data)
+ return (ret);
+ }
+
+-static void doall_util_fn(_LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
+- LHASH_DOALL_ARG_FN_TYPE func_arg, void *arg)
++static void doall_util_fn(OPENSSL_LHASH *lh, int use_arg,
++ OPENSSL_LH_DOALL_FUNC func,
++ OPENSSL_LH_DOALL_FUNCARG func_arg, void *arg)
+ {
+ int i;
+- LHASH_NODE *a, *n;
++ OPENSSL_LH_NODE *a, *n;
+
+ if (lh == NULL)
+ return;
+@@ -248,13 +164,6 @@ static void doall_util_fn(_LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
+ for (i = lh->num_nodes - 1; i >= 0; i--) {
+ a = lh->b[i];
+ while (a != NULL) {
+- /*
+- * 28/05/91 - eay - n added so items can be deleted via lh_doall
+- */
+- /*
+- * 22/05/08 - ben - eh? since a is not passed, this should not be
+- * needed
+- */
+ n = a->next;
+ if (use_arg)
+ func_arg(a->data, arg);
+@@ -265,19 +174,19 @@ static void doall_util_fn(_LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
+ }
+ }
+
+-void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func)
++void OPENSSL_LH_doall(OPENSSL_LHASH *lh, OPENSSL_LH_DOALL_FUNC func)
+ {
+- doall_util_fn(lh, 0, func, (LHASH_DOALL_ARG_FN_TYPE)0, NULL);
++ doall_util_fn(lh, 0, func, (OPENSSL_LH_DOALL_FUNCARG)0, NULL);
+ }
+
+-void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
++void OPENSSL_LH_doall_arg(OPENSSL_LHASH *lh, OPENSSL_LH_DOALL_FUNCARG func, void *arg)
+ {
+- doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg);
++ doall_util_fn(lh, 1, (OPENSSL_LH_DOALL_FUNC)0, func, arg);
+ }
+
+-static void expand(_LHASH *lh)
++static void expand(OPENSSL_LHASH *lh)
+ {
+- LHASH_NODE **n, **n1, **n2, *np;
++ OPENSSL_LH_NODE **n, **n1, **n2, *np;
+ unsigned int p, i, j;
+ unsigned long hash, nni;
+
+@@ -286,7 +195,7 @@ static void expand(_LHASH *lh)
+ p = (int)lh->p++;
+ n1 = &(lh->b[p]);
+ n2 = &(lh->b[p + (int)lh->pmax]);
+- *n2 = NULL; /* 27/07/92 - eay - undefined pointer bug */
++ *n2 = NULL;
+ nni = lh->num_alloc_nodes;
+
+ for (np = *n1; np != NULL;) {
+@@ -302,7 +211,7 @@ static void expand(_LHASH *lh)
+
+ if ((lh->p) >= lh->pmax) {
+ j = (int)lh->num_alloc_nodes * 2;
+- n = OPENSSL_realloc(lh->b, (int)(sizeof(LHASH_NODE *) * j));
++ n = OPENSSL_realloc(lh->b, (int)(sizeof(OPENSSL_LH_NODE *) * j));
+ if (n == NULL) {
+ /* fputs("realloc error in lhash",stderr); */
+ lh->error++;
+@@ -319,15 +228,15 @@ static void expand(_LHASH *lh)
+ }
+ }
+
+-static void contract(_LHASH *lh)
++static void contract(OPENSSL_LHASH *lh)
+ {
+- LHASH_NODE **n, *n1, *np;
++ OPENSSL_LH_NODE **n, *n1, *np;
+
+ np = lh->b[lh->p + lh->pmax - 1];
+ lh->b[lh->p + lh->pmax - 1] = NULL; /* 24/07-92 - eay - weird but :-( */
+ if (lh->p == 0) {
+ n = OPENSSL_realloc(lh->b,
+- (unsigned int)(sizeof(LHASH_NODE *) * lh->pmax));
++ (unsigned int)(sizeof(OPENSSL_LH_NODE *) * lh->pmax));
+ if (n == NULL) {
+ /* fputs("realloc error in lhash",stderr); */
+ lh->error++;
+@@ -354,11 +263,12 @@ static void contract(_LHASH *lh)
+ }
+ }
+
+-static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash)
++static OPENSSL_LH_NODE **getrn(OPENSSL_LHASH *lh,
++ const void *data, unsigned long *rhash)
+ {
+- LHASH_NODE **ret, *n1;
++ OPENSSL_LH_NODE **ret, *n1;
+ unsigned long hash, nn;
+- LHASH_COMP_FN_TYPE cf;
++ OPENSSL_LH_COMPFUNC cf;
+
+ hash = (*(lh->hash)) (data);
+ lh->num_hash_calls++;
+@@ -389,7 +299,7 @@ static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash)
+ * collisions on /usr/dict/words and it distributes on %2^n quite well, not
+ * as good as MD5, but still good.
+ */
+-unsigned long lh_strhash(const char *c)
++unsigned long OPENSSL_LH_strhash(const char *c)
+ {
+ unsigned long ret = 0;
+ long n;
+@@ -417,22 +327,22 @@ unsigned long lh_strhash(const char *c)
+ return ((ret >> 16) ^ ret);
+ }
+
+-unsigned long lh_num_items(const _LHASH *lh)
++unsigned long OPENSSL_LH_num_items(const OPENSSL_LHASH *lh)
+ {
+ return lh ? lh->num_items : 0;
+ }
+
+-unsigned long lh_get_down_load(const _LHASH *lh)
++unsigned long OPENSSL_LH_get_down_load(const OPENSSL_LHASH *lh)
+ {
+ return lh->down_load;
+ }
+
+-void lh_set_down_load(_LHASH *lh, unsigned long down_load)
++void OPENSSL_LH_set_down_load(OPENSSL_LHASH *lh, unsigned long down_load)
+ {
+ lh->down_load = down_load;
+ }
+
+-int lh_error(_LHASH *lh)
++int OPENSSL_LH_error(OPENSSL_LHASH *lh)
+ {
+ return lh->error;
+ }
+diff --git a/crypto/lhash/lhash_lcl.h b/crypto/lhash/lhash_lcl.h
+new file mode 100644
+index 0000000..eb4a1a3
+--- /dev/null
++++ b/crypto/lhash/lhash_lcl.h
+@@ -0,0 +1,42 @@
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++
++struct lhash_node_st {
++ void *data;
++ struct lhash_node_st *next;
++ unsigned long hash;
++};
++
++struct lhash_st {
++ OPENSSL_LH_NODE **b;
++ OPENSSL_LH_COMPFUNC comp;
++ OPENSSL_LH_HASHFUNC hash;
++ unsigned int num_nodes;
++ unsigned int num_alloc_nodes;
++ unsigned int p;
++ unsigned int pmax;
++ unsigned long up_load; /* load times 256 */
++ unsigned long down_load; /* load times 256 */
++ unsigned long num_items;
++ unsigned long num_expands;
++ unsigned long num_expand_reallocs;
++ unsigned long num_contracts;
++ unsigned long num_contract_reallocs;
++ unsigned long num_hash_calls;
++ unsigned long num_comp_calls;
++ unsigned long num_insert;
++ unsigned long num_replace;
++ unsigned long num_delete;
++ unsigned long num_no_delete;
++ unsigned long num_retrieve;
++ unsigned long num_retrieve_miss;
++ unsigned long num_hash_comps;
++ int error;
++};
+diff --git a/crypto/lhash/num.pl b/crypto/lhash/num.pl
+index 4440a99..8a8c42c 100644
+--- a/crypto/lhash/num.pl
++++ b/crypto/lhash/num.pl
+@@ -1,4 +1,10 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ #node 10 -> 4
+
+diff --git a/crypto/md2/Makefile.in b/crypto/md2/Makefile.in
+deleted file mode 100644
+index 16bfea7..0000000
+--- a/crypto/md2/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/md/Makefile
+-#
+-
+-DIR= md2
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=md2_dgst.c md2_one.c
+-LIBOBJ=md2_dgst.o md2_one.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/md2/md2_dgst.c b/crypto/md2/md2_dgst.c
+index 80dec23..b43cd4f 100644
+--- a/crypto/md2/md2_dgst.c
++++ b/crypto/md2/md2_dgst.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/md2/md2_one.c b/crypto/md2/md2_one.c
+index ad643ee..460f96e 100644
+--- a/crypto/md2/md2_one.c
++++ b/crypto/md2/md2_one.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/md4/Makefile.in b/crypto/md4/Makefile.in
+deleted file mode 100644
+index f63c611..0000000
+--- a/crypto/md4/Makefile.in
++++ /dev/null
+@@ -1,44 +0,0 @@
+-#
+-# OpenSSL/crypto/md4/Makefile
+-#
+-
+-DIR= md4
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=md4_dgst.c md4_one.c
+-LIBOBJ=md4_dgst.o md4_one.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= md4_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/md4/md4_dgst.c b/crypto/md4/md4_dgst.c
+index ab1e55b..5319618 100644
+--- a/crypto/md4/md4_dgst.c
++++ b/crypto/md4/md4_dgst.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/md4/md4_locl.h b/crypto/md4/md4_locl.h
+index 7e9701c..6aec556 100644
+--- a/crypto/md4/md4_locl.h
++++ b/crypto/md4/md4_locl.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdlib.h>
+diff --git a/crypto/md4/md4_one.c b/crypto/md4/md4_one.c
+index efcf2c6..9f0989f 100644
+--- a/crypto/md4/md4_one.c
++++ b/crypto/md4/md4_one.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/md5/Makefile.in b/crypto/md5/Makefile.in
+deleted file mode 100644
+index 48ddab3..0000000
+--- a/crypto/md5/Makefile.in
++++ /dev/null
+@@ -1,61 +0,0 @@
+-#
+-# OpenSSL/crypto/md5/Makefile
+-#
+-
+-DIR= md5
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=-I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-MD5_ASM_OBJ=
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=md5_dgst.c md5_one.c
+-LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= md5_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-md5-586.s: asm/md5-586.pl ../perlasm/x86asm.pl
+- $(PERL) asm/md5-586.pl $(PERLASM_SCHEME) $(CFLAGS) $@
+-
+-md5-x86_64.s: asm/md5-x86_64.pl
+- $(PERL) asm/md5-x86_64.pl $(PERLASM_SCHEME) $@
+-
+-md5-ia64.s: asm/md5-ia64.S
+- $(CC) $(CFLAGS) -E asm/md5-ia64.S | \
+- $(PERL) -ne 's/;\s+/;\n/g; print;' > $@
+-
+-md5-sparcv9.S: asm/md5-sparcv9.pl
+- $(PERL) asm/md5-sparcv9.pl $(PERLASM_SCHEME) $@
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/md5/asm/md5-586.pl b/crypto/md5/asm/md5-586.pl
+index b3b756c..24f68af 100644
+--- a/crypto/md5/asm/md5-586.pl
++++ b/crypto/md5/asm/md5-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # Normal is the
+ # md5_block_x86(MD5_CTX *c, ULONG *X);
+diff --git a/crypto/md5/asm/md5-sparcv9.pl b/crypto/md5/asm/md5-sparcv9.pl
+index 1c4ae52..09e6d71 100644
+--- a/crypto/md5/asm/md5-sparcv9.pl
++++ b/crypto/md5/asm/md5-sparcv9.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/md5/asm/md5-x86_64.pl b/crypto/md5/asm/md5-x86_64.pl
+index 8d820e1..be5e879 100755
+--- a/crypto/md5/asm/md5-x86_64.pl
++++ b/crypto/md5/asm/md5-x86_64.pl
+@@ -1,11 +1,13 @@
+-#!/usr/bin/perl -w
+-#
+-# MD5 optimized for AMD64.
+-#
++#! /usr/bin/env perl
+ # Author: Marc Bevand <bevand_m (at) epita.fr>
+-# Licence: I hereby disclaim the copyright on this code and place it
+-# in the public domain.
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++# MD5 optimized for AMD64.
+
+ use strict;
+
+diff --git a/crypto/md5/md5_dgst.c b/crypto/md5/md5_dgst.c
+index 37b0d31..fbede67 100644
+--- a/crypto/md5/md5_dgst.c
++++ b/crypto/md5/md5_dgst.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/md5/md5_locl.h b/crypto/md5/md5_locl.h
+index f2d80a0..9c7aade 100644
+--- a/crypto/md5/md5_locl.h
++++ b/crypto/md5/md5_locl.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdlib.h>
+@@ -61,7 +13,7 @@
+ #include <openssl/md5.h>
+
+ #ifdef MD5_ASM
+-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \
++# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
+ defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
+ # define md5_block_data_order md5_block_asm_data_order
+ # elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+diff --git a/crypto/md5/md5_one.c b/crypto/md5/md5_one.c
+index 9771dcf..becd87e 100644
+--- a/crypto/md5/md5_one.c
++++ b/crypto/md5/md5_one.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/mdc2/Makefile.in b/crypto/mdc2/Makefile.in
+deleted file mode 100644
+index 2f2ccf9..0000000
+--- a/crypto/mdc2/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/mdc2/Makefile
+-#
+-
+-DIR= mdc2
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=mdc2dgst.c mdc2_one.c
+-LIBOBJ=mdc2dgst.o mdc2_one.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/mdc2/mdc2_one.c b/crypto/mdc2/mdc2_one.c
+index ee94bbe..472a5ec 100644
+--- a/crypto/mdc2/mdc2_one.c
++++ b/crypto/mdc2/mdc2_one.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c
+index abfba5a..6397a47 100644
+--- a/crypto/mdc2/mdc2dgst.c
++++ b/crypto/mdc2/mdc2dgst.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/mem.c b/crypto/mem.c
+index 16ef64c..6be14ab 100644
+--- a/crypto/mem.c
++++ b/crypto/mem.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -201,9 +153,10 @@ void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
+ }
+
+ ret = CRYPTO_malloc(num, file, line);
+- if (ret)
++ if (ret != NULL) {
+ memcpy(ret, str, old_len);
+- CRYPTO_clear_free(str, old_len, file, line);
++ CRYPTO_clear_free(str, old_len, file, line);
++ }
+ return ret;
+ }
+
+diff --git a/crypto/mem_clr.c b/crypto/mem_clr.c
+index 3389919..a1a4f93 100644
+--- a/crypto/mem_clr.c
++++ b/crypto/mem_clr.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c
+index 2b8cf73..0b48708 100644
+--- a/crypto/mem_dbg.c
++++ b/crypto/mem_dbg.c
+@@ -1,118 +1,16 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <time.h>
+ #include "internal/cryptlib.h"
+-#include "internal/threads.h"
+ #include <openssl/crypto.h>
+ #include <openssl/buffer.h>
+ #include "internal/bio.h"
+diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
+index 31c0525..4ccff34 100644
+--- a/crypto/mem_sec.c
++++ b/crypto/mem_sec.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Copyright 2004-2014, Akamai Technologies. All Rights Reserved.
+ * This file is distributed under the terms of the OpenSSL license.
+ */
+@@ -25,7 +34,6 @@
+ # include <sys/param.h>
+ # include <sys/stat.h>
+ # include <fcntl.h>
+-# include "internal/threads.h"
+ #endif
+
+ #define CLEAR(p, s) OPENSSL_cleanse(p, s)
+@@ -37,7 +45,6 @@
+ static size_t secure_mem_used;
+
+ static int secure_mem_initialized;
+-static int too_late;
+
+ static CRYPTO_RWLOCK *sec_malloc_lock = NULL;
+
+@@ -48,7 +55,7 @@ static int sh_init(size_t size, int minsize);
+ static char *sh_malloc(size_t size);
+ static void sh_free(char *ptr);
+ static void sh_done(void);
+-static int sh_actual_size(char *ptr);
++static size_t sh_actual_size(char *ptr);
+ static int sh_allocated(const char *ptr);
+ #endif
+
+@@ -57,10 +64,6 @@ int CRYPTO_secure_malloc_init(size_t size, int minsize)
+ #ifdef IMPLEMENTED
+ int ret = 0;
+
+- if (too_late)
+- return ret;
+-
+- OPENSSL_assert(!secure_mem_initialized);
+ if (!secure_mem_initialized) {
+ sec_malloc_lock = CRYPTO_THREAD_lock_new();
+ if (sec_malloc_lock == NULL)
+@@ -75,13 +78,17 @@ int CRYPTO_secure_malloc_init(size_t size, int minsize)
+ #endif /* IMPLEMENTED */
+ }
+
+-void CRYPTO_secure_malloc_done()
++int CRYPTO_secure_malloc_done()
+ {
+ #ifdef IMPLEMENTED
+- sh_done();
+- secure_mem_initialized = 0;
+- CRYPTO_THREAD_lock_free(sec_malloc_lock);
++ if (secure_mem_used == 0) {
++ sh_done();
++ secure_mem_initialized = 0;
++ CRYPTO_THREAD_lock_free(sec_malloc_lock);
++ return 1;
++ }
+ #endif /* IMPLEMENTED */
++ return 0;
+ }
+
+ int CRYPTO_secure_malloc_initialized()
+@@ -100,7 +107,6 @@ void *CRYPTO_secure_malloc(size_t num, const char *file, int line)
+ size_t actual_size;
+
+ if (!secure_mem_initialized) {
+- too_late = 1;
+ return CRYPTO_malloc(num, file, line);
+ }
+ CRYPTO_THREAD_write_lock(sec_malloc_lock);
+@@ -130,7 +136,7 @@ void CRYPTO_secure_free(void *ptr, const char *file, int line)
+
+ if (ptr == NULL)
+ return;
+- if (!secure_mem_initialized) {
++ if (!CRYPTO_secure_allocated(ptr)) {
+ CRYPTO_free(ptr, file, line);
+ return;
+ }
+@@ -208,9 +214,11 @@ size_t CRYPTO_secure_actual_size(void *ptr)
+ * place.
+ */
+
+-# define TESTBIT(t, b) (t[(b) >> 3] & (1 << ((b) & 7)))
+-# define SETBIT(t, b) (t[(b) >> 3] |= (1 << ((b) & 7)))
+-# define CLEARBIT(t, b) (t[(b) >> 3] &= (0xFF & ~(1 << ((b) & 7))))
++#define ONE ((size_t)1)
++
++# define TESTBIT(t, b) (t[(b) >> 3] & (ONE << ((b) & 7)))
++# define SETBIT(t, b) (t[(b) >> 3] |= (ONE << ((b) & 7)))
++# define CLEARBIT(t, b) (t[(b) >> 3] &= (0xFF & ~(ONE << ((b) & 7))))
+
+ #define WITHIN_ARENA(p) \
+ ((char*)(p) >= sh.arena && (char*)(p) < &sh.arena[sh.arena_size])
+@@ -229,21 +237,21 @@ typedef struct sh_st
+ char* map_result;
+ size_t map_size;
+ char *arena;
+- int arena_size;
++ size_t arena_size;
+ char **freelist;
+- int freelist_size;
+- int minsize;
++ ossl_ssize_t freelist_size;
++ size_t minsize;
+ unsigned char *bittable;
+ unsigned char *bitmalloc;
+- int bittable_size; /* size in bits */
++ size_t bittable_size; /* size in bits */
+ } SH;
+
+ static SH sh;
+
+-static int sh_getlist(char *ptr)
++static size_t sh_getlist(char *ptr)
+ {
+- int list = sh.freelist_size - 1;
+- int bit = (sh.arena_size + ptr - sh.arena) / sh.minsize;
++ ossl_ssize_t list = sh.freelist_size - 1;
++ size_t bit = (sh.arena_size + ptr - sh.arena) / sh.minsize;
+
+ for (; bit; bit >>= 1, list--) {
+ if (TESTBIT(sh.bittable, bit))
+@@ -257,22 +265,22 @@ static int sh_getlist(char *ptr)
+
+ static int sh_testbit(char *ptr, int list, unsigned char *table)
+ {
+- int bit;
++ size_t bit;
+
+ OPENSSL_assert(list >= 0 && list < sh.freelist_size);
+ OPENSSL_assert(((ptr - sh.arena) & ((sh.arena_size >> list) - 1)) == 0);
+- bit = (1 << list) + ((ptr - sh.arena) / (sh.arena_size >> list));
++ bit = (ONE << list) + ((ptr - sh.arena) / (sh.arena_size >> list));
+ OPENSSL_assert(bit > 0 && bit < sh.bittable_size);
+ return TESTBIT(table, bit);
+ }
+
+ static void sh_clearbit(char *ptr, int list, unsigned char *table)
+ {
+- int bit;
++ size_t bit;
+
+ OPENSSL_assert(list >= 0 && list < sh.freelist_size);
+ OPENSSL_assert(((ptr - sh.arena) & ((sh.arena_size >> list) - 1)) == 0);
+- bit = (1 << list) + ((ptr - sh.arena) / (sh.arena_size >> list));
++ bit = (ONE << list) + ((ptr - sh.arena) / (sh.arena_size >> list));
+ OPENSSL_assert(bit > 0 && bit < sh.bittable_size);
+ OPENSSL_assert(TESTBIT(table, bit));
+ CLEARBIT(table, bit);
+@@ -280,11 +288,11 @@ static void sh_clearbit(char *ptr, int list, unsigned char *table)
+
+ static void sh_setbit(char *ptr, int list, unsigned char *table)
+ {
+- int bit;
++ size_t bit;
+
+ OPENSSL_assert(list >= 0 && list < sh.freelist_size);
+ OPENSSL_assert(((ptr - sh.arena) & ((sh.arena_size >> list) - 1)) == 0);
+- bit = (1 << list) + ((ptr - sh.arena) / (sh.arena_size >> list));
++ bit = (ONE << list) + ((ptr - sh.arena) / (sh.arena_size >> list));
+ OPENSSL_assert(bit > 0 && bit < sh.bittable_size);
+ OPENSSL_assert(!TESTBIT(table, bit));
+ SETBIT(table, bit);
+@@ -449,21 +457,21 @@ static int sh_allocated(const char *ptr)
+
+ static char *sh_find_my_buddy(char *ptr, int list)
+ {
+- int bit;
++ size_t bit;
+ char *chunk = NULL;
+
+- bit = (1 << list) + (ptr - sh.arena) / (sh.arena_size >> list);
++ bit = (ONE << list) + (ptr - sh.arena) / (sh.arena_size >> list);
+ bit ^= 1;
+
+ if (TESTBIT(sh.bittable, bit) && !TESTBIT(sh.bitmalloc, bit))
+- chunk = sh.arena + ((bit & ((1 << list) - 1)) * (sh.arena_size >> list));
++ chunk = sh.arena + ((bit & ((ONE << list) - 1)) * (sh.arena_size >> list));
+
+ return chunk;
+ }
+
+ static char *sh_malloc(size_t size)
+ {
+- int list, slist;
++ ossl_ssize_t list, slist;
+ size_t i;
+ char *chunk;
+
+@@ -522,7 +530,7 @@ static char *sh_malloc(size_t size)
+
+ static void sh_free(char *ptr)
+ {
+- int list;
++ size_t list;
+ char *buddy;
+
+ if (ptr == NULL)
+@@ -559,7 +567,7 @@ static void sh_free(char *ptr)
+ }
+ }
+
+-static int sh_actual_size(char *ptr)
++static size_t sh_actual_size(char *ptr)
+ {
+ int list;
+
+@@ -568,6 +576,6 @@ static int sh_actual_size(char *ptr)
+ return 0;
+ list = sh_getlist(ptr);
+ OPENSSL_assert(sh_testbit(ptr, list, sh.bittable));
+- return sh.arena_size / (1 << list);
++ return sh.arena_size / (ONE << list);
+ }
+ #endif /* IMPLEMENTED */
+diff --git a/crypto/modes/Makefile.in b/crypto/modes/Makefile.in
+deleted file mode 100644
+index 22ab8b9..0000000
+--- a/crypto/modes/Makefile.in
++++ /dev/null
+@@ -1,76 +0,0 @@
+-#
+-# OpenSSL/crypto/modes/Makefile
+-#
+-
+-DIR= modes
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-MODES_ASM_OBJ=
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= cbc128.c ctr128.c cts128.c cfb128.c ofb128.c gcm128.c \
+- ccm128.c xts128.c wrap128.c ocb128.c
+-LIBOBJ= cbc128.o ctr128.o cts128.o cfb128.o ofb128.o gcm128.o \
+- ccm128.o xts128.o wrap128.o ocb128.o $(MODES_ASM_OBJ)
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= modes_lcl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-ghash-ia64.s: asm/ghash-ia64.pl
+- $(PERL) asm/ghash-ia64.pl $(CFLAGS) $@
+-ghash-x86.s: asm/ghash-x86.pl
+- $(PERL) asm/ghash-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-ghash-x86_64.s: asm/ghash-x86_64.pl
+- $(PERL) asm/ghash-x86_64.pl $(PERLASM_SCHEME) $@
+-aesni-gcm-x86_64.s: asm/aesni-gcm-x86_64.pl
+- $(PERL) asm/aesni-gcm-x86_64.pl $(PERLASM_SCHEME) $@
+-ghash-sparcv9.S: asm/ghash-sparcv9.pl
+- $(PERL) asm/ghash-sparcv9.pl $(PERLASM_SCHEME) $@
+-ghash-alpha.s: asm/ghash-alpha.pl
+- (preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+- $(PERL) asm/ghash-alpha.pl $$preproc && \
+- $(CC) -E -P $$preproc > $@ && rm $$preproc)
+-ghash-parisc.s: asm/ghash-parisc.pl
+- $(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
+-ghashv8-armx.S: asm/ghashv8-armx.pl
+- $(PERL) asm/ghashv8-armx.pl $(PERLASM_SCHEME) $@
+-ghashp8-ppc.s: asm/ghashp8-ppc.pl
+- $(PERL) asm/ghashp8-ppc.pl $(PERLASM_SCHEME) $@
+-
+-# GNU make "catch all"
+-ghash-%.S: asm/ghash-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-
+-ghash-armv4.o: ghash-armv4.S
+-ghashv8-armx.o: ghashv8-armx.S
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/modes/asm/aesni-gcm-x86_64.pl b/crypto/modes/asm/aesni-gcm-x86_64.pl
+index 8f5026b..921f44e 100644
+--- a/crypto/modes/asm/aesni-gcm-x86_64.pl
++++ b/crypto/modes/asm/aesni-gcm-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/asm/ghash-alpha.pl b/crypto/modes/asm/ghash-alpha.pl
+index df6b3a3..ccf6b2b 100644
+--- a/crypto/modes/asm/ghash-alpha.pl
++++ b/crypto/modes/asm/ghash-alpha.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/asm/ghash-armv4.pl b/crypto/modes/asm/ghash-armv4.pl
+index 6cc3653..db56c85 100644
+--- a/crypto/modes/asm/ghash-armv4.pl
++++ b/crypto/modes/asm/ghash-armv4.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/asm/ghash-c64xplus.pl b/crypto/modes/asm/ghash-c64xplus.pl
+index 93f6985..3cadda3 100644
+--- a/crypto/modes/asm/ghash-c64xplus.pl
++++ b/crypto/modes/asm/ghash-c64xplus.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/asm/ghash-ia64.pl b/crypto/modes/asm/ghash-ia64.pl
+index 9d49143..81e75f7 100755
+--- a/crypto/modes/asm/ghash-ia64.pl
++++ b/crypto/modes/asm/ghash-ia64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/asm/ghash-parisc.pl b/crypto/modes/asm/ghash-parisc.pl
+index d5ad96b..1d62545 100644
+--- a/crypto/modes/asm/ghash-parisc.pl
++++ b/crypto/modes/asm/ghash-parisc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/asm/ghash-s390x.pl b/crypto/modes/asm/ghash-s390x.pl
+index a46f3eb..65ffaf9 100644
+--- a/crypto/modes/asm/ghash-s390x.pl
++++ b/crypto/modes/asm/ghash-s390x.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+@@ -85,9 +92,7 @@ $code.=<<___ if(!$softonly && 0); # hardware is slow for single block...
+ tmhl %r0,0x4000 # check for message-security-assist
+ jz .Lsoft_gmult
+ lghi %r0,0
+- la %r1,16($sp)
+- .long 0xb93e0004 # kimd %r0,%r4
+- lg %r1,24($sp)
++ lg %r1,24(%r1) # load second word of kimd capabilities vector
+ tmhh %r1,0x4000 # check for function 65
+ jz .Lsoft_gmult
+ stg %r0,16($sp) # arrange 16 bytes of zero input
+diff --git a/crypto/modes/asm/ghash-sparcv9.pl b/crypto/modes/asm/ghash-sparcv9.pl
+index badfcf7..6ca3a9b 100644
+--- a/crypto/modes/asm/ghash-sparcv9.pl
++++ b/crypto/modes/asm/ghash-sparcv9.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/asm/ghash-x86.pl b/crypto/modes/asm/ghash-x86.pl
+index db6eeae..4eb0b2c 100644
+--- a/crypto/modes/asm/ghash-x86.pl
++++ b/crypto/modes/asm/ghash-x86.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/asm/ghash-x86_64.pl b/crypto/modes/asm/ghash-x86_64.pl
+index 006215e..a5633e4 100644
+--- a/crypto/modes/asm/ghash-x86_64.pl
++++ b/crypto/modes/asm/ghash-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/asm/ghashp8-ppc.pl b/crypto/modes/asm/ghashp8-ppc.pl
+index 71457cf..70a6353 100755
+--- a/crypto/modes/asm/ghashp8-ppc.pl
++++ b/crypto/modes/asm/ghashp8-ppc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/asm/ghashv8-armx.pl b/crypto/modes/asm/ghashv8-armx.pl
+index fe3a34d..5fcd0b9 100644
+--- a/crypto/modes/asm/ghashv8-armx.pl
++++ b/crypto/modes/asm/ghashv8-armx.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/modes/build.info b/crypto/modes/build.info
+index 43282c4..38195c4 100644
+--- a/crypto/modes/build.info
++++ b/crypto/modes/build.info
+@@ -12,7 +12,7 @@ GENERATE[ghash-x86_64.s]=asm/ghash-x86_64.pl $(PERLASM_SCHEME)
+ GENERATE[aesni-gcm-x86_64.s]=asm/aesni-gcm-x86_64.pl $(PERLASM_SCHEME)
+ GENERATE[ghash-sparcv9.S]=asm/ghash-sparcv9.pl $(PERLASM_SCHEME)
+ INCLUDE[ghash-sparcv9.o]=..
+-GENERATE[ghash-alpha.s]=asm/ghash-alpha.pl
++GENERATE[ghash-alpha.S]=asm/ghash-alpha.pl $(PERLASM_SCHEME)
+ GENERATE[ghash-parisc.s]=asm/ghash-parisc.pl $(PERLASM_SCHEME)
+ GENERATE[ghashp8-ppc.s]=asm/ghashp8-ppc.pl $(PERLASM_SCHEME)
+ GENERATE[ghash-armv4.S]=asm/ghash-armv4.pl $(PERLASM_SCHEME)
+diff --git a/crypto/modes/cbc128.c b/crypto/modes/cbc128.c
+index bf2210c..4c9bc85 100644
+--- a/crypto/modes/cbc128.c
++++ b/crypto/modes/cbc128.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/modes/ccm128.c b/crypto/modes/ccm128.c
+index ef99eb1..85ce84f 100644
+--- a/crypto/modes/ccm128.c
++++ b/crypto/modes/ccm128.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/modes/cfb128.c b/crypto/modes/cfb128.c
+index 8d3af57..e439567 100644
+--- a/crypto/modes/cfb128.c
++++ b/crypto/modes/cfb128.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/modes/ctr128.c b/crypto/modes/ctr128.c
+index 5bdbbcf..b7ffb73 100644
+--- a/crypto/modes/ctr128.c
++++ b/crypto/modes/ctr128.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/modes/cts128.c b/crypto/modes/cts128.c
+index ed233d5..77ec994 100644
+--- a/crypto/modes/cts128.c
++++ b/crypto/modes/cts128.c
+@@ -1,8 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Rights for redistribution and usage in source and binary
+- * forms are granted according to the OpenSSL license.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/modes/gcm128.c b/crypto/modes/gcm128.c
+index 8a8b110..df9f654 100644
+--- a/crypto/modes/gcm128.c
++++ b/crypto/modes/gcm128.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++/*
++ * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/modes/modes_lcl.h b/crypto/modes/modes_lcl.h
+index 071b014..7a1603b 100644
+--- a/crypto/modes/modes_lcl.h
++++ b/crypto/modes/modes_lcl.h
+@@ -1,8 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use is governed by OpenSSL license.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/modes.h>
+diff --git a/crypto/modes/ocb128.c b/crypto/modes/ocb128.c
+index c3daf7c..54a96b8 100644
+--- a/crypto/modes/ocb128.c
++++ b/crypto/modes/ocb128.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+@@ -147,6 +107,7 @@ static OCB_BLOCK *ocb_lookup_l(OCB128_CONTEXT *ctx, size_t idx)
+
+ /* We don't have it - so calculate it */
+ if (idx >= ctx->max_l_index) {
++ void *tmp_ptr;
+ /*
+ * Each additional entry allows to process almost double as
+ * much data, so that in linear world the table will need to
+@@ -157,10 +118,11 @@ static OCB_BLOCK *ocb_lookup_l(OCB128_CONTEXT *ctx, size_t idx)
+ * the index.
+ */
+ ctx->max_l_index += (idx - ctx->max_l_index + 4) & ~3;
+- ctx->l =
++ tmp_ptr =
+ OPENSSL_realloc(ctx->l, ctx->max_l_index * sizeof(OCB_BLOCK));
+- if (ctx->l == NULL)
++ if (tmp_ptr == NULL) /* prevent ctx->l from being clobbered */
+ return NULL;
++ ctx->l = tmp_ptr;
+ }
+ while (l_index < idx) {
+ ocb_double(ctx->l + l_index, ctx->l + l_index + 1);
+@@ -415,7 +377,7 @@ int CRYPTO_ocb128_encrypt(OCB128_CONTEXT *ctx,
+
+ /* C_i = Offset_i xor ENCIPHER(K, P_i xor Offset_i) */
+ inblock =
+- (OCB_BLOCK *)(in + ((i - ctx->blocks_processed - 1) * 16));
++ (OCB_BLOCK *)(in + ((i - ctx->blocks_processed - 1) * 16));
+ ocb_block16_xor_misaligned(&ctx->offset, inblock, &tmp1);
+ /* Checksum_i = Checksum_{i-1} xor P_i */
+ ocb_block16_xor_misaligned(&ctx->checksum, inblock, &ctx->checksum);
+diff --git a/crypto/modes/ofb128.c b/crypto/modes/ofb128.c
+index 0870f08..8309256 100644
+--- a/crypto/modes/ofb128.c
++++ b/crypto/modes/ofb128.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/modes/wrap128.c b/crypto/modes/wrap128.c
+index b926844..46809a0 100644
+--- a/crypto/modes/wrap128.c
++++ b/crypto/modes/wrap128.c
+@@ -1,55 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project. Mode with padding contributed by Petr Spacek
+- * (pspacek at redhat.com).
+- */
+-/* ====================================================================
+- * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /** Beware!
+diff --git a/crypto/modes/xts128.c b/crypto/modes/xts128.c
+index 55fa654..81b1eac 100644
+--- a/crypto/modes/xts128.c
++++ b/crypto/modes/xts128.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/o_dir.c b/crypto/o_dir.c
+index b3fcb91..89c8c5c 100644
+--- a/crypto/o_dir.c
++++ b/crypto/o_dir.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <errno.h>
+diff --git a/crypto/o_fips.c b/crypto/o_fips.c
+index 1139148..bf6db65 100644
+--- a/crypto/o_fips.c
++++ b/crypto/o_fips.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Stephen henson (steve at openssl.org) for the OpenSSL project
+- * 2011.
+- */
+-/* ====================================================================
+- * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/o_init.c b/crypto/o_init.c
+index 128f70b..2e0c126 100644
+--- a/crypto/o_init.c
++++ b/crypto/o_init.c
+@@ -1,55 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <e_os.h>
+diff --git a/crypto/o_str.c b/crypto/o_str.c
+index 660226f..29c324f 100644
+--- a/crypto/o_str.c
++++ b/crypto/o_str.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2003.
+- */
+-/* ====================================================================
+- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <ctype.h>
+@@ -63,49 +14,6 @@
+ #include "internal/cryptlib.h"
+ #include "internal/o_str.h"
+
+-#if !defined(OPENSSL_IMPLEMENTS_strncasecmp) && \
+- !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_WINCE) && \
+- !defined(NETWARE_CLIB)
+-# include <strings.h>
+-#endif
+-
+-int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
+-{
+-#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
+- while (*str1 && *str2 && n) {
+- int res = toupper(*str1) - toupper(*str2);
+- if (res)
+- return res < 0 ? -1 : 1;
+- str1++;
+- str2++;
+- n--;
+- }
+- if (n == 0)
+- return 0;
+- if (*str1)
+- return 1;
+- if (*str2)
+- return -1;
+- return 0;
+-#else
+- /*
+- * Recursion hazard warning! Whenever strncasecmp is #defined as
+- * OPENSSL_strncasecmp, OPENSSL_IMPLEMENTS_strncasecmp must be defined as
+- * well.
+- */
+- return strncasecmp(str1, str2, n);
+-#endif
+-}
+-
+-int OPENSSL_strcasecmp(const char *str1, const char *str2)
+-{
+-#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
+- return OPENSSL_strncasecmp(str1, str2, (size_t)-1);
+-#else
+- return strcasecmp(str1, str2);
+-#endif
+-}
+-
+ int OPENSSL_memcmp(const void *v1, const void *v2, size_t n)
+ {
+ const unsigned char *c1 = v1, *c2 = v2;
+@@ -307,3 +215,31 @@ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len)
+
+ return tmp;
+ }
++
++int openssl_strerror_r(int errnum, char *buf, size_t buflen)
++{
++#if defined(_MSC_VER) && _MSC_VER>=1400
++ return !strerror_s(buf, buflen, errnum);
++#elif defined(_GNU_SOURCE)
++ return strerror_r(errnum, buf, buflen) != NULL;
++#elif (_POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600)
++ /*
++ * We can use "real" strerror_r. The OpenSSL version differs in that it
++ * gives 1 on success and 0 on failure for consistency with other OpenSSL
++ * functions. Real strerror_r does it the other way around
++ */
++ return !strerror_r(errnum, buf, buflen);
++#else
++ char *err;
++ /* Fall back to non-thread safe strerror()...its all we can do */
++ if (buflen < 2)
++ return 0;
++ err = strerror(errnum);
++ /* Can this ever happen? */
++ if (err == NULL)
++ return 0;
++ strncpy(buf, err, buflen - 1);
++ buf[buflen - 1] = '\0';
++ return 1;
++#endif
++}
+diff --git a/crypto/o_time.c b/crypto/o_time.c
+index 75aa2e5..b73fe1f 100644
+--- a/crypto/o_time.c
++++ b/crypto/o_time.c
+@@ -1,63 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2001.
+- */
+-/*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2008.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/e_os2.h>
+diff --git a/crypto/objects/Makefile.in b/crypto/objects/Makefile.in
+deleted file mode 100644
+index f6c9f0a..0000000
+--- a/crypto/objects/Makefile.in
++++ /dev/null
+@@ -1,58 +0,0 @@
+-#
+-# OpenSSL/crypto/objects/Makefile
+-#
+-
+-DIR= objects
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-PERL= perl
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile README
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= o_names.c obj_dat.c obj_lib.c obj_err.c obj_xref.c
+-LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o obj_xref.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= obj_dat.h obj_xref.h obj_lcl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: obj_dat.h obj_xref.h lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-obj_dat.h: obj_dat.pl ../../include/openssl/obj_mac.h
+- $(PERL) obj_dat.pl ../../include/openssl/obj_mac.h obj_dat.h
+-
+-# objects.pl both reads and writes obj_mac.num
+-../../include/openssl/obj_mac.h: objects.pl objects.txt obj_mac.num
+- $(PERL) objects.pl objects.txt obj_mac.num ../../include/openssl/obj_mac.h
+- @sleep 1; touch ../../include/openssl/obj_mac.h; sleep 1
+-
+-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
+- $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
+- @sleep 1; touch obj_xref.h; sleep 1
+-
+-generate: obj_dat.h ../../include/openssl/obj_mac.h obj_xref.h
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
+index 5728806..c655a90 100644
+--- a/crypto/objects/o_names.c
++++ b/crypto/objects/o_names.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -23,7 +32,7 @@
+ #if defined(OPENSSL_SYS_VMS_DECC) || defined(OPENSSL_SYS_UEFI)
+ static int obj_strcmp(const char *a, const char *b)
+ {
+- return strcmp(a, b);
++ return strcmp(a, b);
+ }
+ #else
+ #define obj_strcmp strcmp
+@@ -90,7 +99,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
+ OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+- name_funcs->hash_func = lh_strhash;
++ name_funcs->hash_func = OPENSSL_LH_strhash;
+ name_funcs->cmp_func = obj_strcmp;
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
+ sk_NAME_FUNCS_push(name_funcs_stack, name_funcs);
+@@ -132,7 +141,7 @@ static unsigned long obj_name_hash(const OBJ_NAME *a)
+ sk_NAME_FUNCS_value(name_funcs_stack,
+ a->type)->hash_func(a->name);
+ } else {
+- ret = lh_strhash(a->name);
++ ret = OPENSSL_LH_strhash(a->name);
+ }
+ ret ^= a->type;
+ return (ret);
+@@ -182,7 +191,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data)
+ onp = OPENSSL_malloc(sizeof(*onp));
+ if (onp == NULL) {
+ /* ERROR */
+- return (0);
++ return 0;
+ }
+
+ onp->name = name;
+@@ -207,10 +216,11 @@ int OBJ_NAME_add(const char *name, int type, const char *data)
+ } else {
+ if (lh_OBJ_NAME_error(names_lh)) {
+ /* ERROR */
+- return (0);
++ OPENSSL_free(onp);
++ return 0;
+ }
+ }
+- return (1);
++ return 1;
+ }
+
+ int OBJ_NAME_remove(const char *name, int type)
+diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
+index 6baf2f0..46f98cb 100644
+--- a/crypto/objects/obj_dat.c
++++ b/crypto/objects/obj_dat.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -116,10 +68,10 @@ static unsigned long added_obj_hash(const ADDED_OBJ *ca)
+ ret ^= p[i] << ((i * 3) % 24);
+ break;
+ case ADDED_SNAME:
+- ret = lh_strhash(a->sn);
++ ret = OPENSSL_LH_strhash(a->sn);
+ break;
+ case ADDED_LNAME:
+- ret = lh_strhash(a->ln);
++ ret = OPENSSL_LH_strhash(a->ln);
+ break;
+ case ADDED_NID:
+ ret = a->nid;
+@@ -727,30 +679,36 @@ int OBJ_create_objects(BIO *in)
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln)
+ {
++ ASN1_OBJECT *tmpoid = NULL;
+ int ok = 0;
+- ASN1_OBJECT *op = NULL;
+- unsigned char *buf;
+- int i;
+
+- i = a2d_ASN1_OBJECT(NULL, 0, oid, -1);
+- if (i <= 0)
+- return (0);
+-
+- if ((buf = OPENSSL_malloc(i)) == NULL) {
+- OBJerr(OBJ_F_OBJ_CREATE, ERR_R_MALLOC_FAILURE);
+- return (0);
++ /* Check to see if short or long name already present */
++ if (OBJ_sn2nid(sn) != NID_undef || OBJ_ln2nid(ln) != NID_undef) {
++ OBJerr(OBJ_F_OBJ_CREATE, OBJ_R_OID_EXISTS);
++ return 0;
+ }
+- i = a2d_ASN1_OBJECT(buf, i, oid, -1);
+- if (i == 0)
+- goto err;
+- op = (ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1), buf, i, sn, ln);
+- if (op == NULL)
++
++ /* Convert numerical OID string to an ASN1_OBJECT structure */
++ tmpoid = OBJ_txt2obj(oid, 1);
++
++ /* If NID is not NID_undef then object already exists */
++ if (OBJ_obj2nid(tmpoid) != NID_undef) {
++ OBJerr(OBJ_F_OBJ_CREATE, OBJ_R_OID_EXISTS);
+ goto err;
+- ok = OBJ_add_object(op);
++ }
++
++ tmpoid->nid = OBJ_new_nid(1);
++ tmpoid->sn = (char *)sn;
++ tmpoid->ln = (char *)ln;
++
++ ok = OBJ_add_object(tmpoid);
++
++ tmpoid->sn = NULL;
++ tmpoid->ln = NULL;
++
+ err:
+- ASN1_OBJECT_free(op);
+- OPENSSL_free(buf);
+- return (ok);
++ ASN1_OBJECT_free(tmpoid);
++ return ok;
+ }
+
+ size_t OBJ_length(const ASN1_OBJECT *obj)
+diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
+index d852a55..df03694 100644
+--- a/crypto/objects/obj_dat.h
++++ b/crypto/objects/obj_dat.h
+@@ -1,63 +1,12 @@
+-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
+- * following command:
+- * perl obj_dat.pl obj_mac.h obj_dat.h
+- */
+-
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * WARNING: do not edit!
++ * Generated by crypto/objects/obj_dat.pl
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #define NUM_NID 1058
+diff --git a/crypto/objects/obj_dat.pl b/crypto/objects/obj_dat.pl
+index 0bf1e48..ba3eed6 100644
+--- a/crypto/objects/obj_dat.pl
++++ b/crypto/objects/obj_dat.pl
+@@ -1,7 +1,14 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ # fixes bug in floating point emulation on sparc64 when
+ # this script produces off-by-one output on sparc64
++
+ use integer;
+
+ sub obj_cmp
+@@ -168,66 +175,15 @@ foreach (sort obj_cmp @a)
+ }
+
+ print OUT <<'EOF';
+-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
+- * following command:
+- * perl obj_dat.pl obj_mac.h obj_dat.h
+- */
+-
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * WARNING: do not edit!
++ * Generated by crypto/objects/obj_dat.pl
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ EOF
+diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c
+index 396b6c2..2dd80be 100644
+--- a/crypto/objects/obj_err.c
++++ b/crypto/objects/obj_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -80,7 +30,7 @@ static ERR_STRING_DATA OBJ_str_functs[] = {
+ };
+
+ static ERR_STRING_DATA OBJ_str_reasons[] = {
+- {ERR_REASON(OBJ_R_MALLOC_FAILURE), "malloc failure"},
++ {ERR_REASON(OBJ_R_OID_EXISTS), "oid exists"},
+ {ERR_REASON(OBJ_R_UNKNOWN_NID), "unknown nid"},
+ {0, NULL}
+ };
+diff --git a/crypto/objects/obj_lcl.h b/crypto/objects/obj_lcl.h
+index c451088..a417f7c 100644
+--- a/crypto/objects/obj_lcl.h
++++ b/crypto/objects/obj_lcl.h
+@@ -1,4 +1,11 @@
+-
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ typedef struct name_funcs_st NAME_FUNCS;
+ DEFINE_STACK_OF(NAME_FUNCS)
+diff --git a/crypto/objects/obj_lib.c b/crypto/objects/obj_lib.c
+index 3b1c558..33075e6 100644
+--- a/crypto/objects/obj_lib.c
++++ b/crypto/objects/obj_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -65,59 +17,42 @@
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o)
+ {
+ ASN1_OBJECT *r;
+- int i;
+- char *ln = NULL, *sn = NULL;
+- unsigned char *data = NULL;
+
+ if (o == NULL)
+- return (NULL);
++ return NULL;
++ /* If object isn't dynamic it's an internal OID which is never freed */
+ if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
+- return ((ASN1_OBJECT *)o); /* XXX: ugh! Why? What kind of duplication
+- * is this??? */
++ return ((ASN1_OBJECT *)o);
+
+ r = ASN1_OBJECT_new();
+ if (r == NULL) {
+ OBJerr(OBJ_F_OBJ_DUP, ERR_R_ASN1_LIB);
+ return (NULL);
+ }
+- data = OPENSSL_malloc(o->length);
+- if (data == NULL)
+- goto err;
+- if (o->data != NULL)
+- memcpy(data, o->data, o->length);
+- /* once data attached to object it remains const */
+- r->data = data;
+- r->length = o->length;
+- r->nid = o->nid;
+- r->ln = r->sn = NULL;
+- if (o->ln != NULL) {
+- i = strlen(o->ln) + 1;
+- ln = OPENSSL_malloc(i);
+- if (ln == NULL)
+- goto err;
+- memcpy(ln, o->ln, i);
+- r->ln = ln;
+- }
+
+- if (o->sn != NULL) {
+- i = strlen(o->sn) + 1;
+- sn = OPENSSL_malloc(i);
+- if (sn == NULL)
+- goto err;
+- memcpy(sn, o->sn, i);
+- r->sn = sn;
+- }
++ /* Set dynamic flags so everything gets freed up on error */
++
+ r->flags = o->flags | (ASN1_OBJECT_FLAG_DYNAMIC |
+ ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
+ ASN1_OBJECT_FLAG_DYNAMIC_DATA);
+- return (r);
++
++ if (o->length > 0 && (r->data = OPENSSL_memdup(o->data, o->length)) == NULL)
++ goto err;
++
++ r->length = o->length;
++ r->nid = o->nid;
++
++ if (o->ln != NULL && (r->ln = OPENSSL_strdup(o->ln)) == NULL)
++ goto err;
++
++ if (o->sn != NULL && (r->sn = OPENSSL_strdup(o->sn)) == NULL)
++ goto err;
++
++ return r;
+ err:
++ ASN1_OBJECT_free(r);
+ OBJerr(OBJ_F_OBJ_DUP, ERR_R_MALLOC_FAILURE);
+- OPENSSL_free(ln);
+- OPENSSL_free(sn);
+- OPENSSL_free(data);
+- OPENSSL_free(r);
+- return (NULL);
++ return NULL;
+ }
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b)
+diff --git a/crypto/objects/obj_xref.c b/crypto/objects/obj_xref.c
+index 34d6448..627f5bc 100644
+--- a/crypto/objects/obj_xref.c
++++ b/crypto/objects/obj_xref.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/objects.h>
+diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h
+index 7096ca5..d09aa71 100644
+--- a/crypto/objects/obj_xref.h
++++ b/crypto/objects/obj_xref.h
+@@ -1,4 +1,15 @@
+-/* AUTOGENERATED BY objxref.pl, DO NOT EDIT */
++/*
++ * WARNING: do not edit!
++ * Generated by objxref.pl
++ *
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+
+ typedef struct {
+ int sign_id;
+diff --git a/crypto/objects/objects.pl b/crypto/objects/objects.pl
+index 107647a..3b40277 100644
+--- a/crypto/objects/objects.pl
++++ b/crypto/objects/objects.pl
+@@ -1,4 +1,10 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
+ $max_nid=0;
+@@ -120,65 +126,14 @@ close NUMOUT;
+ open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
+ print OUT <<'EOF';
+ /*
+- * THIS FILE IS GENERATED FROM objects.txt by objects.pl via the following
+- * command: perl objects.pl objects.txt obj_mac.num obj_mac.h
+- */
+-
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++ * WARNING: do not edit!
++ * Generated by crypto/objects/objects.pl
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #define SN_undef "UNDEF"
+diff --git a/crypto/objects/objxref.pl b/crypto/objects/objxref.pl
+index 7ebd74c..53f9bd6 100644
+--- a/crypto/objects/objxref.pl
++++ b/crypto/objects/objxref.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+
+@@ -60,7 +67,18 @@ my $pname = $0;
+ $pname =~ s|.*/||;
+
+ print <<EOF;
+-/* AUTOGENERATED BY $pname, DO NOT EDIT */
++/*
++ * WARNING: do not edit!
++ * Generated by $pname
++ *
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+
+ typedef struct {
+ int sign_id;
+diff --git a/crypto/ocsp/Makefile.in b/crypto/ocsp/Makefile.in
+deleted file mode 100644
+index 0f8ae43..0000000
+--- a/crypto/ocsp/Makefile.in
++++ /dev/null
+@@ -1,46 +0,0 @@
+-#
+-# OpenSSL/ocsp/Makefile
+-#
+-
+-DIR= ocsp
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile README
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_ht.c ocsp_lib.c ocsp_cl.c \
+- ocsp_srv.c ocsp_prn.c ocsp_vfy.c ocsp_err.c v3_ocsp.c
+-
+-LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_ht.o ocsp_lib.o ocsp_cl.o \
+- ocsp_srv.o ocsp_prn.o ocsp_vfy.o ocsp_err.o v3_ocsp.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= ocsp_lcl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/ocsp/ocsp_asn.c b/crypto/ocsp/ocsp_asn.c
+index 3ee6f94..1e0b827 100644
+--- a/crypto/ocsp/ocsp_asn.c
++++ b/crypto/ocsp/ocsp_asn.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <openssl/asn1.h>
+ #include <openssl/asn1t.h>
+ #include <openssl/ocsp.h>
+diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c
+index e8eaaff..35f4b58 100644
+--- a/crypto/ocsp/ocsp_cl.c
++++ b/crypto/ocsp/ocsp_cl.c
+@@ -1,66 +1,10 @@
+ /*
+- * Written by Tom Titchener <Tom_Titchener at groove.net> for the OpenSSL
+- * project.
+- */
+-
+-/*
+- * History: This file was transferred to Richard Levitte from CertCo by Kathy
+- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+- * patch kit.
+- */
+-
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ocsp/ocsp_err.c b/crypto/ocsp/ocsp_err.c
+index 9043dd2..59bcf85 100644
+--- a/crypto/ocsp/ocsp_err.c
++++ b/crypto/ocsp/ocsp_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -69,7 +19,6 @@
+ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason)
+
+ static ERR_STRING_DATA OCSP_str_functs[] = {
+- {ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE), "ASN1_STRING_encode"},
+ {ERR_FUNC(OCSP_F_D2I_OCSP_NONCE), "d2i_ocsp_nonce"},
+ {ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS), "OCSP_basic_add1_status"},
+ {ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN), "OCSP_basic_sign"},
+@@ -84,15 +33,11 @@ static ERR_STRING_DATA OCSP_str_functs[] = {
+ {ERR_FUNC(OCSP_F_OCSP_REQUEST_SIGN), "OCSP_request_sign"},
+ {ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"},
+ {ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"},
+- {ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO), "OCSP_sendreq_bio"},
+- {ERR_FUNC(OCSP_F_OCSP_SENDREQ_NBIO), "OCSP_sendreq_nbio"},
+ {ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1), "parse_http_line1"},
+- {ERR_FUNC(OCSP_F_REQUEST_VERIFY), "REQUEST_VERIFY"},
+ {0, NULL}
+ };
+
+ static ERR_STRING_DATA OCSP_str_reasons[] = {
+- {ERR_REASON(OCSP_R_BAD_DATA), "bad data"},
+ {ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
+ {ERR_REASON(OCSP_R_DIGEST_ERR), "digest err"},
+ {ERR_REASON(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD),
+@@ -106,8 +51,6 @@ static ERR_STRING_DATA OCSP_str_reasons[] = {
+ "nextupdate before thisupdate"},
+ {ERR_REASON(OCSP_R_NOT_BASIC_RESPONSE), "not basic response"},
+ {ERR_REASON(OCSP_R_NO_CERTIFICATES_IN_CHAIN), "no certificates in chain"},
+- {ERR_REASON(OCSP_R_NO_CONTENT), "no content"},
+- {ERR_REASON(OCSP_R_NO_PUBLIC_KEY), "no public key"},
+ {ERR_REASON(OCSP_R_NO_RESPONSE_DATA), "no response data"},
+ {ERR_REASON(OCSP_R_NO_REVOKED_TIME), "no revoked time"},
+ {ERR_REASON(OCSP_R_NO_SIGNER_KEY), "no signer key"},
+@@ -117,11 +60,9 @@ static ERR_STRING_DATA OCSP_str_reasons[] = {
+ {ERR_REASON(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA),
+ "response contains no revocation data"},
+ {ERR_REASON(OCSP_R_ROOT_CA_NOT_TRUSTED), "root ca not trusted"},
+- {ERR_REASON(OCSP_R_SERVER_READ_ERROR), "server read error"},
+ {ERR_REASON(OCSP_R_SERVER_RESPONSE_ERROR), "server response error"},
+ {ERR_REASON(OCSP_R_SERVER_RESPONSE_PARSE_ERROR),
+ "server response parse error"},
+- {ERR_REASON(OCSP_R_SERVER_WRITE_ERROR), "server write error"},
+ {ERR_REASON(OCSP_R_SIGNATURE_FAILURE), "signature failure"},
+ {ERR_REASON(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND),
+ "signer certificate not found"},
+diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c
+index 854da8e..a993899 100644
+--- a/crypto/ocsp/ocsp_ext.c
++++ b/crypto/ocsp/ocsp_ext.c
+@@ -1,66 +1,10 @@
+ /*
+- * Written by Tom Titchener <Tom_Titchener at groove.net> for the OpenSSL
+- * project.
+- */
+-
+-/*
+- * History: This file was transferred to Richard Levitte from CertCo by Kathy
+- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+- * patch kit.
+- */
+-
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -509,12 +453,16 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
+ goto err;
+ ad->location->type = GEN_URI;
+ ad->location->d.ia5 = ia5;
++ ia5 = NULL;
+ if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad))
+ goto err;
++ ad = NULL;
+ urls++;
+ }
+ x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
+ err:
++ ASN1_IA5STRING_free(ia5);
++ ACCESS_DESCRIPTION_free(ad);
+ OCSP_SERVICELOC_free(sloc);
+ return x;
+ }
+diff --git a/crypto/ocsp/ocsp_ht.c b/crypto/ocsp/ocsp_ht.c
+index f69d4df..680edfa 100644
+--- a/crypto/ocsp/ocsp_ht.c
++++ b/crypto/ocsp/ocsp_ht.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ocsp/ocsp_lcl.h b/crypto/ocsp/ocsp_lcl.h
+index df4ff40..f93a268 100644
+--- a/crypto/ocsp/ocsp_lcl.h
++++ b/crypto/ocsp/ocsp_lcl.h
+@@ -1,66 +1,10 @@
+ /*
+- * Written by Tom Titchener <Tom_Titchener at groove.net> for the OpenSSL
+- * project.
+- */
+-
+-/*
+- * History: This file was transferred to Richard Levitte from CertCo by Kathy
+- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+- * patch kit.
+- */
+-
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*- CertID ::= SEQUENCE {
+diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c
+index 8814190..ff04e46 100644
+--- a/crypto/ocsp/ocsp_lib.c
++++ b/crypto/ocsp/ocsp_lib.c
+@@ -1,66 +1,10 @@
+ /*
+- * Written by Tom Titchener <Tom_Titchener at groove.net> for the OpenSSL
+- * project.
+- */
+-
+-/*
+- * History: This file was transferred to Richard Levitte from CertCo by Kathy
+- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+- * patch kit.
+- */
+-
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ocsp/ocsp_prn.c b/crypto/ocsp/ocsp_prn.c
+index 8ac3d82..51b4364 100644
+--- a/crypto/ocsp/ocsp_prn.c
++++ b/crypto/ocsp/ocsp_prn.c
+@@ -1,66 +1,10 @@
+ /*
+- * Written by Tom Titchener <Tom_Titchener at groove.net> for the OpenSSL
+- * project.
+- */
+-
+-/*
+- * History: This file was originally part of ocsp.c and was transferred to
+- * Richard Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be
+- * included in OpenSSL or released as a patch kit.
+- */
+-
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/bio.h>
+diff --git a/crypto/ocsp/ocsp_srv.c b/crypto/ocsp/ocsp_srv.c
+index e98c649..e3ef171 100644
+--- a/crypto/ocsp/ocsp_srv.c
++++ b/crypto/ocsp/ocsp_srv.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
+index 2b55401..e2cfa6d 100644
+--- a/crypto/ocsp/ocsp_vfy.c
++++ b/crypto/ocsp/ocsp_vfy.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/ocsp.h>
+@@ -176,7 +127,6 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+ if (bs->certs && certs)
+ sk_X509_free(untrusted);
+ return ret;
+- goto end;
+
+ err:
+ ret = 0;
+diff --git a/crypto/ocsp/v3_ocsp.c b/crypto/ocsp/v3_ocsp.c
+index 142deac..2d425a8 100644
+--- a/crypto/ocsp/v3_ocsp.c
++++ b/crypto/ocsp/v3_ocsp.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ # include <stdio.h>
+diff --git a/crypto/pariscid.pl b/crypto/pariscid.pl
+index bfc56fd..f82e27a 100644
+--- a/crypto/pariscid.pl
++++ b/crypto/pariscid.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $flavour = shift;
+ $output = shift;
+@@ -131,6 +138,37 @@ L\$done
+ ___
+ }
+ {
++my ($in1,$in2,$len)=("%r26","%r25","%r24");
++
++$code.=<<___;
++ .EXPORT CRYPTO_memcmp,ENTRY,ARGW0=GR,ARGW1=GR,ARGW1=GR
++ .ALIGN 8
++CRYPTO_memcmp
++ .PROC
++ .CALLINFO NO_CALLS
++ .ENTRY
++ cmpib,*= 0,$len,L\$no_data
++ xor $rv,$rv,$rv
++
++L\$oop_cmp
++ ldb 0($in1),%r19
++ ldb 0($in2),%r20
++ ldo 1($in1),$in1
++ ldo 1($in2),$in2
++ xor %r19,%r20,%r29
++ addib,*<> -1,$len,L\$oop_cmp
++ or %r29,$rv,$rv
++
++ sub %r0,$rv,%r29
++ extru %r29,31,1,$rv
++L\$no_data
++ bv ($rp)
++ .EXIT
++ nop
++ .PROCEND
++___
++}
++{
+ my ($out,$cnt,$max)=("%r26","%r25","%r24");
+ my ($tick,$lasttick)=("%r23","%r22");
+ my ($diff,$lastdiff)=("%r21","%r20");
+diff --git a/crypto/pem/Makefile.in b/crypto/pem/Makefile.in
+deleted file mode 100644
+index fab3663..0000000
+--- a/crypto/pem/Makefile.in
++++ /dev/null
+@@ -1,46 +0,0 @@
+-#
+-# OpenSSL/crypto/pem/Makefile
+-#
+-
+-DIR= pem
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= pem_sign.c pem_info.c pem_lib.c pem_all.c pem_err.c \
+- pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c pvkfmt.c
+-
+-LIBOBJ= pem_sign.o pem_info.o pem_lib.o pem_all.o pem_err.o \
+- pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o pvkfmt.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c
+index 5967b6e..0e71813 100644
+--- a/crypto/pem/pem_all.c
++++ b/crypto/pem/pem_all.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
+index 793a0a3..7a42535 100644
+--- a/crypto/pem/pem_err.c
++++ b/crypto/pem/pem_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -92,10 +42,7 @@ static ERR_STRING_DATA PEM_str_functs[] = {
+ {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
+ {ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"},
+ {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
+- {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY),
+- "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
+ {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
+- {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"},
+ {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
+ {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
+ {ERR_FUNC(PEM_F_PEM_READ_BIO_DHPARAMS), "PEM_read_bio_DHparams"},
+@@ -129,21 +76,23 @@ static ERR_STRING_DATA PEM_str_reasons[] = {
+ "expecting private key blob"},
+ {ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB),
+ "expecting public key blob"},
++ {ERR_REASON(PEM_R_HEADER_TOO_LONG), "header too long"},
+ {ERR_REASON(PEM_R_INCONSISTENT_HEADER), "inconsistent header"},
+ {ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR),
+ "keyblob header parse error"},
+ {ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT), "keyblob too short"},
++ {ERR_REASON(PEM_R_MISSING_DEK_IV), "missing dek iv"},
+ {ERR_REASON(PEM_R_NOT_DEK_INFO), "not dek info"},
+ {ERR_REASON(PEM_R_NOT_ENCRYPTED), "not encrypted"},
+ {ERR_REASON(PEM_R_NOT_PROC_TYPE), "not proc type"},
+ {ERR_REASON(PEM_R_NO_START_LINE), "no start line"},
+ {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),
+ "problems getting password"},
+- {ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA), "public key no rsa"},
+ {ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT), "pvk data too short"},
+ {ERR_REASON(PEM_R_PVK_TOO_SHORT), "pvk too short"},
+ {ERR_REASON(PEM_R_READ_KEY), "read key"},
+ {ERR_REASON(PEM_R_SHORT_HEADER), "short header"},
++ {ERR_REASON(PEM_R_UNEXPECTED_DEK_IV), "unexpected dek iv"},
+ {ERR_REASON(PEM_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+ {ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION), "unsupported encryption"},
+ {ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS),
+diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
+index 1b1cde4..dd493c8 100644
+--- a/crypto/pem/pem_info.c
++++ b/crypto/pem/pem_info.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
+index 5e7aa77..42b46dc 100644
+--- a/crypto/pem/pem_lib.c
++++ b/crypto/pem/pem_lib.c
+@@ -1,62 +1,15 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+ #include <ctype.h>
++#include <string.h>
+ #include "internal/cryptlib.h"
+ #include <openssl/buffer.h>
+ #include <openssl/objects.h>
+@@ -98,17 +51,23 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
+ prompt = "Enter PEM pass phrase:";
+
+ for (;;) {
+- i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w);
++ /*
++ * We assume that w == 0 means decryption,
++ * while w == 1 means encryption
++ */
++ int min_len = w ? MIN_LENGTH : 0;
++
++ i = EVP_read_pw_string_min(buf, min_len, num, prompt, w);
+ if (i != 0) {
+ PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD);
+ memset(buf, 0, (unsigned int)num);
+ return (-1);
+ }
+ j = strlen(buf);
+- if (j < MIN_LENGTH) {
++ if (min_len && j < min_len) {
+ fprintf(stderr,
+ "phrase is too short, needs to be at least %d chars\n",
+- MIN_LENGTH);
++ min_len);
+ } else
+ break;
+ }
+@@ -344,7 +303,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
+
+ if (enc != NULL) {
+ objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
+- if (objstr == NULL) {
++ if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0) {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
+ goto err;
+ }
+@@ -431,115 +390,153 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
+ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
+ pem_password_cb *callback, void *u)
+ {
+- int i = 0, j, o, klen;
+- long len;
++ int ok;
++ int keylen;
++ long len = *plen;
++ int ilen = (int) len; /* EVP_DecryptUpdate etc. take int lengths */
+ EVP_CIPHER_CTX *ctx;
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ char buf[PEM_BUFSIZE];
+
+- len = *plen;
++#if LONG_MAX > INT_MAX
++ /* Check that we did not truncate the length */
++ if (len > INT_MAX) {
++ PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_HEADER_TOO_LONG);
++ return 0;
++ }
++#endif
+
+ if (cipher->cipher == NULL)
+- return (1);
++ return 1;
+ if (callback == NULL)
+- klen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u);
++ keylen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u);
+ else
+- klen = callback(buf, PEM_BUFSIZE, 0, u);
+- if (klen <= 0) {
++ keylen = callback(buf, PEM_BUFSIZE, 0, u);
++ if (keylen <= 0) {
+ PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ);
+- return (0);
++ return 0;
+ }
+ #ifdef CHARSET_EBCDIC
+ /* Convert the pass phrase from EBCDIC */
+- ebcdic2ascii(buf, buf, klen);
++ ebcdic2ascii(buf, buf, keylen);
+ #endif
+
+ if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
+- (unsigned char *)buf, klen, 1, key, NULL))
++ (unsigned char *)buf, keylen, 1, key, NULL))
+ return 0;
+
+- j = (int)len;
+ ctx = EVP_CIPHER_CTX_new();
+ if (ctx == NULL)
+ return 0;
+- o = EVP_DecryptInit_ex(ctx, cipher->cipher, NULL, key, &(cipher->iv[0]));
+- if (o)
+- o = EVP_DecryptUpdate(ctx, data, &i, data, j);
+- if (o)
+- o = EVP_DecryptFinal_ex(ctx, &(data[i]), &j);
++
++ ok = EVP_DecryptInit_ex(ctx, cipher->cipher, NULL, key, &(cipher->iv[0]));
++ if (ok)
++ ok = EVP_DecryptUpdate(ctx, data, &ilen, data, ilen);
++ if (ok) {
++ /* Squirrel away the length of data decrypted so far. */
++ *plen = ilen;
++ ok = EVP_DecryptFinal_ex(ctx, &(data[ilen]), &ilen);
++ }
++ if (ok)
++ *plen += ilen;
++ else
++ PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
++
+ EVP_CIPHER_CTX_free(ctx);
+ OPENSSL_cleanse((char *)buf, sizeof(buf));
+ OPENSSL_cleanse((char *)key, sizeof(key));
+- if (o)
+- j += i;
+- else {
+- PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
+- return (0);
+- }
+- *plen = j;
+- return (1);
++ return ok;
+ }
+
++/*
++ * This implements a very limited PEM header parser that does not support the
++ * full grammar of rfc1421. In particular, folded headers are not supported,
++ * nor is additional whitespace.
++ *
++ * A robust implementation would make use of a library that turns the headers
++ * into a BIO from which one folded line is read at a time, and is then split
++ * into a header label and content. We would then parse the content of the
++ * headers we care about. This is overkill for just this limited use-case, but
++ * presumably we also parse rfc822-style headers for S/MIME, so a common
++ * abstraction might well be more generally useful.
++ */
+ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
+ {
++ static const char ProcType[] = "Proc-Type:";
++ static const char ENCRYPTED[] = "ENCRYPTED";
++ static const char DEKInfo[] = "DEK-Info:";
+ const EVP_CIPHER *enc = NULL;
++ int ivlen;
+ char *dekinfostart, c;
+
+ cipher->cipher = NULL;
+ if ((header == NULL) || (*header == '\0') || (*header == '\n'))
+- return (1);
+- if (strncmp(header, "Proc-Type: ", 11) != 0) {
++ return 1;
++
++ if (strncmp(header, ProcType, sizeof(ProcType)-1) != 0) {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE);
+- return (0);
++ return 0;
+ }
+- header += 11;
+- if (*header != '4')
+- return (0);
+- header++;
+- if (*header != ',')
+- return (0);
+- header++;
+- if (strncmp(header, "ENCRYPTED", 9) != 0) {
++ header += sizeof(ProcType)-1;
++ header += strspn(header, " \t");
++
++ if (*header++ != '4' || *header++ != ',')
++ return 0;
++ header += strspn(header, " \t");
++
++ /* We expect "ENCRYPTED" followed by optional white-space + line break */
++ if (strncmp(header, ENCRYPTED, sizeof(ENCRYPTED)-1) != 0 ||
++ strspn(header+sizeof(ENCRYPTED)-1, " \t\r\n") == 0) {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED);
+- return (0);
++ return 0;
+ }
+- for (; (*header != '\n') && (*header != '\0'); header++) ;
+- if (*header == '\0') {
++ header += sizeof(ENCRYPTED)-1;
++ header += strspn(header, " \t\r");
++ if (*header++ != '\n') {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER);
+- return (0);
++ return 0;
+ }
+- header++;
+- if (strncmp(header, "DEK-Info: ", 10) != 0) {
++
++ /*-
++ * https://tools.ietf.org/html/rfc1421#section-4.6.1.3
++ * We expect "DEK-Info: algo[,hex-parameters]"
++ */
++ if (strncmp(header, DEKInfo, sizeof(DEKInfo)-1) != 0) {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO);
+- return (0);
++ return 0;
+ }
+- header += 10;
++ header += sizeof(DEKInfo)-1;
++ header += strspn(header, " \t");
+
++ /*
++ * DEK-INFO is a comma-separated combination of algorithm name and optional
++ * parameters.
++ */
+ dekinfostart = header;
+- for (;;) {
+- c = *header;
+-#ifndef CHARSET_EBCDIC
+- if (!(((c >= 'A') && (c <= 'Z')) || (c == '-') ||
+- ((c >= '0') && (c <= '9'))))
+- break;
+-#else
+- if (!(isupper(c) || (c == '-') || isdigit(c)))
+- break;
+-#endif
+- header++;
+- }
++ header += strcspn(header, " \t,");
++ c = *header;
+ *header = '\0';
+ cipher->cipher = enc = EVP_get_cipherbyname(dekinfostart);
+- *header++ = c;
++ *header = c;
++ header += strspn(header, " \t");
+
+ if (enc == NULL) {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION);
+- return (0);
++ return 0;
+ }
++ ivlen = EVP_CIPHER_iv_length(enc);
++ if (ivlen > 0 && *header++ != ',') {
++ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_MISSING_DEK_IV);
++ return 0;
++ } else if (ivlen == 0 && *header == ',') {
++ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNEXPECTED_DEK_IV);
++ return 0;
++ }
++
+ if (!load_iv(&header, cipher->iv, EVP_CIPHER_iv_length(enc)))
+- return (0);
++ return 0;
+
+- return (1);
++ return 1;
+ }
+
+ static int load_iv(char **fromp, unsigned char *to, int num)
+@@ -552,13 +549,8 @@ static int load_iv(char **fromp, unsigned char *to, int num)
+ to[i] = 0;
+ num *= 2;
+ for (i = 0; i < num; i++) {
+- if ((*from >= '0') && (*from <= '9'))
+- v = *from - '0';
+- else if ((*from >= 'A') && (*from <= 'F'))
+- v = *from - 'A' + 10;
+- else if ((*from >= 'a') && (*from <= 'f'))
+- v = *from - 'a' + 10;
+- else {
++ v = OPENSSL_hexchar2int(*from);
++ if (v < 0) {
+ PEMerr(PEM_F_LOAD_IV, PEM_R_BAD_IV_CHARS);
+ return (0);
+ }
+diff --git a/crypto/pem/pem_oth.c b/crypto/pem/pem_oth.c
+index fbdff0a..036c8a6 100644
+--- a/crypto/pem/pem_oth.c
++++ b/crypto/pem/pem_oth.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c
+index f6f0363..1f6b640 100644
+--- a/crypto/pem/pem_pk8.c
++++ b/crypto/pem/pem_pk8.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
+index ef0c0e4..f3a45e4 100644
+--- a/crypto/pem/pem_pkey.c
++++ b/crypto/pem/pem_pkey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -143,11 +95,18 @@ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u)
+ {
+- char pem_str[80];
+- if (!x->ameth || x->ameth->priv_encode)
++ if (x->ameth == NULL || x->ameth->priv_encode != NULL)
+ return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
+ (char *)kstr, klen, cb, u);
++ return PEM_write_bio_PrivateKey_traditional(bp, x, enc, kstr, klen, cb, u);
++}
+
++int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
++ const EVP_CIPHER *enc,
++ unsigned char *kstr, int klen,
++ pem_password_cb *cb, void *u)
++{
++ char pem_str[80];
+ BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
+ pem_str, bp, x, enc, kstr, klen, cb, u);
+diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c
+index fb8c9dd..0d8b62a 100644
+--- a/crypto/pem/pem_sign.c
++++ b/crypto/pem/pem_sign.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pem/pem_x509.c b/crypto/pem/pem_x509.c
+index 26117b5..3a99756 100644
+--- a/crypto/pem/pem_x509.c
++++ b/crypto/pem/pem_x509.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pem/pem_xaux.c b/crypto/pem/pem_xaux.c
+index eb66fb6..6d7e1db 100644
+--- a/crypto/pem/pem_xaux.c
++++ b/crypto/pem/pem_xaux.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
+index 634cc59..4c07aee 100644
+--- a/crypto/pem/pvkfmt.c
++++ b/crypto/pem/pvkfmt.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+@@ -356,6 +307,7 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in,
+ const unsigned char *pin = *in;
+ EVP_PKEY *ret = NULL;
+ BIGNUM *e = NULL, *n = NULL, *d = NULL;
++ BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;
+ RSA *rsa = NULL;
+ unsigned int nbyte, hnbyte;
+ nbyte = (bitlen + 7) >> 3;
+@@ -372,7 +324,6 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in,
+ if (!read_lebn(&pin, nbyte, &n))
+ goto memerr;
+ if (!ispub) {
+- BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;
+ if (!read_lebn(&pin, hnbyte, &p))
+ goto memerr;
+ if (!read_lebn(&pin, hnbyte, &q))
+@@ -388,7 +339,7 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in,
+ RSA_set0_factors(rsa, p, q);
+ RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp);
+ }
+- RSA_set0_key(rsa, e, n, d);
++ RSA_set0_key(rsa, n, e, d);
+
+ EVP_PKEY_set1_RSA(ret, rsa);
+ RSA_free(rsa);
+@@ -396,6 +347,14 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in,
+ return ret;
+ memerr:
+ PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
++ BN_free(e);
++ BN_free(n);
++ BN_free(p);
++ BN_free(q);
++ BN_free(dmp1);
++ BN_free(dmq1);
++ BN_free(iqmp);
++ BN_free(d);
+ RSA_free(rsa);
+ EVP_PKEY_free(ret);
+ return NULL;
+@@ -798,27 +757,30 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u)
+ {
+ int outlen = 24, pklen;
+- unsigned char *p, *salt = NULL;
+- EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new();
++ unsigned char *p = NULL, *salt = NULL;
++ EVP_CIPHER_CTX *cctx = NULL;
+ if (enclevel)
+ outlen += PVK_SALTLEN;
+ pklen = do_i2b(NULL, pk, 0);
+ if (pklen < 0)
+ return -1;
+ outlen += pklen;
+- if (!out)
++ if (out == NULL)
+ return outlen;
+- if (*out)
++ if (*out != NULL) {
+ p = *out;
+- else {
++ } else {
+ p = OPENSSL_malloc(outlen);
+ if (p == NULL) {
+ PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+- *out = p;
+ }
+
++ cctx = EVP_CIPHER_CTX_new();
++ if (cctx == NULL)
++ goto error;
++
+ write_ledword(&p, MS_PVKMAGIC);
+ write_ledword(&p, 0);
+ if (EVP_PKEY_id(pk) == EVP_PKEY_DSA)
+@@ -835,9 +797,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
+ p += PVK_SALTLEN;
+ }
+ do_i2b(&p, pk, 0);
+- if (enclevel == 0)
+- return outlen;
+- else {
++ if (enclevel != 0) {
+ char psbuf[PEM_BUFSIZE];
+ unsigned char keybuf[20];
+ int enctmplen, inlen;
+@@ -863,11 +823,18 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
+ if (!EVP_DecryptFinal_ex(cctx, p + enctmplen, &enctmplen))
+ goto error;
+ }
++
+ EVP_CIPHER_CTX_free(cctx);
++
++ if (*out == NULL)
++ *out = p;
++
+ return outlen;
+
+ error:
+ EVP_CIPHER_CTX_free(cctx);
++ if (*out == NULL)
++ OPENSSL_free(p);
+ return -1;
+ }
+
+diff --git a/crypto/perlasm/arm-xlate.pl b/crypto/perlasm/arm-xlate.pl
+index ecd3198..c00f54a 100755
+--- a/crypto/perlasm/arm-xlate.pl
++++ b/crypto/perlasm/arm-xlate.pl
+@@ -1,6 +1,10 @@
+-#!/usr/bin/env perl
+-
+-# ARM assembler distiller by <appro>.
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ my $flavour = shift;
+ my $output = shift;
+diff --git a/crypto/perlasm/cbc.pl b/crypto/perlasm/cbc.pl
+index 24561e7..ad79b24 100644
+--- a/crypto/perlasm/cbc.pl
++++ b/crypto/perlasm/cbc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+ # des_cblock (*input);
+diff --git a/crypto/perlasm/ppc-xlate.pl b/crypto/perlasm/ppc-xlate.pl
+index bc79b46..2d46e24 100755
+--- a/crypto/perlasm/ppc-xlate.pl
++++ b/crypto/perlasm/ppc-xlate.pl
+@@ -1,6 +1,10 @@
+-#!/usr/bin/env perl
+-
+-# PowerPC assembler distiller by <appro>.
++#! /usr/bin/env perl
++# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ my $flavour = shift;
+ my $output = shift;
+diff --git a/crypto/perlasm/sparcv9_modes.pl b/crypto/perlasm/sparcv9_modes.pl
+index 81e6026..47c2e53 100644
+--- a/crypto/perlasm/sparcv9_modes.pl
++++ b/crypto/perlasm/sparcv9_modes.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # Specific modes implementations for SPARC Architecture 2011. There
+ # is T4 dependency though, an ASI value that is not specified in the
+diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
+index 80ab17f..b96873b 100755
+--- a/crypto/perlasm/x86_64-xlate.pl
++++ b/crypto/perlasm/x86_64-xlate.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # Ascetic x86_64 AT&T to MASM/NASM assembler translator by <appro>.
+ #
+@@ -286,7 +293,7 @@ my %globals;
+ (opcode->mnemonic() =~ /^v?mov([qd])$/) && ($sz=$1) ||
+ (opcode->mnemonic() =~ /^v?pinsr([qdwb])$/) && ($sz=$1) ||
+ (opcode->mnemonic() =~ /^vpbroadcast([qdwb])$/) && ($sz=$1) ||
+- (opcode->mnemonic() =~ /^vinsert[fi]128$/) && ($sz="x");
++ (opcode->mnemonic() =~ /^v(?!perm)[a-z]+[fi]128$/) && ($sz="x");
+
+ if (defined($self->{index})) {
+ sprintf "%s[%s%s*%d%s]",$szmap{$sz},
+@@ -607,7 +614,10 @@ my %globals;
+ }
+ last;
+ };
+- /\.align/ && do { $self->{value} = "ALIGN\t".$line; last; };
++ /\.align/ && do { my $max = ($masm && $masm>=$masmref) ? 256 : 4096;
++ $self->{value} = "ALIGN\t".($line>$max?$max:$line);
++ last;
++ };
+ /\.(value|long|rva|quad)/
+ && do { my $sz = substr($1,0,1);
+ my @arr = split(/,\s*/,$line);
+diff --git a/crypto/perlasm/x86asm.pl b/crypto/perlasm/x86asm.pl
+index cae156a..4590ade 100644
+--- a/crypto/perlasm/x86asm.pl
++++ b/crypto/perlasm/x86asm.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # require 'x86asm.pl';
+ # &asm_init(<flavor>,"des-586.pl"[,$i386only]);
+diff --git a/crypto/perlasm/x86gas.pl b/crypto/perlasm/x86gas.pl
+index 9ee6fa3..2c8fce0 100644
+--- a/crypto/perlasm/x86gas.pl
++++ b/crypto/perlasm/x86gas.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ package x86gas;
+
+diff --git a/crypto/perlasm/x86masm.pl b/crypto/perlasm/x86masm.pl
+index 917d0f8..a0a354c 100644
+--- a/crypto/perlasm/x86masm.pl
++++ b/crypto/perlasm/x86masm.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ package x86masm;
+
+diff --git a/crypto/perlasm/x86nasm.pl b/crypto/perlasm/x86nasm.pl
+index 5d92f60..4b664a8 100644
+--- a/crypto/perlasm/x86nasm.pl
++++ b/crypto/perlasm/x86nasm.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ package x86nasm;
+
+diff --git a/crypto/pkcs12/Makefile.in b/crypto/pkcs12/Makefile.in
+deleted file mode 100644
+index abca0e7..0000000
+--- a/crypto/pkcs12/Makefile.in
++++ /dev/null
+@@ -1,49 +0,0 @@
+-#
+-# OpenSSL/crypto/pkcs12/Makefile
+-#
+-
+-DIR= pkcs12
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \
+- p12_init.c p12_key.c p12_kiss.c p12_mutl.c p12_sbag.c \
+- p12_utl.c p12_npas.c pk12err.c p12_p8d.c p12_p8e.c
+-LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \
+- p12_init.o p12_key.o p12_kiss.o p12_mutl.o p12_sbag.o \
+- p12_utl.o p12_npas.o pk12err.o p12_p8d.o p12_p8e.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= p12_lcl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-test:
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/pkcs12/p12_add.c b/crypto/pkcs12/p12_add.c
+index b7dffc4..8a5ad20 100644
+--- a/crypto/pkcs12/p12_add.c
++++ b/crypto/pkcs12/p12_add.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_asn.c b/crypto/pkcs12/p12_asn.c
+index 2f9481e..f2bfe32 100644
+--- a/crypto/pkcs12/p12_asn.c
++++ b/crypto/pkcs12/p12_asn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c
+index 994f386..bf44c0a 100644
+--- a/crypto/pkcs12/p12_attr.c
++++ b/crypto/pkcs12/p12_attr.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c
+index 666b500..1fe140a 100644
+--- a/crypto/pkcs12/p12_crpt.c
++++ b/crypto/pkcs12/p12_crpt.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c
+index 1fd22c0..ca4dd53 100644
+--- a/crypto/pkcs12/p12_crt.c
++++ b/crypto/pkcs12/p12_crt.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c
+index 2a89a48..9ad17d7 100644
+--- a/crypto/pkcs12/p12_decr.c
++++ b/crypto/pkcs12/p12_decr.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_init.c b/crypto/pkcs12/p12_init.c
+index 9c82969..a78e183 100644
+--- a/crypto/pkcs12/p12_init.c
++++ b/crypto/pkcs12/p12_init.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
+index 6a9a325..4f1d29b 100644
+--- a/crypto/pkcs12/p12_key.c
++++ b/crypto/pkcs12/p12_key.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -128,8 +79,8 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
+ #endif
+ v = EVP_MD_block_size(md_type);
+ u = EVP_MD_size(md_type);
+- if (u < 0)
+- return 0;
++ if (u < 0 || v <= 0)
++ goto err;
+ D = OPENSSL_malloc(v);
+ Ai = OPENSSL_malloc(u);
+ B = OPENSSL_malloc(v + 1);
+diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
+index ec59d83..ea7e0c9 100644
+--- a/crypto/pkcs12/p12_kiss.c
++++ b/crypto/pkcs12/p12_kiss.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_lcl.h b/crypto/pkcs12/p12_lcl.h
+index 49dc90c..8930875 100644
+--- a/crypto/pkcs12/p12_lcl.h
++++ b/crypto/pkcs12/p12_lcl.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2016.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ struct PKCS12_MAC_DATA_st {
+diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
+index 0395358..9bd672a 100644
+--- a/crypto/pkcs12/p12_mutl.c
++++ b/crypto/pkcs12/p12_mutl.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ # include <stdio.h>
+diff --git a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c
+index e23d035..21bd772 100644
+--- a/crypto/pkcs12/p12_npas.c
++++ b/crypto/pkcs12/p12_npas.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -66,17 +17,18 @@
+
+ /* PKCS#12 password change routine */
+
+-static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass);
+-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
+- char *newpass);
+-static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass);
++static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass);
++static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass,
++ const char *newpass);
++static int newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass,
++ const char *newpass);
+ static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
+
+ /*
+ * Change the password on a PKCS#12 structure.
+ */
+
+-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
++int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass)
+ {
+ /* Check for NULL PKCS12 structure */
+
+@@ -103,20 +55,21 @@ int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
+
+ /* Parse the outer PKCS#12 structure */
+
+-static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
++static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass)
+ {
+- STACK_OF(PKCS7) *asafes, *newsafes;
+- STACK_OF(PKCS12_SAFEBAG) *bags;
++ STACK_OF(PKCS7) *asafes = NULL, *newsafes = NULL;
++ STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
+ int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0;
+ PKCS7 *p7, *p7new;
+ ASN1_OCTET_STRING *p12_data_tmp = NULL, *macoct = NULL;
+ unsigned char mac[EVP_MAX_MD_SIZE];
+ unsigned int maclen;
++ int rv = 0;
+
+ if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL)
+- return 0;
++ goto err;
+ if ((newsafes = sk_PKCS7_new_null()) == NULL)
+- return 0;
++ goto err;
+ for (i = 0; i < sk_PKCS7_num(asafes); i++) {
+ p7 = sk_PKCS7_value(asafes, i);
+ bagnid = OBJ_obj2nid(p7->type);
+@@ -125,63 +78,59 @@ static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
+ } else if (bagnid == NID_pkcs7_encrypted) {
+ bags = PKCS12_unpack_p7encdata(p7, oldpass, -1);
+ if (!alg_get(p7->d.encrypted->enc_data->algorithm,
+- &pbe_nid, &pbe_iter, &pbe_saltlen)) {
+- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+- bags = NULL;
+- }
+- } else
++ &pbe_nid, &pbe_iter, &pbe_saltlen))
++ goto err;
++ } else {
+ continue;
+- if (!bags) {
+- sk_PKCS7_pop_free(asafes, PKCS7_free);
+- return 0;
+- }
+- if (!newpass_bags(bags, oldpass, newpass)) {
+- sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+- sk_PKCS7_pop_free(asafes, PKCS7_free);
+- return 0;
+ }
++ if (bags == NULL)
++ goto err;
++ if (!newpass_bags(bags, oldpass, newpass))
++ goto err;
+ /* Repack bag in same form with new password */
+ if (bagnid == NID_pkcs7_data)
+ p7new = PKCS12_pack_p7data(bags);
+ else
+ p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
+ pbe_saltlen, pbe_iter, bags);
++ if (!p7new || !sk_PKCS7_push(newsafes, p7new))
++ goto err;
+ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+- if (!p7new) {
+- sk_PKCS7_pop_free(asafes, PKCS7_free);
+- return 0;
+- }
+- sk_PKCS7_push(newsafes, p7new);
++ bags = NULL;
+ }
+- sk_PKCS7_pop_free(asafes, PKCS7_free);
+
+ /* Repack safe: save old safe in case of error */
+
+ p12_data_tmp = p12->authsafes->d.data;
+ if ((p12->authsafes->d.data = ASN1_OCTET_STRING_new()) == NULL)
+- goto saferr;
++ goto err;
+ if (!PKCS12_pack_authsafes(p12, newsafes))
+- goto saferr;
++ goto err;
+
+ if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))
+- goto saferr;
++ goto err;
+ X509_SIG_get0(NULL, &macoct, p12->mac->dinfo);
+ if (!ASN1_OCTET_STRING_set(macoct, mac, maclen))
+- goto saferr;
+- ASN1_OCTET_STRING_free(p12_data_tmp);
+-
+- return 1;
++ goto err;
+
+- saferr:
+- /* Restore old safe */
+- ASN1_OCTET_STRING_free(p12->authsafes->d.data);
+- p12->authsafes->d.data = p12_data_tmp;
+- return 0;
++ rv = 1;
+
++err:
++ /* Restore old safe if necessary */
++ if (rv == 1) {
++ ASN1_OCTET_STRING_free(p12_data_tmp);
++ } else if (p12_data_tmp != NULL) {
++ ASN1_OCTET_STRING_free(p12->authsafes->d.data);
++ p12->authsafes->d.data = p12_data_tmp;
++ }
++ sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
++ sk_PKCS7_pop_free(asafes, PKCS7_free);
++ sk_PKCS7_pop_free(newsafes, PKCS7_free);
++ return rv;
+ }
+
+-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
+- char *newpass)
++static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass,
++ const char *newpass)
+ {
+ int i;
+ for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
+@@ -193,7 +142,8 @@ static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
+
+ /* Change password of safebag: only needs handle shrouded keybags */
+
+-static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
++static int newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass,
++ const char *newpass)
+ {
+ PKCS8_PRIV_KEY_INFO *p8;
+ X509_SIG *p8new;
+@@ -208,8 +158,10 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
+ X509_SIG_get0(&shalg, NULL, bag->value.shkeybag);
+ if (!alg_get(shalg, &p8_nid, &p8_iter, &p8_saltlen))
+ return 0;
+- if ((p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
+- p8_iter, p8)) == NULL)
++ p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
++ p8_iter, p8);
++ PKCS8_PRIV_KEY_INFO_free(p8);
++ if (p8new == NULL)
+ return 0;
+ X509_SIG_free(bag->value.shkeybag);
+ bag->value.shkeybag = p8new;
+diff --git a/crypto/pkcs12/p12_p8d.c b/crypto/pkcs12/p12_p8d.c
+index 8980abe..97577da 100644
+--- a/crypto/pkcs12/p12_p8d.c
++++ b/crypto/pkcs12/p12_p8d.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_p8e.c b/crypto/pkcs12/p12_p8e.c
+index b79ca64..86a07e1 100644
+--- a/crypto/pkcs12/p12_p8e.c
++++ b/crypto/pkcs12/p12_p8e.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_sbag.c b/crypto/pkcs12/p12_sbag.c
+index ffdf22d..c8564b4 100644
+--- a/crypto/pkcs12/p12_sbag.c
++++ b/crypto/pkcs12/p12_sbag.c
+@@ -1,60 +1,10 @@
+-/* p12_sbag.c */
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999-2015.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c
+index 817327f..408c495 100644
+--- a/crypto/pkcs12/p12_utl.c
++++ b/crypto/pkcs12/p12_utl.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs12/pk12err.c b/crypto/pkcs12/pk12err.c
+index 0850da8..36053f1 100644
+--- a/crypto/pkcs12/pk12err.c
++++ b/crypto/pkcs12/pk12err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -69,14 +19,6 @@
+ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason)
+
+ static ERR_STRING_DATA PKCS12_str_functs[] = {
+- {ERR_FUNC(PKCS12_F_PARSE_BAG), "PARSE_BAG"},
+- {ERR_FUNC(PKCS12_F_PARSE_BAGS), "PARSE_BAGS"},
+- {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME), "PKCS12_ADD_FRIENDLYNAME"},
+- {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC),
+- "PKCS12_add_friendlyname_asc"},
+- {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI),
+- "PKCS12_add_friendlyname_uni"},
+- {ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID), "PKCS12_add_localkeyid"},
+ {ERR_FUNC(PKCS12_F_PKCS12_CREATE), "PKCS12_create"},
+ {ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC), "PKCS12_gen_mac"},
+ {ERR_FUNC(PKCS12_F_PKCS12_INIT), "PKCS12_init"},
+@@ -102,7 +44,6 @@ static ERR_STRING_DATA PKCS12_str_functs[] = {
+ {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"},
+ {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA), "PKCS12_unpack_p7data"},
+ {ERR_FUNC(PKCS12_F_PKCS12_VERIFY_MAC), "PKCS12_verify_mac"},
+- {ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE), "PKCS8_add_keyusage"},
+ {ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT), "PKCS8_encrypt"},
+ {ERR_FUNC(PKCS12_F_PKCS8_SET0_PBE), "PKCS8_set0_pbe"},
+ {0, NULL}
+@@ -125,7 +66,6 @@ static ERR_STRING_DATA PKCS12_str_reasons[] = {
+ {ERR_REASON(PKCS12_R_MAC_GENERATION_ERROR), "mac generation error"},
+ {ERR_REASON(PKCS12_R_MAC_SETUP_ERROR), "mac setup error"},
+ {ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR), "mac string set error"},
+- {ERR_REASON(PKCS12_R_MAC_VERIFY_ERROR), "mac verify error"},
+ {ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE), "mac verify failure"},
+ {ERR_REASON(PKCS12_R_PARSE_ERROR), "parse error"},
+ {ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR),
+diff --git a/crypto/pkcs7/Makefile.in b/crypto/pkcs7/Makefile.in
+deleted file mode 100644
+index b71d562..0000000
+--- a/crypto/pkcs7/Makefile.in
++++ /dev/null
+@@ -1,50 +0,0 @@
+-#
+-# OpenSSL/crypto/pkcs7/Makefile
+-#
+-
+-DIR= pkcs7
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-PLIB_LDFLAG=
+-EX_LIBS=
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile README
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
+- pk7_mime.c bio_pk7.c
+-LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
+- pk7_mime.o bio_pk7.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-test:
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/pkcs7/bio_pk7.c b/crypto/pkcs7/bio_pk7.c
+index 6014b12..29feaa3 100644
+--- a/crypto/pkcs7/bio_pk7.c
++++ b/crypto/pkcs7/bio_pk7.c
+@@ -1,55 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/asn1.h>
+diff --git a/crypto/pkcs7/pk7_asn1.c b/crypto/pkcs7/pk7_asn1.c
+index 485e676..315e1b8 100644
+--- a/crypto/pkcs7/pk7_asn1.c
++++ b/crypto/pkcs7/pk7_asn1.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs7/pk7_attr.c b/crypto/pkcs7/pk7_attr.c
+index 84c59aa..5f71670 100644
+--- a/crypto/pkcs7/pk7_attr.c
++++ b/crypto/pkcs7/pk7_attr.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs7/pk7_dgst.c b/crypto/pkcs7/pk7_dgst.c
+index 4b1376e..b0a6bd5 100644
+--- a/crypto/pkcs7/pk7_dgst.c
++++ b/crypto/pkcs7/pk7_dgst.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
+index 9d66fc4..1333e4d 100644
+--- a/crypto/pkcs7/pk7_doit.c
++++ b/crypto/pkcs7/pk7_doit.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -808,6 +760,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
+ goto err;
+
+ if (!EVP_SignFinal(ctx_tmp, abuf, &abuflen, si->pkey)) {
++ OPENSSL_free(abuf);
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
+ goto err;
+ }
+diff --git a/crypto/pkcs7/pk7_enc.c b/crypto/pkcs7/pk7_enc.c
+index cf47843..6889a04 100644
+--- a/crypto/pkcs7/pk7_enc.c
++++ b/crypto/pkcs7/pk7_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
+index cdf7302..69c68cf 100644
+--- a/crypto/pkcs7/pk7_lib.c
++++ b/crypto/pkcs7/pk7_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c
+index 19130ee..d44b3ad 100644
+--- a/crypto/pkcs7/pk7_mime.c
++++ b/crypto/pkcs7/pk7_mime.c
+@@ -1,55 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
+index 7c2d5c9..4418723 100644
+--- a/crypto/pkcs7/pk7_smime.c
++++ b/crypto/pkcs7/pk7_smime.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Simple PKCS#7 processing functions */
+diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c
+index d897cfb..bcb479d 100644
+--- a/crypto/pkcs7/pkcs7err.c
++++ b/crypto/pkcs7/pkcs7err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -69,13 +19,11 @@
+ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason)
+
+ static ERR_STRING_DATA PKCS7_str_functs[] = {
+- {ERR_FUNC(PKCS7_F_B64_READ_PKCS7), "B64_READ_PKCS7"},
+- {ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7), "B64_WRITE_PKCS7"},
+ {ERR_FUNC(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB), "do_pkcs7_signed_attrib"},
+- {ERR_FUNC(PKCS7_F_I2D_PKCS7_BIO_STREAM), "i2d_PKCS7_bio_stream"},
+ {ERR_FUNC(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME),
+ "PKCS7_add0_attrib_signing_time"},
+- {ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP), "PKCS7_add_attrib_smimecap"},
++ {ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP),
++ "PKCS7_add_attrib_smimecap"},
+ {ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE), "PKCS7_add_certificate"},
+ {ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"},
+ {ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"},
+@@ -88,7 +36,6 @@ static ERR_STRING_DATA PKCS7_str_functs[] = {
+ {ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"},
+ {ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL), "PKCS7_dataFinal"},
+ {ERR_FUNC(PKCS7_F_PKCS7_DATAINIT), "PKCS7_dataInit"},
+- {ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"},
+ {ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"},
+ {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"},
+ {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT_RINFO), "pkcs7_decrypt_rinfo"},
+@@ -109,21 +56,18 @@ static ERR_STRING_DATA PKCS7_str_functs[] = {
+ {ERR_FUNC(PKCS7_F_PKCS7_SIGN_ADD_SIGNER), "PKCS7_sign_add_signer"},
+ {ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP), "PKCS7_simple_smimecap"},
+ {ERR_FUNC(PKCS7_F_PKCS7_VERIFY), "PKCS7_verify"},
+- {ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7), "SMIME_read_PKCS7"},
+- {ERR_FUNC(PKCS7_F_SMIME_TEXT), "SMIME_text"},
+ {0, NULL}
+ };
+
+ static ERR_STRING_DATA PKCS7_str_reasons[] = {
+- {ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
++ {ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR),
++ "certificate verify error"},
+ {ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
+ "cipher has no object identifier"},
+ {ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED), "cipher not initialized"},
+- {ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT), "content and data present"},
++ {ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),
++ "content and data present"},
+ {ERR_REASON(PKCS7_R_CTRL_ERROR), "ctrl error"},
+- {ERR_REASON(PKCS7_R_DECODE_ERROR), "decode error"},
+- {ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),
+- "decrypted key is wrong length"},
+ {ERR_REASON(PKCS7_R_DECRYPT_ERROR), "decrypt error"},
+ {ERR_REASON(PKCS7_R_DIGEST_FAILURE), "digest failure"},
+ {ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE), "encryption ctrl failure"},
+@@ -131,37 +75,23 @@ static ERR_STRING_DATA PKCS7_str_reasons[] = {
+ "encryption not supported for this key type"},
+ {ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT), "error adding recipient"},
+ {ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER), "error setting cipher"},
+- {ERR_REASON(PKCS7_R_INVALID_MIME_TYPE), "invalid mime type"},
+ {ERR_REASON(PKCS7_R_INVALID_NULL_POINTER), "invalid null pointer"},
+- {ERR_REASON(PKCS7_R_INVALID_SIGNED_DATA_TYPE), "invalid signed data type"},
+- {ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
+- {ERR_REASON(PKCS7_R_MIME_PARSE_ERROR), "mime parse error"},
+- {ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"},
+- {ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO), "missing ceripend info"},
++ {ERR_REASON(PKCS7_R_INVALID_SIGNED_DATA_TYPE),
++ "invalid signed data type"},
+ {ERR_REASON(PKCS7_R_NO_CONTENT), "no content"},
+- {ERR_REASON(PKCS7_R_NO_CONTENT_TYPE), "no content type"},
+ {ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST), "no default digest"},
+ {ERR_REASON(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND),
+ "no matching digest type found"},
+- {ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),
+- "no multipart body failure"},
+- {ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
+ {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),
+ "no recipient matches certificate"},
+- {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_KEY), "no recipient matches key"},
+ {ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA), "no signatures on data"},
+ {ERR_REASON(PKCS7_R_NO_SIGNERS), "no signers"},
+- {ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE), "no sig content type"},
+ {ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),
+ "operation not supported on this type"},
+ {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),
+ "pkcs7 add signature error"},
+ {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNER_ERROR), "pkcs7 add signer error"},
+- {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL), "pkcs7 datafinal"},
+- {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR), "pkcs7 datafinal error"},
+ {ERR_REASON(PKCS7_R_PKCS7_DATASIGN), "pkcs7 datasign"},
+- {ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR), "pkcs7 parse error"},
+- {ERR_REASON(PKCS7_R_PKCS7_SIG_PARSE_ERROR), "pkcs7 sig parse error"},
+ {ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
+ "private key does not match certificate"},
+ {ERR_REASON(PKCS7_R_SIGNATURE_FAILURE), "signature failure"},
+@@ -170,7 +100,6 @@ static ERR_STRING_DATA PKCS7_str_reasons[] = {
+ {ERR_REASON(PKCS7_R_SIGNING_CTRL_FAILURE), "signing ctrl failure"},
+ {ERR_REASON(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
+ "signing not supported for this key type"},
+- {ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
+ {ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR), "smime text error"},
+ {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),
+ "unable to find certificate"},
+@@ -180,7 +109,8 @@ static ERR_STRING_DATA PKCS7_str_reasons[] = {
+ {ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE), "unknown digest type"},
+ {ERR_REASON(PKCS7_R_UNKNOWN_OPERATION), "unknown operation"},
+ {ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE), "unsupported cipher type"},
+- {ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE), "unsupported content type"},
++ {ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE),
++ "unsupported content type"},
+ {ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE), "wrong content type"},
+ {ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE), "wrong pkcs7 type"},
+ {0, NULL}
+diff --git a/crypto/poly1305/Makefile.in b/crypto/poly1305/Makefile.in
+deleted file mode 100644
+index 0601bf7..0000000
+--- a/crypto/poly1305/Makefile.in
++++ /dev/null
+@@ -1,61 +0,0 @@
+-#
+-# OpenSSL/crypto/poly1305/Makefile
+-#
+-
+-DIR= poly1305
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-AR= ar r
+-
+-POLY1305_ASM_OBJ=
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=poly1305.c
+-LIBOBJ=poly1305.o $(POLY1305_ASM_OBJ)
+-
+-SRC= $(LIBSRC)
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-poly1305-sparcv9.S: asm/poly1305-sparcv9.pl
+- $(PERL) asm/poly1305-sparcv9.pl $(PERLASM_SCHEME) $@
+-poly1305-x86.s: asm/poly1305-x86.pl
+- $(PERL) asm/poly1305-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-poly1305-x86_64.s: asm/poly1305-x86_64.pl
+- $(PERL) asm/poly1305-x86_64.pl $(PERLASM_SCHEME) $@
+-poly1305-ppc.s: asm/poly1305-ppc.pl
+- $(PERL) asm/poly1305-ppc.pl $(PERLASM_SCHEME) $@
+-poly1305-ppcfp.s: asm/poly1305-ppcfp.pl
+- $(PERL) asm/poly1305-ppcfp.pl $(PERLASM_SCHEME) $@
+-
+-poly1305-%.S: asm/poly1305-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-
+-poly1305-armv4.o: poly1305-armv4.S
+-poly1305-armv8.o: poly1305-armv8.S
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/poly1305/asm/poly1305-armv4.pl b/crypto/poly1305/asm/poly1305-armv4.pl
+index aa3f228..fc899ce 100755
+--- a/crypto/poly1305/asm/poly1305-armv4.pl
++++ b/crypto/poly1305/asm/poly1305-armv4.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+@@ -10,7 +17,7 @@
+ # IALU(*)/gcc-4.4 NEON
+ #
+ # ARM11xx(ARMv6) 7.78/+100% -
+-# Cortex-A5 6.35/+130% 2.96
++# Cortex-A5 6.35/+130% 3.00
+ # Cortex-A8 6.25/+115% 2.36
+ # Cortex-A9 5.10/+95% 2.55
+ # Cortex-A15 3.85/+85% 1.25(**)
+@@ -523,6 +530,51 @@ poly1305_init_neon:
+ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
+ @ lazy reduction as discussed in "NEON crypto" by D.J. Bernstein
+ @ and P. Schwabe
++ @
++ @ H0>>+H1>>+H2>>+H3>>+H4
++ @ H3>>+H4>>*5+H0>>+H1
++ @
++ @ Trivia.
++ @
++ @ Result of multiplication of n-bit number by m-bit number is
++ @ n+m bits wide. However! Even though 2^n is a n+1-bit number,
++ @ m-bit number multiplied by 2^n is still n+m bits wide.
++ @
++ @ Sum of two n-bit numbers is n+1 bits wide, sum of three - n+2,
++ @ and so is sum of four. Sum of 2^m n-m-bit numbers and n-bit
++ @ one is n+1 bits wide.
++ @
++ @ >>+ denotes Hnext += Hn>>26, Hn &= 0x3ffffff. This means that
++ @ H0, H2, H3 are guaranteed to be 26 bits wide, while H1 and H4
++ @ can be 27. However! In cases when their width exceeds 26 bits
++ @ they are limited by 2^26+2^6. This in turn means that *sum*
++ @ of the products with these values can still be viewed as sum
++ @ of 52-bit numbers as long as the amount of addends is not a
++ @ power of 2. For example,
++ @
++ @ H4 = H4*R0 + H3*R1 + H2*R2 + H1*R3 + H0 * R4,
++ @
++ @ which can't be larger than 5 * (2^26 + 2^6) * (2^26 + 2^6), or
++ @ 5 * (2^52 + 2*2^32 + 2^12), which in turn is smaller than
++ @ 8 * (2^52) or 2^55. However, the value is then multiplied by
++ @ by 5, so we should be looking at 5 * 5 * (2^52 + 2^33 + 2^12),
++ @ which is less than 32 * (2^52) or 2^57. And when processing
++ @ data we are looking at triple as many addends...
++ @
++ @ In key setup procedure pre-reduced H0 is limited by 5*4+1 and
++ @ 5*H4 - by 5*5 52-bit addends, or 57 bits. But when hashing the
++ @ input H0 is limited by (5*4+1)*3 addends, or 58 bits, while
++ @ 5*H4 by 5*5*3, or 59[!] bits. How is this relevant? vmlal.u32
++ @ instruction accepts 2x32-bit input and writes 2x64-bit result.
++ @ This means that result of reduction have to be compressed upon
++ @ loop wrap-around. This can be done in the process of reduction
++ @ to minimize amount of instructions [as well as amount of
++ @ 128-bit instructions, which benefits low-end processors], but
++ @ one has to watch for H2 (which is narrower than H0) and 5*H4
++ @ not being wider than 58 bits, so that result of right shift
++ @ by 26 bits fits in 32 bits. This is also useful on x86,
++ @ because it allows to use paddd in place for paddq, which
++ @ benefits Atom, where paddq is ridiculously slow.
+
+ vshr.u64 $T0,$D3,#26
+ vmovn.i64 $D3#lo,$D3
+@@ -887,7 +939,8 @@ poly1305_blocks_neon:
+ # endif
+
+ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
+- @ lazy reduction interleaved with base 2^32 -> base 2^26
++ @ lazy reduction interleaved with base 2^32 -> base 2^26 of
++ @ inp[0:3] previously loaded to $H0-$H3 and smashed to $H0-$H4.
+
+ vshr.u64 $T0,$D3,#26
+ vmovn.i64 $D3#lo,$D3
+@@ -915,19 +968,20 @@ poly1305_blocks_neon:
+ vbic.i32 $H3,#0xfc000000
+ vshrn.u64 $T1#lo,$D2,#26
+ vmovn.i64 $D2#lo,$D2
+- vadd.i32 $D0#lo,$D0#lo,$T0#lo @ h4 -> h0
++ vaddl.u32 $D0,$D0#lo,$T0#lo @ h4 -> h0 [widen for a sec]
+ vsri.u32 $H2,$H1,#20
+ vadd.i32 $D3#lo,$D3#lo,$T1#lo @ h2 -> h3
+ vshl.u32 $H1,$H1,#6
+ vbic.i32 $D2#lo,#0xfc000000
+ vbic.i32 $H2,#0xfc000000
+
+- vshr.u32 $T0#lo,$D0#lo,#26
+- vbic.i32 $D0#lo,#0xfc000000
++ vshrn.u64 $T0#lo,$D0,#26 @ re-narrow
++ vmovn.i64 $D0#lo,$D0
+ vsri.u32 $H1,$H0,#26
+ vbic.i32 $H0,#0xfc000000
+ vshr.u32 $T1#lo,$D3#lo,#26
+ vbic.i32 $D3#lo,#0xfc000000
++ vbic.i32 $D0#lo,#0xfc000000
+ vadd.i32 $D1#lo,$D1#lo,$T0#lo @ h0 -> h1
+ vadd.i32 $D4#lo,$D4#lo,$T1#lo @ h3 -> h4
+ vbic.i32 $H1,#0xfc000000
+diff --git a/crypto/poly1305/asm/poly1305-armv8.pl b/crypto/poly1305/asm/poly1305-armv8.pl
+index 2e1dae3..98a96b7 100755
+--- a/crypto/poly1305/asm/poly1305-armv8.pl
++++ b/crypto/poly1305/asm/poly1305-armv8.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+@@ -19,7 +26,7 @@
+ # Cortex-A53 2.69/+58% 1.47
+ # Cortex-A57 2.70/+7% 1.14
+ # Denver 1.64/+50% 1.18(*)
+-# X-Gene 2.13/+68% 2.19
++# X-Gene 2.13/+68% 2.27
+ #
+ # (*) estimate based on resources availability is less than 1.0,
+ # i.e. measured result is worse than expected, presumably binary
+@@ -507,9 +514,11 @@ poly1305_blocks_neon:
+ fmov $IN01_1,x6
+ add x10,x10,x11,lsl#32 // bfi x10,x11,#32,#32
+ add x12,x12,x13,lsl#32 // bfi x12,x13,#32,#32
++ movi $MASK.2d,#-1
+ fmov $IN01_2,x8
+ fmov $IN01_3,x10
+ fmov $IN01_4,x12
++ ushr $MASK.2d,$MASK.2d,#38
+
+ b.ls .Lskip_loop
+
+@@ -660,41 +669,43 @@ poly1305_blocks_neon:
+ fmov $IN01_2,x8
+ umlal $ACC2,$IN01_4,${S3}[0]
+ fmov $IN01_3,x10
++ fmov $IN01_4,x12
+
+ /////////////////////////////////////////////////////////////////
+ // lazy reduction as discussed in "NEON crypto" by D.J. Bernstein
+- // and P. Schwabe
++ // and P. Schwabe
++ //
++ // [see discussion in poly1305-armv4 module]
+
+ ushr $T0.2d,$ACC3,#26
+- fmov $IN01_4,x12
+ xtn $H3,$ACC3
+ ushr $T1.2d,$ACC0,#26
+- xtn $H0,$ACC0
++ and $ACC0,$ACC0,$MASK.2d
+ add $ACC4,$ACC4,$T0.2d // h3 -> h4
+ bic $H3,#0xfc,lsl#24 // &=0x03ffffff
+ add $ACC1,$ACC1,$T1.2d // h0 -> h1
+- bic $H0,#0xfc,lsl#24
+
+- shrn $T0.2s,$ACC4,#26
++ ushr $T0.2d,$ACC4,#26
+ xtn $H4,$ACC4
+ ushr $T1.2d,$ACC1,#26
+ xtn $H1,$ACC1
+- add $ACC2,$ACC2,$T1.2d // h1 -> h2
+ bic $H4,#0xfc,lsl#24
+- bic $H1,#0xfc,lsl#24
++ add $ACC2,$ACC2,$T1.2d // h1 -> h2
+
+- add $H0,$H0,$T0.2s
+- shl $T0.2s,$T0.2s,#2
++ add $ACC0,$ACC0,$T0.2d
++ shl $T0.2d,$T0.2d,#2
+ shrn $T1.2s,$ACC2,#26
+ xtn $H2,$ACC2
+- add $H0,$H0,$T0.2s // h4 -> h0
++ add $ACC0,$ACC0,$T0.2d // h4 -> h0
++ bic $H1,#0xfc,lsl#24
+ add $H3,$H3,$T1.2s // h2 -> h3
+ bic $H2,#0xfc,lsl#24
+
+- ushr $T0.2s,$H0,#26
+- bic $H0,#0xfc,lsl#24
++ shrn $T0.2s,$ACC0,#26
++ xtn $H0,$ACC0
+ ushr $T1.2s,$H3,#26
+ bic $H3,#0xfc,lsl#24
++ bic $H0,#0xfc,lsl#24
+ add $H1,$H1,$T0.2s // h0 -> h1
+ add $H4,$H4,$T1.2s // h3 -> h4
+
+@@ -702,9 +713,7 @@ poly1305_blocks_neon:
+
+ .Lskip_loop:
+ dup $IN23_2,${IN23_2}[0]
+- movi $MASK.2d,#-1
+ add $IN01_2,$IN01_2,$H2
+- ushr $MASK.2d,$MASK.2d,#38
+
+ ////////////////////////////////////////////////////////////////
+ // multiply (inp[0:1]+hash) or inp[2:3] by r^2:r^1
+diff --git a/crypto/poly1305/asm/poly1305-c64xplus.pl b/crypto/poly1305/asm/poly1305-c64xplus.pl
+index a7cf47d..93fef37 100755
+--- a/crypto/poly1305/asm/poly1305-c64xplus.pl
++++ b/crypto/poly1305/asm/poly1305-c64xplus.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/poly1305/asm/poly1305-mips.pl b/crypto/poly1305/asm/poly1305-mips.pl
+new file mode 100755
+index 0000000..b5bce47
+--- /dev/null
++++ b/crypto/poly1305/asm/poly1305-mips.pl
+@@ -0,0 +1,421 @@
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++
++# ====================================================================
++# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
++# project. The module is, however, dual licensed under OpenSSL and
++# CRYPTOGAMS licenses depending on where you obtain it. For further
++# details see http://www.openssl.org/~appro/cryptogams/.
++# ====================================================================
++
++# Poly1305 hash for MIPS64.
++#
++# May 2016
++#
++# Numbers are cycles per processed byte with poly1305_blocks alone.
++#
++# IALU/gcc
++# R1x000 5.64/+120% (big-endian)
++# Octeon II 3.80/+280% (little-endian)
++
++######################################################################
++# There is a number of MIPS ABI in use, O32 and N32/64 are most
++# widely used. Then there is a new contender: NUBI. It appears that if
++# one picks the latter, it's possible to arrange code in ABI neutral
++# manner. Therefore let's stick to NUBI register layout:
++#
++($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
++($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
++($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
++($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
++#
++# The return value is placed in $a0. Following coding rules facilitate
++# interoperability:
++#
++# - never ever touch $tp, "thread pointer", former $gp [o32 can be
++# excluded from the rule, because it's specified volatile];
++# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
++# old code];
++# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
++#
++# For reference here is register layout for N32/64 MIPS ABIs:
++#
++# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
++# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
++# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
++# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
++# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
++#
++# <appro at openssl.org>
++#
++######################################################################
++
++$flavour = shift || "o32"; # supported flavours are o32,n32,64,nubi32,nubi64
++
++die "MIPS64 only" unless ($flavour =~ /64|n32/i);
++
++$v0 = ($flavour =~ /nubi/i) ? $a0 : $t0;
++$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? "0x0003f000" : "0x00030000";
++
++($ctx,$inp,$len,$padbit) = ($a0,$a1,$a2,$a3);
++($in0,$in1,$tmp0,$tmp1,$tmp2,$tmp3,$tmp4) = ($a4,$a5,$a6,$a7,$at,$t0,$t1);
++
++$code.=<<___;
++#ifdef MIPSEB
++# define MSB 0
++# define LSB 7
++#else
++# define MSB 7
++# define LSB 0
++#endif
++
++.text
++.set noat
++.set noreorder
++
++.align 5
++.globl poly1305_init
++.ent poly1305_init
++poly1305_init:
++ .frame $sp,0,$ra
++ .set reorder
++
++ sd $zero,0($ctx)
++ sd $zero,8($ctx)
++ sd $zero,16($ctx)
++
++ beqz $inp,.Lno_key
++
++ ldl $in0,0+MSB($inp)
++ ldl $in1,8+MSB($inp)
++ ldr $in0,0+LSB($inp)
++ ldr $in1,8+LSB($inp)
++#ifdef MIPSEB
++# if defined(_MIPS_ARCH_MIPS64R2)
++ dsbh $in0,$in0 # byte swap
++ dsbh $in1,$in1
++ dshd $in0,$in0
++ dshd $in1,$in1
++# else
++ ori $tmp0,$zero,0xFF
++ dsll $tmp2,$tmp0,32
++ or $tmp0,$tmp2 # 0x000000FF000000FF
++
++ and $tmp1,$in0,$tmp0 # byte swap
++ and $tmp3,$in1,$tmp0
++ dsrl $tmp2,$in0,24
++ dsrl $tmp4,$in1,24
++ dsll $tmp1,24
++ dsll $tmp3,24
++ and $tmp2,$tmp0
++ and $tmp4,$tmp0
++ dsll $tmp0,8 # 0x0000FF000000FF00
++ or $tmp1,$tmp2
++ or $tmp3,$tmp4
++ and $tmp2,$in0,$tmp0
++ and $tmp4,$in1,$tmp0
++ dsrl $in0,8
++ dsrl $in1,8
++ dsll $tmp2,8
++ dsll $tmp4,8
++ and $in0,$tmp0
++ and $in1,$tmp0
++ or $tmp1,$tmp2
++ or $tmp3,$tmp4
++ or $in0,$tmp1
++ or $in1,$tmp3
++ dsrl $tmp1,$in0,32
++ dsrl $tmp3,$in1,32
++ dsll $in0,32
++ dsll $in1,32
++ or $in0,$tmp1
++ or $in1,$tmp3
++# endif
++#endif
++ li $tmp0,1
++ dsll $tmp0,32
++ daddiu $tmp0,-63
++ dsll $tmp0,28
++ daddiu $tmp0,-1 # 0ffffffc0fffffff
++
++ and $in0,$tmp0
++ daddiu $tmp0,-3 # 0ffffffc0ffffffc
++ and $in1,$tmp0
++
++ sd $in0,24($ctx)
++ dsrl $tmp0,$in1,2
++ sd $in1,32($ctx)
++ daddu $tmp0,$in1 # s1 = r1 + (r1 >> 2)
++ sd $tmp0,40($ctx)
++
++.Lno_key:
++ li $v0,0 # return 0
++ jr $ra
++.end poly1305_init
++___
++{
++my ($h0,$h1,$h2,$r0,$r1,$s1,$d0,$d1,$d2) =
++ ($s0,$s1,$s2,$s3,$s4,$s5,$in0,$in1,$t2);
++
++$code.=<<___;
++.align 5
++.globl poly1305_blocks
++.ent poly1305_blocks
++poly1305_blocks:
++ .set noreorder
++ dsrl $len,4 # number of complete blocks
++ beqz $len,.Lno_data
++ nop
++
++ .frame $sp,8*8,$ra
++ .mask $SAVED_REGS_MASK,-8
++ dsub $sp,8*8
++ sd $s5,0($sp)
++ sd $s4,8($sp)
++___
++$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
++ sd $s3,16($sp)
++ sd $s2,24($sp)
++ sd $s1,32($sp)
++ sd $s0,40($sp)
++___
++$code.=<<___;
++ .set reorder
++
++ ld $h0,0($ctx) # load hash value
++ ld $h1,8($ctx)
++ ld $h2,16($ctx)
++
++ ld $r0,24($ctx) # load key
++ ld $r1,32($ctx)
++ ld $s1,40($ctx)
++
++.Loop:
++ ldl $in0,0+MSB($inp) # load input
++ ldl $in1,8+MSB($inp)
++ ldr $in0,0+LSB($inp)
++ daddiu $len,-1
++ ldr $in1,8+LSB($inp)
++ daddiu $inp,16
++#ifdef MIPSEB
++# if defined(_MIPS_ARCH_MIPS64R2)
++ dsbh $in0,$in0 # byte swap
++ dsbh $in1,$in1
++ dshd $in0,$in0
++ dshd $in1,$in1
++# else
++ ori $tmp0,$zero,0xFF
++ dsll $tmp2,$tmp0,32
++ or $tmp0,$tmp2 # 0x000000FF000000FF
++
++ and $tmp1,$in0,$tmp0 # byte swap
++ and $tmp3,$in1,$tmp0
++ dsrl $tmp2,$in0,24
++ dsrl $tmp4,$in1,24
++ dsll $tmp1,24
++ dsll $tmp3,24
++ and $tmp2,$tmp0
++ and $tmp4,$tmp0
++ dsll $tmp0,8 # 0x0000FF000000FF00
++ or $tmp1,$tmp2
++ or $tmp3,$tmp4
++ and $tmp2,$in0,$tmp0
++ and $tmp4,$in1,$tmp0
++ dsrl $in0,8
++ dsrl $in1,8
++ dsll $tmp2,8
++ dsll $tmp4,8
++ and $in0,$tmp0
++ and $in1,$tmp0
++ or $tmp1,$tmp2
++ or $tmp3,$tmp4
++ or $in0,$tmp1
++ or $in1,$tmp3
++ dsrl $tmp1,$in0,32
++ dsrl $tmp3,$in1,32
++ dsll $in0,32
++ dsll $in1,32
++ or $in0,$tmp1
++ or $in1,$tmp3
++# endif
++#endif
++ daddu $h0,$in0 # accumulate input
++ daddu $h1,$in1
++ sltu $tmp0,$h0,$in0
++ sltu $tmp1,$h1,$in1
++ daddu $h1,$tmp0
++
++ dmultu $r0,$h0 # h0*r0
++ daddu $h2,$padbit
++ sltu $tmp0,$h1,$tmp0
++ mflo $d0
++ mfhi $d1
++
++ dmultu $s1,$h1 # h1*5*r1
++ daddu $tmp0,$tmp1
++ daddu $h2,$tmp0
++ mflo $tmp0
++ mfhi $tmp1
++
++ dmultu $r1,$h0 # h0*r1
++ daddu $d0,$tmp0
++ daddu $d1,$tmp1
++ mflo $tmp2
++ mfhi $d2
++ sltu $tmp0,$d0,$tmp0
++ daddu $d1,$tmp0
++
++ dmultu $r0,$h1 # h1*r0
++ daddu $d1,$tmp2
++ sltu $tmp2,$d1,$tmp2
++ mflo $tmp0
++ mfhi $tmp1
++ daddu $d2,$tmp2
++
++ dmultu $s1,$h2 # h2*5*r1
++ daddu $d1,$tmp0
++ daddu $d2,$tmp1
++ mflo $tmp2
++
++ dmultu $r0,$h2 # h2*r0
++ sltu $tmp0,$d1,$tmp0
++ daddu $d2,$tmp0
++ mflo $tmp3
++
++ daddu $d1,$tmp2
++ daddu $d2,$tmp3
++ sltu $tmp2,$d1,$tmp2
++ daddu $d2,$tmp2
++
++ li $tmp0,-4 # final reduction
++ and $tmp0,$d2
++ dsrl $tmp1,$d2,2
++ andi $h2,$d2,3
++ daddu $tmp0,$tmp1
++ daddu $h0,$d0,$tmp0
++ sltu $tmp0,$h0,$tmp0
++ daddu $h1,$d1,$tmp0
++ sltu $tmp0,$h1,$tmp0
++ daddu $h2,$h2,$tmp0
++
++ bnez $len,.Loop
++
++ sd $h0,0($ctx) # store hash value
++ sd $h1,8($ctx)
++ sd $h2,16($ctx)
++
++ .set noreorder
++ ld $s5,0($sp) # epilogue
++ ld $s4,8($sp)
++___
++$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi epilogue
++ ld $s3,16($sp)
++ ld $s2,24($sp)
++ ld $s1,32($sp)
++ ld $s0,40($sp)
++___
++$code.=<<___;
++ dadd $sp,8*8
++
++.Lno_data:
++ jr $ra
++ nop
++.end poly1305_blocks
++___
++}
++{
++my ($ctx,$mac,$nonce) = ($a0,$a1,$a2);
++
++$code.=<<___;
++.align 5
++.globl poly1305_emit
++.ent poly1305_emit
++poly1305_emit:
++ .frame $sp,0,$ra
++ .set reorder
++
++ ld $tmp0,0($ctx)
++ ld $tmp1,8($ctx)
++ ld $tmp2,16($ctx)
++
++ daddiu $in0,$tmp0,5 # compare to modulus
++ sltiu $tmp3,$in0,5
++ daddu $in1,$tmp1,$tmp3
++ sltu $tmp3,$in1,$tmp3
++ daddu $tmp2,$tmp2,$tmp3
++
++ dsrl $tmp2,2 # see if it carried/borrowed
++ dsubu $tmp2,$zero,$tmp2
++ nor $tmp3,$zero,$tmp2
++
++ and $in0,$tmp2
++ and $tmp0,$tmp3
++ and $in1,$tmp2
++ and $tmp1,$tmp3
++ or $in0,$tmp0
++ or $in1,$tmp1
++
++ lwu $tmp0,0($nonce) # load nonce
++ lwu $tmp1,4($nonce)
++ lwu $tmp2,8($nonce)
++ lwu $tmp3,12($nonce)
++ dsll $tmp1,32
++ dsll $tmp3,32
++ or $tmp0,$tmp1
++ or $tmp2,$tmp3
++
++ daddu $in0,$tmp0 # accumulate nonce
++ daddu $in1,$tmp2
++ sltu $tmp0,$in0,$tmp0
++ daddu $in1,$tmp0
++
++ dsrl $tmp0,$in0,8 # write mac value
++ dsrl $tmp1,$in0,16
++ dsrl $tmp2,$in0,24
++ sb $in0,0($mac)
++ dsrl $tmp3,$in0,32
++ sb $tmp0,1($mac)
++ dsrl $tmp0,$in0,40
++ sb $tmp1,2($mac)
++ dsrl $tmp1,$in0,48
++ sb $tmp2,3($mac)
++ dsrl $tmp2,$in0,56
++ sb $tmp3,4($mac)
++ dsrl $tmp3,$in1,8
++ sb $tmp0,5($mac)
++ dsrl $tmp0,$in1,16
++ sb $tmp1,6($mac)
++ dsrl $tmp1,$in1,24
++ sb $tmp2,7($mac)
++
++ sb $in1,8($mac)
++ dsrl $tmp2,$in1,32
++ sb $tmp3,9($mac)
++ dsrl $tmp3,$in1,40
++ sb $tmp0,10($mac)
++ dsrl $tmp0,$in1,48
++ sb $tmp1,11($mac)
++ dsrl $tmp1,$in1,56
++ sb $tmp2,12($mac)
++ sb $tmp3,13($mac)
++ sb $tmp0,14($mac)
++ sb $tmp1,15($mac)
++
++ jr $ra
++.end poly1305_emit
++.rdata
++.asciiz "Poly1305 for MIPS64, CRYPTOGAMS by <appro\@openssl.org>"
++.align 2
++___
++}
++
++$output=pop and open STDOUT,">$output";
++print $code;
++close STDOUT;
++
+diff --git a/crypto/poly1305/asm/poly1305-ppc.pl b/crypto/poly1305/asm/poly1305-ppc.pl
+index 07da9d1..8a06c77 100755
+--- a/crypto/poly1305/asm/poly1305-ppc.pl
++++ b/crypto/poly1305/asm/poly1305-ppc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/poly1305/asm/poly1305-ppcfp.pl b/crypto/poly1305/asm/poly1305-ppcfp.pl
+index c8636a4..49f70a8 100755
+--- a/crypto/poly1305/asm/poly1305-ppcfp.pl
++++ b/crypto/poly1305/asm/poly1305-ppcfp.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/poly1305/asm/poly1305-s390x.pl b/crypto/poly1305/asm/poly1305-s390x.pl
+index 141ba8d..82d757d 100755
+--- a/crypto/poly1305/asm/poly1305-s390x.pl
++++ b/crypto/poly1305/asm/poly1305-s390x.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/poly1305/asm/poly1305-sparcv9.pl b/crypto/poly1305/asm/poly1305-sparcv9.pl
+index 497e270..460c863 100755
+--- a/crypto/poly1305/asm/poly1305-sparcv9.pl
++++ b/crypto/poly1305/asm/poly1305-sparcv9.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+@@ -74,8 +81,8 @@ poly1305_init:
+ SPARC_LOAD_ADDRESS(OPENSSL_sparcv9cap_P,%g1)
+ ld [%g1],%g1
+
+- and %g1,SPARCV9_FMADD|SPARCV9_PREFER_FPU|SPARCV9_VIS3,%g1
+- cmp %g1,SPARCV9_FMADD|SPARCV9_PREFER_FPU
++ and %g1,SPARCV9_FMADD|SPARCV9_VIS3,%g1
++ cmp %g1,SPARCV9_FMADD
+ be .Lpoly1305_init_fma
+ nop
+
+diff --git a/crypto/poly1305/asm/poly1305-x86.pl b/crypto/poly1305/asm/poly1305-x86.pl
+index 97d0a81..ecc0ee6 100755
+--- a/crypto/poly1305/asm/poly1305-x86.pl
++++ b/crypto/poly1305/asm/poly1305-x86.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+@@ -541,11 +548,12 @@ my $base = shift; $base = "esp" if (!defined($base));
+
+ sub lazy_reduction {
+ my $extra = shift;
+-my $paddx = defined($extra) ? paddq : paddd;
+
+ ################################################################
+ # lazy reduction as discussed in "NEON crypto" by D.J. Bernstein
+ # and P. Schwabe
++ #
++ # [(*) see discussion in poly1305-armv4 module]
+
+ &movdqa ($T0,$D3);
+ &pand ($D3,$MASK);
+@@ -567,7 +575,7 @@ my $paddx = defined($extra) ? paddq : paddd;
+ # on Atom
+ &psllq ($T0,2);
+ &paddq ($T1,$D2); # h1 -> h2
+- &$paddx ($T0,$D0); # h4 -> h0
++ &paddq ($T0,$D0); # h4 -> h0 (*)
+ &pand ($D1,$MASK);
+ &movdqa ($D2,$T1);
+ &psrlq ($T1,26);
+diff --git a/crypto/poly1305/asm/poly1305-x86_64.pl b/crypto/poly1305/asm/poly1305-x86_64.pl
+index 7d67611..8804a99 100755
+--- a/crypto/poly1305/asm/poly1305-x86_64.pl
++++ b/crypto/poly1305/asm/poly1305-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+@@ -130,8 +137,12 @@ $code.=<<___;
+ .extern OPENSSL_ia32cap_P
+
+ .globl poly1305_init
++.hidden poly1305_init
+ .globl poly1305_blocks
++.hidden poly1305_blocks
+ .globl poly1305_emit
++.hidden poly1305_emit
++
+ .type poly1305_init,\@function,3
+ .align 32
+ poly1305_init:
+@@ -495,10 +506,10 @@ poly1305_blocks_avx:
+
+ ################################# base 2^26 -> base 2^64
+ mov $d1#d,$h0#d
+- and \$-1<<31,$d1
++ and \$`-1*(1<<31)`,$d1
+ mov $d2,$r1 # borrow $r1
+ mov $d2#d,$h1#d
+- and \$-1<<31,$d2
++ and \$`-1*(1<<31)`,$d2
+
+ shr \$6,$d1
+ shl \$52,$r1
+@@ -1383,10 +1394,10 @@ poly1305_blocks_avx2:
+
+ ################################# base 2^26 -> base 2^64
+ mov $d1#d,$h0#d
+- and \$-1<<31,$d1
++ and \$`-1*(1<<31)`,$d1
+ mov $d2,$r1 # borrow $r1
+ mov $d2#d,$h1#d
+- and \$-1<<31,$d2
++ and \$`-1*(1<<31)`,$d2
+
+ shr \$6,$d1
+ shl \$52,$r1
+@@ -1991,7 +2002,7 @@ $code.=<<___;
+ .Lmask24:
+ .long 0x0ffffff,0,0x0ffffff,0,0x0ffffff,0,0x0ffffff,0
+ .L129:
+-.long 1<<24,0,1<<24,0,1<<24,0,1<<24,0
++.long `1<<24`,0,`1<<24`,0,`1<<24`,0,`1<<24`,0
+ .Lmask26:
+ .long 0x3ffffff,0,0x3ffffff,0,0x3ffffff,0,0x3ffffff,0
+ .Lfive:
+diff --git a/crypto/poly1305/build.info b/crypto/poly1305/build.info
+index 389c7f6..d575f5a 100644
+--- a/crypto/poly1305/build.info
++++ b/crypto/poly1305/build.info
+@@ -12,6 +12,7 @@ GENERATE[poly1305-armv4.S]=asm/poly1305-armv4.pl $(PERLASM_SCHEME)
+ INCLUDE[poly1305-armv4.o]=..
+ GENERATE[poly1305-armv8.S]=asm/poly1305-armv8.pl $(PERLASM_SCHEME)
+ INCLUDE[poly1305-armv8.o]=..
++GENERATE[poly1305-mips.S]=asm/poly1305-mips.pl $(PERLASM_SCHEME)
+
+ BEGINRAW[Makefile(unix)]
+ {- $builddir -}/poly1305-%.S: {- $sourcedir -}/asm/poly1305-%.pl
+diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c
+index 6bec8b3..55de19b 100644
+--- a/crypto/poly1305/poly1305.c
++++ b/crypto/poly1305/poly1305.c
+@@ -1,8 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Rights for redistribution and usage in source and binary
+- * forms are granted according to the OpenSSL license.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdlib.h>
+@@ -94,7 +96,7 @@ typedef unsigned int u32;
+ * POLY1305_BLOCK_SIZE and |padbit| to 0. In all other cases |padbit|
+ * should be set to 1 to perform implicit padding with 128th bit.
+ * poly1305_blocks does not actually check for this constraint though,
+- * it's caller(*)'s resposibility to comply.
++ * it's caller(*)'s responsibility to comply.
+ *
+ * (*) In the context "caller" is not application code, but higher
+ * level Poly1305_* from this very module, so that quirks are
+@@ -185,9 +187,9 @@ poly1305_blocks(void *ctx, const unsigned char *inp, size_t len, u32 padbit)
+ h0 = (u64)(d0 = (u128)h0 + U8TOU64(inp + 0));
+ h1 = (u64)(d1 = (u128)h1 + (d0 >> 64) + U8TOU64(inp + 8));
+ /*
+- * padbit can be zero only when original len was
+- * POLY1306_BLOCK_SIZE, but we don't check
+- */
++ * padbit can be zero only when original len was
++ * POLY1306_BLOCK_SIZE, but we don't check
++ */
+ h2 += (u64)(d1 >> 64) + padbit;
+
+ /* h *= r "%" p, where "%" stands for "partial remainder" */
+@@ -195,7 +197,7 @@ poly1305_blocks(void *ctx, const unsigned char *inp, size_t len, u32 padbit)
+ ((u128)h1 * s1);
+ d1 = ((u128)h0 * r1) +
+ ((u128)h1 * r0) +
+- (h2 * s1);
++ (h2 * s1);
+ h2 = (h2 * r0);
+
+ /* last reduction step: */
+@@ -590,7 +592,8 @@ static const struct poly1305_test poly1305_tests[] = {
+ "5154ad0d2cb26e01274fc51148491f1b"
+ },
+ /*
+- * self-generated
++ * self-generated vectors exercise "significant" lengths, such that
++ * are handled by different code paths
+ */
+ {
+ "ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0"
+@@ -672,6 +675,21 @@ static const struct poly1305_test poly1305_tests[] = {
+ "12976a08c4426d0ce8a82407c4f48207""80f8c20aa71202d1e29179cbcb555a57",
+ "b846d44e9bbd53cedffbfbb6b7fa4933"
+ },
++ /*
++ * 4th power of the key spills to 131th bit in SIMD key setup
++ */
++ {
++ "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
++ "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
++ "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
++ "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
++ "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
++ "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
++ "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
++ "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
++ "ad628107e8351d0f2c231a05dc4a4106""00000000000000000000000000000000",
++ "07145a4c02fe5fa32036de68fabe9066"
++ },
+ {
+ /*
+ * poly1305_ieee754.c failed this in final stage
+@@ -855,14 +873,11 @@ static const struct poly1305_test poly1305_tests[] = {
+
+ static unsigned char hex_digit(char h)
+ {
+- if (h >= '0' && h <= '9')
+- return h - '0';
+- else if (h >= 'a' && h <= 'f')
+- return h - 'a' + 10;
+- else if (h >= 'A' && h <= 'F')
+- return h - 'A' + 10;
+- else
++ int i = OPENSSL_hexchar2int(h);
++
++ if (i < 0)
+ abort();
++ return i;
+ }
+
+ static void hex_decode(unsigned char *out, const char *hex)
+@@ -996,14 +1011,14 @@ int main()
+ Poly1305_Init(&poly1305, key);
+
+ for (i=0;i<100000;i++)
+- Poly1305_Update(&poly1305,buf,sizeof(buf));
++ Poly1305_Update(&poly1305,buf,sizeof(buf));
+
+- stopwatch = OPENSSL_rdtsc();
++ stopwatch = OPENSSL_rdtsc();
+ for (i=0;i<10000;i++)
+- Poly1305_Update(&poly1305,buf,sizeof(buf));
+- stopwatch = OPENSSL_rdtsc() - stopwatch;
++ Poly1305_Update(&poly1305,buf,sizeof(buf));
++ stopwatch = OPENSSL_rdtsc() - stopwatch;
+
+- printf("%g\n",stopwatch/(double)(i*sizeof(buf)));
++ printf("%g\n",stopwatch/(double)(i*sizeof(buf)));
+
+ stopwatch = OPENSSL_rdtsc();
+ for (i=0;i<10000;i++) {
+diff --git a/crypto/poly1305/poly1305_ieee754.c b/crypto/poly1305/poly1305_ieee754.c
+index 7c02c1d..08a5b58 100644
+--- a/crypto/poly1305/poly1305_ieee754.c
++++ b/crypto/poly1305/poly1305_ieee754.c
+@@ -1,8 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Rights for redistribution and usage in source and binary
+- * forms are granted according to the OpenSSL license.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/ppc_arch.h b/crypto/ppc_arch.h
+index a27fb72..65cf96f 100644
+--- a/crypto/ppc_arch.h
++++ b/crypto/ppc_arch.h
+@@ -1,5 +1,14 @@
+-#ifndef __PPC_ARCH_H__
+-# define __PPC_ARCH_H__
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++#ifndef HEADER_PPC_ARCH_H
++# define HEADER_PPC_ARCH_H
+
+ extern unsigned int OPENSSL_ppccap_P;
+
+diff --git a/crypto/ppccap.c b/crypto/ppccap.c
+index 2c98daf..712ee79 100644
+--- a/crypto/ppccap.c
++++ b/crypto/ppccap.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -79,6 +88,7 @@ void sha512_block_data_order(void *ctx, const void *inp, size_t len)
+ sha512_block_ppc(ctx, inp, len);
+ }
+
++#ifndef OPENSSL_NO_CHACHA
+ void ChaCha20_ctr32_int(unsigned char *out, const unsigned char *inp,
+ size_t len, const unsigned int key[8],
+ const unsigned int counter[4]);
+@@ -93,7 +103,9 @@ void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
+ ? ChaCha20_ctr32_vmx(out, inp, len, key, counter)
+ : ChaCha20_ctr32_int(out, inp, len, key, counter);
+ }
++#endif
+
++#ifndef OPENSSL_NO_POLY1305
+ void poly1305_init_int(void *ctx, const unsigned char key[16]);
+ void poly1305_blocks(void *ctx, const unsigned char *inp, size_t len,
+ unsigned int padbit);
+@@ -117,6 +129,7 @@ int poly1305_init(void *ctx, const unsigned char key[16], void *func[2])
+ }
+ return 1;
+ }
++#endif
+
+ static sigjmp_buf ill_jmp;
+ static void ill_handler(int sig)
+@@ -128,6 +141,7 @@ void OPENSSL_fpu_probe(void);
+ void OPENSSL_ppc64_probe(void);
+ void OPENSSL_altivec_probe(void);
+ void OPENSSL_crypto207_probe(void);
++void OPENSSL_madd300_probe(void);
+
+ /*
+ * Use a weak reference to getauxval() so we can use it if it is available
+@@ -220,7 +234,7 @@ void OPENSSL_cpuid_setup(void)
+ unsigned long hwcap = getauxval(HWCAP);
+
+ if (hwcap & HWCAP_FPU) {
+- OPENSSL_ppccap_P |= PPC_FPU;
++ OPENSSL_ppccap_P |= PPC_FPU;
+
+ if (sizeof(size_t) == 4) {
+ /* In 32-bit case PPC_FPU64 is always fastest [if option] */
+diff --git a/crypto/ppccpuid.pl b/crypto/ppccpuid.pl
+index 9de1355..9d1cada 100755
+--- a/crypto/ppccpuid.pl
++++ b/crypto/ppccpuid.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $flavour = shift;
+
+@@ -170,6 +177,32 @@ Laligned:
+ .byte 0,12,0x14,0,0,0,2,0
+ .long 0
+ .size .OPENSSL_cleanse,.-.OPENSSL_cleanse
++
++globl .CRYPTO_memcmp
++.align 4
++.CRYPTO_memcmp:
++ $CMPLI r5,0
++ li r0,0
++ beq Lno_data
++ mtctr r5
++Loop_cmp:
++ lbz r6,0(r3)
++ addi r3,r3,1
++ lbz r7,0(r4)
++ addi r4,r4,1
++ xor r6,r6,r7
++ or r0,r0,r6
++ bdnz Loop_cmp
++
++Lno_data:
++ li r3,0
++ sub r3,r3,r0
++ extrwi r3,r3,1,0
++ blr
++ .long 0
++ .byte 0,12,0x14,0,0,0,3,0
++ .long 0
++.size .CRYPTO_memcmp,.-.CRYPTO_memcmp
+ ___
+ {
+ my ($out,$cnt,$max)=("r3","r4","r5");
+diff --git a/crypto/rand/Makefile.in b/crypto/rand/Makefile.in
+deleted file mode 100644
+index 5442402..0000000
+--- a/crypto/rand/Makefile.in
++++ /dev/null
+@@ -1,45 +0,0 @@
+-#
+-# OpenSSL/crypto/rand/Makefile
+-#
+-
+-DIR= rand
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \
+- rand_win.c rand_unix.c
+-LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \
+- rand_win.o rand_unix.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
+index e9574b0..4b874e3 100644
+--- a/crypto/rand/md_rand.c
++++ b/crypto/rand/md_rand.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -125,7 +24,6 @@
+ #include <openssl/rand.h>
+ #include <openssl/async.h>
+ #include "rand_lcl.h"
+-#include "internal/threads.h"
+
+ #include <openssl/err.h>
+
+diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c
+index 47a5752..f4bfd86 100644
+--- a/crypto/rand/rand_egd.c
++++ b/crypto/rand/rand_egd.c
+@@ -1,56 +1,10 @@
+-/* Written by Ulf Moeller and Lutz Jaenicke for the OpenSSL project. */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/opensslconf.h>
+diff --git a/crypto/rand/rand_err.c b/crypto/rand/rand_err.c
+index d01393a..c58e7ee 100644
+--- a/crypto/rand/rand_err.c
++++ b/crypto/rand/rand_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -69,25 +19,12 @@
+ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason)
+
+ static ERR_STRING_DATA RAND_str_functs[] = {
+- {ERR_FUNC(RAND_F_FIPS_RAND), "FIPS_RAND"},
+- {ERR_FUNC(RAND_F_FIPS_RAND_SET_DT), "FIPS_RAND_SET_DT"},
+- {ERR_FUNC(RAND_F_FIPS_SET_PRNG_SEED), "FIPS_SET_PRNG_SEED"},
+- {ERR_FUNC(RAND_F_FIPS_SET_TEST_MODE), "FIPS_SET_TEST_MODE"},
+- {ERR_FUNC(RAND_F_FIPS_X931_SET_DT), "FIPS_x931_set_dt"},
+ {ERR_FUNC(RAND_F_RAND_BYTES), "RAND_bytes"},
+- {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"},
+ {0, NULL}
+ };
+
+ static ERR_STRING_DATA RAND_str_reasons[] = {
+- {ERR_REASON(RAND_R_NOT_IN_TEST_MODE), "not in test mode"},
+- {ERR_REASON(RAND_R_NO_KEY_SET), "no key set"},
+- {ERR_REASON(RAND_R_PRNG_ERROR), "prng error"},
+- {ERR_REASON(RAND_R_PRNG_KEYED), "prng keyed"},
+ {ERR_REASON(RAND_R_PRNG_NOT_SEEDED), "PRNG not seeded"},
+- {ERR_REASON(RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY),
+- "prng seed must not match key"},
+- {ERR_REASON(RAND_R_PRNG_STUCK), "prng stuck"},
+ {0, NULL}
+ };
+
+diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h
+index daa48dd..d98c90e 100644
+--- a/crypto/rand/rand_lcl.h
++++ b/crypto/rand/rand_lcl.h
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_RAND_LCL_H
+diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
+index 9871113..2387126 100644
+--- a/crypto/rand/rand_lib.c
++++ b/crypto/rand/rand_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
+index 1aff444..e231ecd 100644
+--- a/crypto/rand/rand_unix.c
++++ b/crypto/rand/rand_unix.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+
+ #define USE_SOCKETS
+diff --git a/crypto/rand/rand_vms.c b/crypto/rand/rand_vms.c
+index 5919f48..ae6f17d 100644
+--- a/crypto/rand/rand_vms.c
++++ b/crypto/rand/rand_vms.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte <richard at levitte.org> for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rand.h>
+diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c
+index bf85d37..cb0c1ed 100644
+--- a/crypto/rand/rand_win.c
++++ b/crypto/rand/rand_win.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
+index 3ee6bf5..49f5405 100644
+--- a/crypto/rand/randfile.c
++++ b/crypto/rand/randfile.c
+@@ -1,67 +1,14 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "e_os.h"
+
+-/* We need to define this to get macros like S_IFBLK and S_IFCHR */
+-#if !defined(OPENSSL_SYS_VXWORKS)
+-# define _XOPEN_SOURCE 500
+-#endif
+-
+ #include <errno.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+@@ -80,6 +27,29 @@
+ #ifndef OPENSSL_NO_POSIX_IO
+ # include <sys/stat.h>
+ # include <fcntl.h>
++/*
++ * Following should not be needed, and we could have been stricter
++ * and demand S_IS*. But some systems just don't comply... Formally
++ * below macros are "anatomically incorrect", because normally they
++ * would look like ((m) & MASK == TYPE), but since MASK availability
++ * is as questionable, we settle for this poor-man fallback...
++ */
++# if !defined(S_ISBLK)
++# if defined(_S_IFBLK)
++# define S_ISBLK(m) ((m) & _S_IFBLK)
++# elif defined(S_IFBLK)
++# define S_ISBLK(m) ((m) & S_IFBLK)
++# elif defined(_WIN32)
++# define S_ISBLK(m) 0 /* no concept of block devices on Windows */
++# endif
++# endif
++# if !defined(S_ISCHR)
++# if defined(_S_IFCHR)
++# define S_ISCHR(m) ((m) & _S_IFCHR)
++# elif defined(S_IFCHR)
++# define S_ISCHR(m) ((m) & S_IFCHR)
++# endif
++# endif
+ #endif
+
+ #ifdef _WIN32
+@@ -95,12 +65,45 @@
+
+ #ifdef OPENSSL_SYS_VMS
+ /*
++ * Misc hacks needed for specific cases.
++ *
++ * __FILE_ptr32 is a type provided by DEC C headers (types.h specifically)
++ * to make sure the FILE* is a 32-bit pointer no matter what. We know that
++ * stdio function return this type (a study of stdio.h proves it).
++ * Additionally, we create a similar char pointer type for the sake of
++ * vms_setbuf below.
++ */
++# if __INITIAL_POINTER_SIZE == 64
++# pragma pointer_size save
++# pragma pointer_size 32
++# endif
++typedef char *char_ptr32;
++# if __INITIAL_POINTER_SIZE == 64
++# pragma pointer_size restore
++# endif
++
++/*
++ * On VMS, setbuf() will only take 32-bit pointers, and a compilation
++ * with /POINTER_SIZE=64 will give off a MAYLOSEDATA2 warning here.
++ * Since we know that the FILE* really is a 32-bit pointer expanded to
++ * 64 bits, we also know it's safe to convert it back to a 32-bit pointer.
++ * As for the buffer parameter, we only use NULL here, so that passes as
++ * well...
++ */
++static void vms_setbuf(FILE *fp, char *buf)
++{
++ setbuf((__FILE_ptr32)fp, (char_ptr32)buf);
++}
++/*
+ * This declaration is a nasty hack to get around vms' extension to fopen for
+- * passing in sharing options being disabled by our /STANDARD=ANSI89
++ * passing in sharing options being disabled by /STANDARD=ANSI89
+ */
+-static FILE *(*const vms_fopen)(const char *, const char *, ...) =
+- (FILE *(*)(const char *, const char *, ...))fopen;
++static __FILE_ptr32 (*const vms_fopen)(const char *, const char *, ...) =
++ (__FILE_ptr32 (*)(const char *, const char *, ...))fopen;
+ # define VMS_OPEN_ATTRS "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0"
++
++# define fopen(fname,mode) vms_fopen((fname), (mode), VMS_OPEN_ATTRS)
++# define setbuf(fp,buf) vms_setbuf((fp), (buf))
+ #endif
+
+ #define RFILE ".rnd"
+@@ -142,22 +145,18 @@ int RAND_load_file(const char *file, long bytes)
+ if (bytes == 0)
+ return (ret);
+
+-#ifdef OPENSSL_SYS_VMS
+- in = vms_fopen(file, "rb", VMS_OPEN_ATTRS);
+-#else
+ in = fopen(file, "rb");
+-#endif
+ if (in == NULL)
+ goto err;
+-#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO)
+- if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
++#if defined(S_ISBLK) && defined(S_ISCHR) && !defined(OPENSSL_NO_POSIX_IO)
++ if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
+ /*
+ * this file is a device. we don't want read an infinite number of
+ * bytes from a random device, nor do we want to use buffered I/O
+ * because we will waste system entropy.
+ */
+ bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
+- setbuf(stdin, NULL); /* don't do buffered reads */
++ setbuf(in, NULL); /* don't do buffered reads */
+ }
+ #endif
+ for (;;) {
+@@ -242,13 +241,10 @@ int RAND_write_file(const char *file)
+ * rand file in a concurrent use situation.
+ */
+
+- out = vms_fopen(file, "rb+", VMS_OPEN_ATTRS);
+- if (out == NULL)
+- out = vms_fopen(file, "wb", VMS_OPEN_ATTRS);
+-#else
++ out = fopen(file, "rb+");
++#endif
+ if (out == NULL)
+ out = fopen(file, "wb");
+-#endif
+ if (out == NULL)
+ goto err;
+
+diff --git a/crypto/rc2/Makefile.in b/crypto/rc2/Makefile.in
+deleted file mode 100644
+index 1a09360..0000000
+--- a/crypto/rc2/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/rc2/Makefile
+-#
+-
+-DIR= rc2
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+-LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= rc2_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/rc2/rc2_cbc.c b/crypto/rc2/rc2_cbc.c
+index b574c96..2b59353 100644
+--- a/crypto/rc2/rc2_cbc.c
++++ b/crypto/rc2/rc2_cbc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc2.h>
+diff --git a/crypto/rc2/rc2_ecb.c b/crypto/rc2/rc2_ecb.c
+index 047c0fc..b87931f 100644
+--- a/crypto/rc2/rc2_ecb.c
++++ b/crypto/rc2/rc2_ecb.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc2.h>
+diff --git a/crypto/rc2/rc2_locl.h b/crypto/rc2/rc2_locl.h
+index ba1880c..a9a57d6 100644
+--- a/crypto/rc2/rc2_locl.h
++++ b/crypto/rc2/rc2_locl.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #undef c2l
+diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c
+index 52a3710..55d8ba3 100644
+--- a/crypto/rc2/rc2_skey.c
++++ b/crypto/rc2/rc2_skey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc2.h>
+diff --git a/crypto/rc2/rc2cfb64.c b/crypto/rc2/rc2cfb64.c
+index bb3df00..e11093d 100644
+--- a/crypto/rc2/rc2cfb64.c
++++ b/crypto/rc2/rc2cfb64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc2.h>
+diff --git a/crypto/rc2/rc2ofb64.c b/crypto/rc2/rc2ofb64.c
+index aec7ba3..d610278 100644
+--- a/crypto/rc2/rc2ofb64.c
++++ b/crypto/rc2/rc2ofb64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc2.h>
+diff --git a/crypto/rc2/tab.c b/crypto/rc2/tab.c
+index 0534e37..bc95dc4 100644
+--- a/crypto/rc2/tab.c
++++ b/crypto/rc2/tab.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <stdio.h>
+
+ unsigned char ebits_to_num[256] = {
+diff --git a/crypto/rc4/Makefile.in b/crypto/rc4/Makefile.in
+deleted file mode 100644
+index 816ec2f..0000000
+--- a/crypto/rc4/Makefile.in
++++ /dev/null
+@@ -1,71 +0,0 @@
+-#
+-# OpenSSL/crypto/rc4/Makefile
+-#
+-
+-DIR= rc4
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-AR= ar r
+-
+-RC4_ENC=rc4_enc.o rc4_skey.o
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=rc4_skey.c rc4_enc.c
+-LIBOBJ=$(RC4_ENC)
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= rc4_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-rc4-586.s: asm/rc4-586.pl ../perlasm/x86asm.pl
+- $(PERL) asm/rc4-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-
+-rc4-x86_64.s: asm/rc4-x86_64.pl
+- $(PERL) asm/rc4-x86_64.pl $(PERLASM_SCHEME) $@
+-rc4-md5-x86_64.s: asm/rc4-md5-x86_64.pl
+- $(PERL) asm/rc4-md5-x86_64.pl $(PERLASM_SCHEME) $@
+-
+-rc4-ia64.S: asm/rc4-ia64.pl
+- $(PERL) asm/rc4-ia64.pl $(CFLAGS) $@
+-
+-rc4-parisc.s: asm/rc4-parisc.pl
+- $(PERL) asm/rc4-parisc.pl $(PERLASM_SCHEME) $@
+-
+-rc4-ia64.s: rc4-ia64.S
+- @case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \
+- int) set -x; $(CC) $(CFLAGS) -DSZ=4 -E rc4-ia64.S > $@ ;; \
+- char) set -x; $(CC) $(CFLAGS) -DSZ=1 -E rc4-ia64.S > $@ ;; \
+- *) exit 1 ;; \
+- esac
+-
+-# GNU make "catch all"
+-rc4-%.s: asm/rc4-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/rc4/asm/rc4-586.pl b/crypto/rc4/asm/rc4-586.pl
+index a517adb..9361777 100644
+--- a/crypto/rc4/asm/rc4-586.pl
++++ b/crypto/rc4/asm/rc4-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # [Re]written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/rc4/asm/rc4-c64xplus.pl b/crypto/rc4/asm/rc4-c64xplus.pl
+index 6e5fe05..daed75c 100644
+--- a/crypto/rc4/asm/rc4-c64xplus.pl
++++ b/crypto/rc4/asm/rc4-c64xplus.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/rc4/asm/rc4-ia64.pl b/crypto/rc4/asm/rc4-ia64.pl
+index b83e53a..5e8f5f5 100644
+--- a/crypto/rc4/asm/rc4-ia64.pl
++++ b/crypto/rc4/asm/rc4-ia64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by David Mosberger <David.Mosberger at acm.org> based on the
+diff --git a/crypto/rc4/asm/rc4-md5-x86_64.pl b/crypto/rc4/asm/rc4-md5-x86_64.pl
+index a92fe92..642e2b8 100644
+--- a/crypto/rc4/asm/rc4-md5-x86_64.pl
++++ b/crypto/rc4/asm/rc4-md5-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/rc4/asm/rc4-parisc.pl b/crypto/rc4/asm/rc4-parisc.pl
+index bc366ec..006b6b0 100644
+--- a/crypto/rc4/asm/rc4-parisc.pl
++++ b/crypto/rc4/asm/rc4-parisc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/rc4/asm/rc4-s390x.pl b/crypto/rc4/asm/rc4-s390x.pl
+index fa6a23e..5589503 100644
+--- a/crypto/rc4/asm/rc4-s390x.pl
++++ b/crypto/rc4/asm/rc4-s390x.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/rc4/asm/rc4-x86_64.pl b/crypto/rc4/asm/rc4-x86_64.pl
+index 4675106..900d209 100755
+--- a/crypto/rc4/asm/rc4-x86_64.pl
++++ b/crypto/rc4/asm/rc4-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c
+index e7397b4..be11bad 100644
+--- a/crypto/rc4/rc4_enc.c
++++ b/crypto/rc4/rc4_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc4.h>
+diff --git a/crypto/rc4/rc4_locl.h b/crypto/rc4/rc4_locl.h
+index 3ab2570..4380add 100644
+--- a/crypto/rc4/rc4_locl.h
++++ b/crypto/rc4/rc4_locl.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #ifndef HEADER_RC4_LOCL_H
+ # define HEADER_RC4_LOCL_H
+
+diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c
+index 9931a61..16f81a4 100644
+--- a/crypto/rc4/rc4_skey.c
++++ b/crypto/rc4/rc4_skey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc4.h>
+diff --git a/crypto/rc5/Makefile.in b/crypto/rc5/Makefile.in
+deleted file mode 100644
+index 554d0ef..0000000
+--- a/crypto/rc5/Makefile.in
++++ /dev/null
+@@ -1,51 +0,0 @@
+-#
+-# OpenSSL/crypto/rc5/Makefile
+-#
+-
+-DIR= rc5
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-RC5_ENC= rc5_enc.o
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c
+-LIBOBJ=rc5_skey.o rc5_ecb.o $(RC5_ENC) rc5cfb64.o rc5ofb64.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= rc5_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-rc5-586.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+- $(PERL) asm/rc5-586.pl $(PERLASM_SCHEME) $(CFLAGS) $@
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/rc5/asm/rc5-586.pl b/crypto/rc5/asm/rc5-586.pl
+index a0d85f2..e3e1c64 100644
+--- a/crypto/rc5/asm/rc5-586.pl
++++ b/crypto/rc5/asm/rc5-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+ push(@INC,"${dir}","${dir}../../perlasm");
+diff --git a/crypto/rc5/rc5_ecb.c b/crypto/rc5/rc5_ecb.c
+index b762b1e..c32f38e 100644
+--- a/crypto/rc5/rc5_ecb.c
++++ b/crypto/rc5/rc5_ecb.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc5.h>
+diff --git a/crypto/rc5/rc5_enc.c b/crypto/rc5/rc5_enc.c
+index 8bcbad9..58631de 100644
+--- a/crypto/rc5/rc5_enc.c
++++ b/crypto/rc5/rc5_enc.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rc5/rc5_locl.h b/crypto/rc5/rc5_locl.h
+index 6b34f92..33a709b 100644
+--- a/crypto/rc5/rc5_locl.h
++++ b/crypto/rc5/rc5_locl.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdlib.h>
+diff --git a/crypto/rc5/rc5_skey.c b/crypto/rc5/rc5_skey.c
+index bfbb419..943a784 100644
+--- a/crypto/rc5/rc5_skey.c
++++ b/crypto/rc5/rc5_skey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc5.h>
+diff --git a/crypto/rc5/rc5cfb64.c b/crypto/rc5/rc5cfb64.c
+index 70d8d23..9a8aa6b 100644
+--- a/crypto/rc5/rc5cfb64.c
++++ b/crypto/rc5/rc5cfb64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc5.h>
+diff --git a/crypto/rc5/rc5ofb64.c b/crypto/rc5/rc5ofb64.c
+index 81c2005..3a41d77 100644
+--- a/crypto/rc5/rc5ofb64.c
++++ b/crypto/rc5/rc5ofb64.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rc5.h>
+diff --git a/crypto/ripemd/Makefile.in b/crypto/ripemd/Makefile.in
+deleted file mode 100644
+index 4a87049..0000000
+--- a/crypto/ripemd/Makefile.in
++++ /dev/null
+@@ -1,51 +0,0 @@
+-#
+-# OpenSSL/crypto/ripemd/Makefile
+-#
+-
+-DIR= ripemd
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-RIP_ASM_OBJ=
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=rmd_dgst.c rmd_one.c
+-LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ)
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= rmd_locl.h rmdconst.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-rmd-586.s: asm/rmd-586.pl ../perlasm/x86asm.pl
+- $(PERL) asm/rmd-586.pl $(PERLASM_SCHEME) $(CFLAGS) $@
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/ripemd/asm/rmd-586.pl b/crypto/ripemd/asm/rmd-586.pl
+index fd32a73..544c496 100644
+--- a/crypto/ripemd/asm/rmd-586.pl
++++ b/crypto/ripemd/asm/rmd-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # Normal is the
+ # ripemd160_block_asm_data_order(RIPEMD160_CTX *c, ULONG *X,int blocks);
+diff --git a/crypto/ripemd/rmd_dgst.c b/crypto/ripemd/rmd_dgst.c
+index fc50d5c..a1670c7 100644
+--- a/crypto/ripemd/rmd_dgst.c
++++ b/crypto/ripemd/rmd_dgst.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ripemd/rmd_locl.h b/crypto/ripemd/rmd_locl.h
+index c08178c..9c5ba15 100644
+--- a/crypto/ripemd/rmd_locl.h
++++ b/crypto/ripemd/rmd_locl.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdlib.h>
+@@ -66,7 +18,7 @@
+ * <appro at fy.chalmers.se>
+ */
+ #ifdef RMD160_ASM
+-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
++# if defined(__i386) || defined(__i386__) || defined(_M_IX86)
+ # define ripemd160_block_data_order ripemd160_block_asm_data_order
+ # endif
+ #endif
+diff --git a/crypto/ripemd/rmd_one.c b/crypto/ripemd/rmd_one.c
+index 31f052c..c3193bd 100644
+--- a/crypto/ripemd/rmd_one.c
++++ b/crypto/ripemd/rmd_one.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ripemd/rmdconst.h b/crypto/ripemd/rmdconst.h
+index f8d8723..b810132 100644
+--- a/crypto/ripemd/rmdconst.h
++++ b/crypto/ripemd/rmdconst.h
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #define KL0 0x00000000L
+ #define KL1 0x5A827999L
+ #define KL2 0x6ED9EBA1L
+diff --git a/crypto/rsa/Makefile.in b/crypto/rsa/Makefile.in
+deleted file mode 100644
+index 199d887..0000000
+--- a/crypto/rsa/Makefile.in
++++ /dev/null
+@@ -1,49 +0,0 @@
+-#
+-# OpenSSL/crypto/rsa/Makefile
+-#
+-
+-DIR= rsa
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= rsa_ossl.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
+- rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
+- rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \
+- rsa_pmeth.c rsa_crpt.c rsa_x931g.c rsa_meth.c
+-LIBOBJ= rsa_ossl.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
+- rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
+- rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o rsa_ameth.o rsa_prn.o \
+- rsa_pmeth.o rsa_crpt.o rsa_x931g.o rsa_meth.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
+index 4ff2665..4f9c056 100644
+--- a/crypto/rsa/rsa_ameth.c
++++ b/crypto/rsa/rsa_ameth.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -849,10 +800,11 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
+ if (!rsa_md_to_mgf1(&oaep->maskGenFunc, mgf1md))
+ goto err;
+ if (labellen > 0) {
+- ASN1_OCTET_STRING *los = ASN1_OCTET_STRING_new();
++ ASN1_OCTET_STRING *los;
+ oaep->pSourceFunc = X509_ALGOR_new();
+ if (oaep->pSourceFunc == NULL)
+ goto err;
++ los = ASN1_OCTET_STRING_new();
+ if (los == NULL)
+ goto err;
+ if (!ASN1_OCTET_STRING_set(los, label, labellen)) {
+diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c
+index da8b240..20f8ebf 100644
+--- a/crypto/rsa/rsa_asn1.c
++++ b/crypto/rsa/rsa_asn1.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c
+index f780508..0adf169 100644
+--- a/crypto/rsa/rsa_chk.c
++++ b/crypto/rsa/rsa_chk.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/bn.h>
+diff --git a/crypto/rsa/rsa_crpt.c b/crypto/rsa/rsa_crpt.c
+index 6cc3c70..aca085a 100644
+--- a/crypto/rsa/rsa_crpt.c
++++ b/crypto/rsa/rsa_crpt.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rsa/rsa_depr.c b/crypto/rsa/rsa_depr.c
+index 18e4065..21e0562 100644
+--- a/crypto/rsa/rsa_depr.c
++++ b/crypto/rsa/rsa_depr.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
+index 811fcfe..a92ea5d 100644
+--- a/crypto/rsa/rsa_err.c
++++ b/crypto/rsa/rsa_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -70,12 +20,7 @@
+
+ static ERR_STRING_DATA RSA_str_functs[] = {
+ {ERR_FUNC(RSA_F_CHECK_PADDING_MD), "check_padding_md"},
+- {ERR_FUNC(RSA_F_DO_RSA_PRINT), "do_rsa_print"},
+- {ERR_FUNC(RSA_F_FIPS_RSA_SIGN_DIGEST), "FIPS_rsa_sign_digest"},
+- {ERR_FUNC(RSA_F_FIPS_RSA_VERIFY), "FIPS_rsa_verify"},
+- {ERR_FUNC(RSA_F_FIPS_RSA_VERIFY_DIGEST), "FIPS_rsa_verify_digest"},
+ {ERR_FUNC(RSA_F_INT_RSA_VERIFY), "int_rsa_verify"},
+- {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
+ {ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE), "old_rsa_priv_decode"},
+ {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "pkey_rsa_ctrl"},
+ {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "pkey_rsa_ctrl_str"},
+@@ -86,24 +31,25 @@ static ERR_STRING_DATA RSA_str_functs[] = {
+ {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
+ {ERR_FUNC(RSA_F_RSA_CHECK_KEY_EX), "RSA_check_key_ex"},
+ {ERR_FUNC(RSA_F_RSA_CMS_DECRYPT), "rsa_cms_decrypt"},
+- {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_DECRYPT), "rsa_ossl_private_decrypt"},
+- {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT), "rsa_ossl_private_encrypt"},
+- {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_DECRYPT), "rsa_ossl_public_decrypt"},
+- {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT), "rsa_ossl_public_encrypt"},
+- {ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
+ {ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "rsa_item_verify"},
+ {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
++ {ERR_FUNC(RSA_F_RSA_METH_DUP), "RSA_meth_dup"},
++ {ERR_FUNC(RSA_F_RSA_METH_NEW), "RSA_meth_new"},
++ {ERR_FUNC(RSA_F_RSA_METH_SET1_NAME), "RSA_meth_set1_name"},
+ {ERR_FUNC(RSA_F_RSA_MGF1_TO_MD), "rsa_mgf1_to_md"},
+ {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
+ {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
+- {ERR_FUNC(RSA_F_RSA_NULL_MOD_EXP), "RSA_NULL_MOD_EXP"},
+ {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_DECRYPT), "RSA_null_private_decrypt"},
+ {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT), "RSA_null_private_encrypt"},
+ {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_null_public_decrypt"},
+ {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_null_public_encrypt"},
+- {ERR_FUNC(RSA_F_RSA_OAEP_TO_CTX), "RSA_OAEP_TO_CTX"},
++ {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_DECRYPT), "rsa_ossl_private_decrypt"},
++ {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT), "rsa_ossl_private_encrypt"},
++ {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_DECRYPT), "rsa_ossl_public_decrypt"},
++ {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT), "rsa_ossl_public_encrypt"},
+ {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
+- {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"},
++ {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP),
++ "RSA_padding_add_PKCS1_OAEP"},
+ {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1),
+ "RSA_padding_add_PKCS1_OAEP_mgf1"},
+ {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
+@@ -128,13 +74,13 @@ static ERR_STRING_DATA RSA_str_functs[] = {
+ {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
+ {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
+ {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
+- {ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"},
+ {ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "rsa_priv_encode"},
+ {ERR_FUNC(RSA_F_RSA_PSS_TO_CTX), "rsa_pss_to_ctx"},
+ {ERR_FUNC(RSA_F_RSA_PUB_DECODE), "rsa_pub_decode"},
+ {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
+ {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
+- {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"},
++ {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),
++ "RSA_sign_ASN1_OCTET_STRING"},
+ {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
+ {ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING),
+ "RSA_verify_ASN1_OCTET_STRING"},
+@@ -150,7 +96,8 @@ static ERR_STRING_DATA RSA_str_reasons[] = {
+ {ERR_REASON(RSA_R_BAD_SIGNATURE), "bad signature"},
+ {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01), "block type is not 01"},
+ {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02), "block type is not 02"},
+- {ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN), "data greater than mod len"},
++ {ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN),
++ "data greater than mod len"},
+ {ERR_REASON(RSA_R_DATA_TOO_LARGE), "data too large"},
+ {ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
+ "data too large for key size"},
+@@ -171,7 +118,6 @@ static ERR_STRING_DATA RSA_str_reasons[] = {
+ {ERR_REASON(RSA_R_INVALID_DIGEST), "invalid digest"},
+ {ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
+ {ERR_REASON(RSA_R_INVALID_HEADER), "invalid header"},
+- {ERR_REASON(RSA_R_INVALID_KEYBITS), "invalid keybits"},
+ {ERR_REASON(RSA_R_INVALID_LABEL), "invalid label"},
+ {ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH), "invalid message length"},
+ {ERR_REASON(RSA_R_INVALID_MGF1_MD), "invalid mgf1 md"},
+@@ -188,7 +134,8 @@ static ERR_STRING_DATA RSA_str_reasons[] = {
+ {ERR_REASON(RSA_R_LAST_OCTET_INVALID), "last octet invalid"},
+ {ERR_REASON(RSA_R_MODULUS_TOO_LARGE), "modulus too large"},
+ {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"},
+- {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING), "null before block missing"},
++ {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),
++ "null before block missing"},
+ {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q), "n does not equal p q"},
+ {ERR_REASON(RSA_R_OAEP_DECODING_ERROR), "oaep decoding error"},
+ {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
+@@ -208,7 +155,6 @@ static ERR_STRING_DATA RSA_str_reasons[] = {
+ {ERR_REASON(RSA_R_UNKNOWN_DIGEST), "unknown digest"},
+ {ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST), "unknown mask digest"},
+ {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE), "unknown padding type"},
+- {ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST), "unknown pss digest"},
+ {ERR_REASON(RSA_R_UNSUPPORTED_ENCRYPTION_TYPE),
+ "unsupported encryption type"},
+ {ERR_REASON(RSA_R_UNSUPPORTED_LABEL_SOURCE), "unsupported label source"},
+diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
+index c456258..b25d76e 100644
+--- a/crypto/rsa/rsa_gen.c
++++ b/crypto/rsa/rsa_gen.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
+index 7ee575d..4f93cbc 100644
+--- a/crypto/rsa/rsa_lib.c
++++ b/crypto/rsa/rsa_lib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -118,21 +70,28 @@ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
+
+ RSA *RSA_new_method(ENGINE *engine)
+ {
+- RSA *ret;
++ RSA *ret = OPENSSL_zalloc(sizeof(*ret));
+
+- ret = OPENSSL_zalloc(sizeof(*ret));
+ if (ret == NULL) {
+ RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
++ ret->references = 1;
++ ret->lock = CRYPTO_THREAD_lock_new();
++ if (ret->lock == NULL) {
++ RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
++ OPENSSL_free(ret);
++ return NULL;
++ }
++
+ ret->meth = RSA_get_default_method();
+ #ifndef OPENSSL_NO_ENGINE
++ ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
+ if (engine) {
+ if (!ENGINE_init(engine)) {
+ RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+- OPENSSL_free(ret);
+- return NULL;
++ goto err;
+ }
+ ret->engine = engine;
+ } else
+@@ -141,39 +100,26 @@ RSA *RSA_new_method(ENGINE *engine)
+ ret->meth = ENGINE_get_RSA(ret->engine);
+ if (ret->meth == NULL) {
+ RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+- ENGINE_finish(ret->engine);
+- OPENSSL_free(ret);
+- return NULL;
++ goto err;
+ }
+ }
+ #endif
+
+- ret->references = 1;
+ ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
+-#ifndef OPENSSL_NO_ENGINE
+- ENGINE_finish(ret->engine);
+-#endif
+- OPENSSL_free(ret);
+- return NULL;
+- }
+-
+- ret->lock = CRYPTO_THREAD_lock_new();
+- if (ret->lock == NULL) {
+-#ifndef OPENSSL_NO_ENGINE
+- ENGINE_finish(ret->engine);
+-#endif
+- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
+- OPENSSL_free(ret);
+- return NULL;
++ goto err;
+ }
+
+ if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+- RSA_free(ret);
+- ret = NULL;
++ RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_INIT_FAIL);
++ goto err;
+ }
+
+ return ret;
++
++err:
++ RSA_free(ret);
++ return NULL;
+ }
+
+ void RSA_free(RSA *r)
+@@ -286,44 +232,79 @@ int RSA_security_bits(const RSA *rsa)
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
+ {
+- /* d is the private component and may be NULL */
+- if (n == NULL || e == NULL)
++ /* If the fields in r are NULL, the corresponding input
++ * parameters MUST be non-NULL for n and e. d may be
++ * left NULL (in case only the public key is used).
++ *
++ * It is an error to give the results from get0 on r
++ * as input parameters.
++ */
++ if (n == r->n || e == r->e
++ || (r->d != NULL && d == r->d))
+ return 0;
+
+- BN_free(r->n);
+- BN_free(r->e);
+- BN_free(r->d);
+- r->n = n;
+- r->e = e;
+- r->d = d;
++ if (n != NULL) {
++ BN_free(r->n);
++ r->n = n;
++ }
++ if (e != NULL) {
++ BN_free(r->e);
++ r->e = e;
++ }
++ if (d != NULL) {
++ BN_free(r->d);
++ r->d = d;
++ }
+
+ return 1;
+ }
+
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
+ {
+- if (p == NULL || q == NULL)
++ /* If the fields in r are NULL, the corresponding input
++ * parameters MUST be non-NULL.
++ *
++ * It is an error to give the results from get0 on r
++ * as input parameters.
++ */
++ if (p == r->p || q == r->q)
+ return 0;
+
+- BN_free(r->p);
+- BN_free(r->q);
+- r->p = p;
+- r->q = q;
++ if (p != NULL) {
++ BN_free(r->p);
++ r->p = p;
++ }
++ if (q != NULL) {
++ BN_free(r->q);
++ r->q = q;
++ }
+
+ return 1;
+ }
+
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
+ {
+- if (dmp1 == NULL || dmq1 == NULL || iqmp == NULL)
++ /* If the fields in r are NULL, the corresponding input
++ * parameters MUST be non-NULL.
++ *
++ * It is an error to give the results from get0 on r
++ * as input parameters.
++ */
++ if (dmp1 == r->dmp1 || dmq1 == r->dmq1 || iqmp == r->iqmp)
+ return 0;
+
+- BN_free(r->dmp1);
+- BN_free(r->dmq1);
+- BN_free(r->iqmp);
+- r->dmp1 = dmp1;
+- r->dmq1 = dmq1;
+- r->iqmp = iqmp;
++ if (dmp1 != NULL) {
++ BN_free(r->dmp1);
++ r->dmp1 = dmp1;
++ }
++ if (dmq1 != NULL) {
++ BN_free(r->dmq1);
++ r->dmq1 = dmq1;
++ }
++ if (iqmp != NULL) {
++ BN_free(r->iqmp);
++ r->iqmp = iqmp;
++ }
+
+ return 1;
+ }
+diff --git a/crypto/rsa/rsa_locl.h b/crypto/rsa/rsa_locl.h
+index 598fcb7..5d16aa6 100644
+--- a/crypto/rsa/rsa_locl.h
++++ b/crypto/rsa/rsa_locl.h
+@@ -1,11 +1,10 @@
+ /*
+ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #include <openssl/rsa.h>
+diff --git a/crypto/rsa/rsa_meth.c b/crypto/rsa/rsa_meth.c
+index 6c7679d..ef0dc97 100644
+--- a/crypto/rsa/rsa_meth.c
++++ b/crypto/rsa/rsa_meth.c
+@@ -1,15 +1,15 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #include <string.h>
+ #include "rsa_locl.h"
++#include <openssl/err.h>
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags)
+ {
+@@ -17,6 +17,11 @@ RSA_METHOD *RSA_meth_new(const char *name, int flags)
+
+ if (meth != NULL) {
+ meth->name = OPENSSL_strdup(name);
++ if (meth->name == NULL) {
++ OPENSSL_free(meth);
++ RSAerr(RSA_F_RSA_METH_NEW, ERR_R_MALLOC_FAILURE);
++ return NULL;
++ }
+ meth->flags = flags;
+ }
+
+@@ -26,8 +31,7 @@ RSA_METHOD *RSA_meth_new(const char *name, int flags)
+ void RSA_meth_free(RSA_METHOD *meth)
+ {
+ if (meth != NULL) {
+- if (meth->name != NULL)
+- OPENSSL_free(meth->name);
++ OPENSSL_free(meth->name);
+ OPENSSL_free(meth);
+ }
+ }
+@@ -41,6 +45,11 @@ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth)
+ if (ret != NULL) {
+ memcpy(ret, meth, sizeof(*meth));
+ ret->name = OPENSSL_strdup(meth->name);
++ if (ret->name == NULL) {
++ OPENSSL_free(ret);
++ RSAerr(RSA_F_RSA_METH_DUP, ERR_R_MALLOC_FAILURE);
++ return NULL;
++ }
+ }
+
+ return ret;
+@@ -53,10 +62,18 @@ const char *RSA_meth_get0_name(const RSA_METHOD *meth)
+
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name)
+ {
++ char *tmpname;
++
++ tmpname = OPENSSL_strdup(name);
++ if (tmpname == NULL) {
++ RSAerr(RSA_F_RSA_METH_SET1_NAME, ERR_R_MALLOC_FAILURE);
++ return 0;
++ }
++
+ OPENSSL_free(meth->name);
+- meth->name = OPENSSL_strdup(name);
++ meth->name = tmpname;
+
+- return meth->name != NULL;
++ return 1;
+ }
+
+ int RSA_meth_get_flags(RSA_METHOD *meth)
+diff --git a/crypto/rsa/rsa_none.c b/crypto/rsa/rsa_none.c
+index c426bd3..006d3bd 100644
+--- a/crypto/rsa/rsa_none.c
++++ b/crypto/rsa/rsa_none.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/rsa/rsa_null.c b/crypto/rsa/rsa_null.c
+index 9f739f7..7f15955 100644
+--- a/crypto/rsa/rsa_null.c
++++ b/crypto/rsa/rsa_null.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
+index 27a6e78..c459b91 100644
+--- a/crypto/rsa/rsa_oaep.c
++++ b/crypto/rsa/rsa_oaep.c
+@@ -1,6 +1,10 @@
+ /*
+- * Written by Ulf Moeller. This software is distributed on an "AS IS" basis,
+- * WITHOUT WARRANTY OF ANY KIND, either express or implied.
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
+diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
+index 5c3c0bf..1aeaae9 100644
+--- a/crypto/rsa/rsa_ossl.c
++++ b/crypto/rsa/rsa_ossl.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c
+index 68d251b..bac7c26 100644
+--- a/crypto/rsa/rsa_pk1.c
++++ b/crypto/rsa/rsa_pk1.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/constant_time_locl.h"
+diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
+index b128d73..767c4e7 100644
+--- a/crypto/rsa/rsa_pmeth.c
++++ b/crypto/rsa/rsa_pmeth.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rsa/rsa_prn.c b/crypto/rsa/rsa_prn.c
+index f9e2572..5e6c599 100644
+--- a/crypto/rsa/rsa_prn.c
++++ b/crypto/rsa/rsa_prn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2006.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
+index abd915d..0ec63b2 100644
+--- a/crypto/rsa/rsa_pss.c
++++ b/crypto/rsa/rsa_pss.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c
+index 18bf6c9..9e5fff4 100644
+--- a/crypto/rsa/rsa_saos.c
++++ b/crypto/rsa/rsa_saos.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
+index 439d699..8946e19 100644
+--- a/crypto/rsa/rsa_sign.c
++++ b/crypto/rsa/rsa_sign.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c
+index 2762ad0..9ef6b80 100644
+--- a/crypto/rsa/rsa_ssl.c
++++ b/crypto/rsa/rsa_ssl.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rsa/rsa_x931.c b/crypto/rsa/rsa_x931.c
+index d8837a1..428a1e7 100644
+--- a/crypto/rsa/rsa_x931.c
++++ b/crypto/rsa/rsa_x931.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/rsa/rsa_x931g.c b/crypto/rsa/rsa_x931g.c
+index 1e164e8..9dd993f 100644
+--- a/crypto/rsa/rsa_x931g.c
++++ b/crypto/rsa/rsa_x931g.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/s390xcap.c b/crypto/s390xcap.c
+index 47d6b6f..675f2ec 100644
+--- a/crypto/s390xcap.c
++++ b/crypto/s390xcap.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+diff --git a/crypto/s390xcpuid.S b/crypto/s390xcpuid.S
+index 3402a24..df7b35a 100644
+--- a/crypto/s390xcpuid.S
++++ b/crypto/s390xcpuid.S
+@@ -5,14 +5,46 @@
+ .align 16
+ OPENSSL_s390x_facilities:
+ lghi %r0,0
+- larl %r2,OPENSSL_s390xcap_P
+- stg %r0,8(%r2)
+- .long 0xb2b02000 # stfle 0(%r2)
++ larl %r4,OPENSSL_s390xcap_P
++ stg %r0,8(%r4) # wipe capability vectors
++ stg %r0,16(%r4)
++ stg %r0,24(%r4)
++ stg %r0,32(%r4)
++ stg %r0,40(%r4)
++ stg %r0,48(%r4)
++ stg %r0,56(%r4)
++ stg %r0,64(%r4)
++ stg %r0,72(%r4)
++
++ .long 0xb2b04000 # stfle 0(%r4)
+ brc 8,.Ldone
+ lghi %r0,1
+- .long 0xb2b02000 # stfle 0(%r2)
++ .long 0xb2b04000 # stfle 0(%r4)
+ .Ldone:
+- lg %r2,0(%r2)
++ lmg %r2,%r3,0(%r4)
++ tmhl %r2,0x4000 # check for message-security-assist
++ jz .Lret
++
++ lghi %r0,0 # query kimd capabilities
++ la %r1,16(%r4)
++ .long 0xb93e0002 # kimd %r0,%r2
++
++ lghi %r0,0 # query km capability vector
++ la %r1,32(%r4)
++ .long 0xb92e0042 # km %r4,%r2
++
++ lghi %r0,0 # query kmc capability vector
++ la %r1,48(%r4)
++ .long 0xb92f0042 # kmc %r4,%r2
++
++ tmhh %r3,0x0004 # check for message-security-assist-4
++ jz .Lret
++
++ lghi %r0,0 # query kmctr capability vector
++ la %r1,64(%r4)
++ .long 0xb92d2042 # kmctr %r4,%r2,%r2
++
++.Lret:
+ br %r14
+ .size OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities
+
+@@ -93,6 +125,33 @@ OPENSSL_cleanse:
+ br %r14
+ .size OPENSSL_cleanse,.-OPENSSL_cleanse
+
++.globl CRYPTO_memcmp
++.type CRYPTO_memcmp, at function
++.align 16
++CRYPTO_memcmp:
++#if !defined(__s390x__) && !defined(__s390x)
++ llgfr %r4,%r4
++#endif
++ lghi %r5,0
++ clgr %r4,%r5
++ je .Lno_data
++
++.Loop_cmp:
++ llc %r0,0(%r2)
++ la %r2,1(%r2)
++ llc %r1,0(%r3)
++ la %r3,1(%r3)
++ xr %r1,%r0
++ or %r5,%r1
++ brctg %r4,.Loop_cmp
++
++ lnr %r5,%r5
++ srl %r5,31
++.Lno_data:
++ lgr %r2,%r5
++ br %r14
++.size CRYPTO_memcmp,.-CRYPTO_memcmp
++
+ .globl OPENSSL_instrument_bus
+ .type OPENSSL_instrument_bus, at function
+ .align 16
+@@ -112,4 +171,4 @@ OPENSSL_instrument_bus2:
+ .section .init
+ brasl %r14,OPENSSL_cpuid_setup
+
+-.comm OPENSSL_s390xcap_P,16,8
++.comm OPENSSL_s390xcap_P,80,8
+diff --git a/crypto/seed/Makefile.in b/crypto/seed/Makefile.in
+deleted file mode 100644
+index 2ae714d..0000000
+--- a/crypto/seed/Makefile.in
++++ /dev/null
+@@ -1,44 +0,0 @@
+-#
+-# crypto/seed/Makefile
+-#
+-
+-DIR= seed
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=seed.c seed_ecb.c seed_cbc.c seed_cfb.c seed_ofb.c
+-LIBOBJ=seed.o seed_ecb.o seed_cbc.o seed_cfb.o seed_ofb.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= seed_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/seed/seed.c b/crypto/seed/seed.c
+index 47ec9bc..c1e9285 100644
+--- a/crypto/seed/seed.c
++++ b/crypto/seed/seed.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff --git a/crypto/seed/seed_cbc.c b/crypto/seed/seed_cbc.c
+index 470116c..c9a4fe2 100644
+--- a/crypto/seed/seed_cbc.c
++++ b/crypto/seed/seed_cbc.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/seed.h>
+diff --git a/crypto/seed/seed_cfb.c b/crypto/seed/seed_cfb.c
+index 6c81a74..2aee1ff 100644
+--- a/crypto/seed/seed_cfb.c
++++ b/crypto/seed/seed_cfb.c
+@@ -1,107 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/seed.h>
+diff --git a/crypto/seed/seed_ecb.c b/crypto/seed/seed_ecb.c
+index 51d8f84..b6e301c 100644
+--- a/crypto/seed/seed_ecb.c
++++ b/crypto/seed/seed_ecb.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/seed.h>
+diff --git a/crypto/seed/seed_locl.h b/crypto/seed/seed_locl.h
+index 1c00d29..d4a03fc 100644
+--- a/crypto/seed/seed_locl.h
++++ b/crypto/seed/seed_locl.h
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+diff --git a/crypto/seed/seed_ofb.c b/crypto/seed/seed_ofb.c
+index 873e667..b455540 100644
+--- a/crypto/seed/seed_ofb.c
++++ b/crypto/seed/seed_ofb.c
+@@ -1,107 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/seed.h>
+diff --git a/crypto/sha/Makefile.in b/crypto/sha/Makefile.in
+deleted file mode 100644
+index 8f24fea..0000000
+--- a/crypto/sha/Makefile.in
++++ /dev/null
+@@ -1,106 +0,0 @@
+-#
+-# OpenSSL/crypto/sha/Makefile
+-#
+-
+-DIR= sha
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-SHA1_ASM_OBJ=
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=sha1dgst.c sha1_one.c sha256.c sha512.c
+-LIBOBJ=sha1dgst.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ)
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= sha_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-sha1-586.s: asm/sha1-586.pl ../perlasm/x86asm.pl
+- $(PERL) asm/sha1-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-sha256-586.s: asm/sha256-586.pl ../perlasm/x86asm.pl
+- $(PERL) asm/sha256-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-sha512-586.s: asm/sha512-586.pl ../perlasm/x86asm.pl
+- $(PERL) asm/sha512-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-
+-sha1-ia64.s: asm/sha1-ia64.pl
+- (cd asm; $(PERL) sha1-ia64.pl $(CFLAGS) ../$@)
+-sha256-ia64.s: asm/sha512-ia64.pl
+- (cd asm; $(PERL) sha512-ia64.pl $(CFLAGS) ../$@)
+-sha512-ia64.s: asm/sha512-ia64.pl
+- (cd asm; $(PERL) sha512-ia64.pl $(CFLAGS) ../$@)
+-
+-sha256-armv4.S: asm/sha256-armv4.pl
+- $(PERL) $< $(PERLASM_SCHEME) $@
+-
+-sha1-alpha.s: asm/sha1-alpha.pl
+- (preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+- $(PERL) asm/sha1-alpha.pl $$preproc && \
+- $(CC) -E -P $$preproc > $@ && rm $$preproc)
+-
+-# Solaris make has to be explicitly told
+-sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) $@
+-sha1-mb-x86_64.s: asm/sha1-mb-x86_64.pl; $(PERL) asm/sha1-mb-x86_64.pl $(PERLASM_SCHEME) $@
+-sha256-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+-sha256-mb-x86_64.s: asm/sha256-mb-x86_64.pl; $(PERL) asm/sha256-mb-x86_64.pl $(PERLASM_SCHEME) $@
+-sha512-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+-sha1-sparcv9.S: asm/sha1-sparcv9.pl; $(PERL) asm/sha1-sparcv9.pl $(PERLASM_SCHEME) $@
+-sha256-sparcv9.S:asm/sha512-sparcv9.pl; $(PERL) asm/sha512-sparcv9.pl $(PERLASM_SCHEME) $@
+-sha512-sparcv9.S:asm/sha512-sparcv9.pl; $(PERL) asm/sha512-sparcv9.pl $(PERLASM_SCHEME) $@
+-
+-sha1-ppc.s: asm/sha1-ppc.pl; $(PERL) asm/sha1-ppc.pl $(PERLASM_SCHEME) $@
+-sha256-ppc.s: asm/sha512-ppc.pl; $(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+-sha512-ppc.s: asm/sha512-ppc.pl; $(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+-sha256p8-ppc.s: asm/sha512p8-ppc.pl; $(PERL) asm/sha512p8-ppc.pl $(PERLASM_SCHEME) $@
+-sha512p8-ppc.s: asm/sha512p8-ppc.pl; $(PERL) asm/sha512p8-ppc.pl $(PERLASM_SCHEME) $@
+-
+-sha1-parisc.s: asm/sha1-parisc.pl; $(PERL) asm/sha1-parisc.pl $(PERLASM_SCHEME) $@
+-sha256-parisc.s:asm/sha512-parisc.pl; $(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+-sha512-parisc.s:asm/sha512-parisc.pl; $(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+-
+-sha1-mips.S: asm/sha1-mips.pl; $(PERL) asm/sha1-mips.pl $(PERLASM_SCHEME) $@
+-sha256-mips.S: asm/sha512-mips.pl; $(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+-sha512-mips.S: asm/sha512-mips.pl; $(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+-
+-# GNU make "catch all"
+-sha1-%.S: asm/sha1-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-sha256-%.S: asm/sha512-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-sha512-%.S: asm/sha512-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+-
+-sha1-armv4-large.o: sha1-armv4-large.S
+-sha256-armv4.o: sha256-armv4.S
+-sha512-armv4.o: sha512-armv4.S
+-sha1-armv8.o: sha1-armv8.S
+-sha256-armv8.o: sha256-armv8.S
+-sha512-armv8.o: sha512-armv8.S
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/sha/asm/sha1-586.pl b/crypto/sha/asm/sha1-586.pl
+index cd71d1c..0efed70 100644
+--- a/crypto/sha/asm/sha1-586.pl
++++ b/crypto/sha/asm/sha1-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # [Re]written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-alpha.pl b/crypto/sha/asm/sha1-alpha.pl
+index 6c4b925..4124958 100644
+--- a/crypto/sha/asm/sha1-alpha.pl
++++ b/crypto/sha/asm/sha1-alpha.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+@@ -317,6 +324,6 @@ $code.=<<___;
+ .ascii "SHA1 block transform for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
+ .align 2
+ ___
+-$output=shift and open STDOUT,">$output";
++$output=pop and open STDOUT,">$output";
+ print $code;
+ close STDOUT;
+diff --git a/crypto/sha/asm/sha1-armv4-large.pl b/crypto/sha/asm/sha1-armv4-large.pl
+index 6fd2303..7ff5bfb 100644
+--- a/crypto/sha/asm/sha1-armv4-large.pl
++++ b/crypto/sha/asm/sha1-armv4-large.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-armv8.pl b/crypto/sha/asm/sha1-armv8.pl
+index 5ef9dc2..39609a4 100644
+--- a/crypto/sha/asm/sha1-armv8.pl
++++ b/crypto/sha/asm/sha1-armv8.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-c64xplus.pl b/crypto/sha/asm/sha1-c64xplus.pl
+index ad8b172..4db2bcb 100644
+--- a/crypto/sha/asm/sha1-c64xplus.pl
++++ b/crypto/sha/asm/sha1-c64xplus.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-ia64.pl b/crypto/sha/asm/sha1-ia64.pl
+index a9d2b7c..dec21f9 100644
+--- a/crypto/sha/asm/sha1-ia64.pl
++++ b/crypto/sha/asm/sha1-ia64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-mb-x86_64.pl b/crypto/sha/asm/sha1-mb-x86_64.pl
+index 9de3f15..5ea2206 100644
+--- a/crypto/sha/asm/sha1-mb-x86_64.pl
++++ b/crypto/sha/asm/sha1-mb-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-mips.pl b/crypto/sha/asm/sha1-mips.pl
+index 26db5cd..882f973 100644
+--- a/crypto/sha/asm/sha1-mips.pl
++++ b/crypto/sha/asm/sha1-mips.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+@@ -326,7 +333,7 @@ ___
+ }
+
+ $FRAMESIZE=16; # large enough to accommodate NUBI saved registers
+-$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
++$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? "0xc0fff008" : "0xc0ff0000";
+
+ $code=<<___;
+ #ifdef OPENSSL_FIPSCANISTER
+diff --git a/crypto/sha/asm/sha1-parisc.pl b/crypto/sha/asm/sha1-parisc.pl
+index 6e5a328..a85d126 100644
+--- a/crypto/sha/asm/sha1-parisc.pl
++++ b/crypto/sha/asm/sha1-parisc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-ppc.pl b/crypto/sha/asm/sha1-ppc.pl
+index ab65502..7a66e03 100755
+--- a/crypto/sha/asm/sha1-ppc.pl
++++ b/crypto/sha/asm/sha1-ppc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-s390x.pl b/crypto/sha/asm/sha1-s390x.pl
+index a62cc31..b19606c 100644
+--- a/crypto/sha/asm/sha1-s390x.pl
++++ b/crypto/sha/asm/sha1-s390x.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+@@ -168,10 +175,7 @@ $code.=<<___ if ($kimdfunc);
+ lg %r0,0(%r1)
+ tmhl %r0,0x4000 # check for message-security assist
+ jz .Lsoftware
+- lghi %r0,0
+- la %r1,`2*$SIZE_T`($sp)
+- .long 0xb93e0002 # kimd %r0,%r2
+- lg %r0,`2*$SIZE_T`($sp)
++ lg %r0,16(%r1) # check kimd capabilities
+ tmhh %r0,`0x8000>>$kimdfunc`
+ jz .Lsoftware
+ lghi %r0,$kimdfunc
+@@ -238,7 +242,7 @@ $code.=<<___;
+ br %r14
+ .size sha1_block_data_order,.-sha1_block_data_order
+ .string "SHA1 block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+-.comm OPENSSL_s390xcap_P,16,8
++.comm OPENSSL_s390xcap_P,80,8
+ ___
+
+ $code =~ s/\`([^\`]*)\`/eval $1/gem;
+diff --git a/crypto/sha/asm/sha1-sparcv9.pl b/crypto/sha/asm/sha1-sparcv9.pl
+index 9f20725..7437ff4 100644
+--- a/crypto/sha/asm/sha1-sparcv9.pl
++++ b/crypto/sha/asm/sha1-sparcv9.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-sparcv9a.pl b/crypto/sha/asm/sha1-sparcv9a.pl
+index e81a4dc..f9ed563 100644
+--- a/crypto/sha/asm/sha1-sparcv9a.pl
++++ b/crypto/sha/asm/sha1-sparcv9a.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-thumb.pl b/crypto/sha/asm/sha1-thumb.pl
+index 7c9ea9b..661fd9f 100644
+--- a/crypto/sha/asm/sha1-thumb.pl
++++ b/crypto/sha/asm/sha1-thumb.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/sha/asm/sha1-x86_64.pl b/crypto/sha/asm/sha1-x86_64.pl
+index 8827886..4cefc45 100755
+--- a/crypto/sha/asm/sha1-x86_64.pl
++++ b/crypto/sha/asm/sha1-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha256-586.pl b/crypto/sha/asm/sha256-586.pl
+index 55d833a..6af1d84 100644
+--- a/crypto/sha/asm/sha256-586.pl
++++ b/crypto/sha/asm/sha256-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha256-armv4.pl b/crypto/sha/asm/sha256-armv4.pl
+index 621bcdb..55d30cb 100644
+--- a/crypto/sha/asm/sha256-armv4.pl
++++ b/crypto/sha/asm/sha256-armv4.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha256-c64xplus.pl b/crypto/sha/asm/sha256-c64xplus.pl
+index 2f775ac..3ab7d9b 100644
+--- a/crypto/sha/asm/sha256-c64xplus.pl
++++ b/crypto/sha/asm/sha256-c64xplus.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha256-mb-x86_64.pl b/crypto/sha/asm/sha256-mb-x86_64.pl
+index 65df8e6..acdffbd 100644
+--- a/crypto/sha/asm/sha256-mb-x86_64.pl
++++ b/crypto/sha/asm/sha256-mb-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha512-586.pl b/crypto/sha/asm/sha512-586.pl
+index d0f9101..0887e06 100644
+--- a/crypto/sha/asm/sha512-586.pl
++++ b/crypto/sha/asm/sha512-586.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha512-armv4.pl b/crypto/sha/asm/sha512-armv4.pl
+index 0840a8d..22b5a9d 100644
+--- a/crypto/sha/asm/sha512-armv4.pl
++++ b/crypto/sha/asm/sha512-armv4.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha512-armv8.pl b/crypto/sha/asm/sha512-armv8.pl
+index 7d69f0f..ef517df 100644
+--- a/crypto/sha/asm/sha512-armv8.pl
++++ b/crypto/sha/asm/sha512-armv8.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha512-c64xplus.pl b/crypto/sha/asm/sha512-c64xplus.pl
+index 71a1e80..9ebfc92 100644
+--- a/crypto/sha/asm/sha512-c64xplus.pl
++++ b/crypto/sha/asm/sha512-c64xplus.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha512-ia64.pl b/crypto/sha/asm/sha512-ia64.pl
+index 4f472d1..356a46a 100755
+--- a/crypto/sha/asm/sha512-ia64.pl
++++ b/crypto/sha/asm/sha512-ia64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha512-mips.pl b/crypto/sha/asm/sha512-mips.pl
+index 79429ab..5c2d23f 100644
+--- a/crypto/sha/asm/sha512-mips.pl
++++ b/crypto/sha/asm/sha512-mips.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+@@ -52,6 +59,7 @@
+ $flavour = shift || "o32"; # supported flavours are o32,n32,64,nubi32,nubi64
+
+ if ($flavour =~ /64|n32/i) {
++ $PTR_LA="dla";
+ $PTR_ADD="dadd"; # incidentally works even on n32
+ $PTR_SUB="dsub"; # incidentally works even on n32
+ $REG_S="sd";
+@@ -59,6 +67,7 @@ if ($flavour =~ /64|n32/i) {
+ $PTR_SLL="dsll"; # incidentally works even on n32
+ $SZREG=8;
+ } else {
++ $PTR_LA="la";
+ $PTR_ADD="add";
+ $PTR_SUB="sub";
+ $REG_S="sw";
+@@ -286,7 +295,7 @@ ___
+ }
+
+ $FRAMESIZE=16*$SZ+16*$SZREG;
+-$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
++$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? "0xc0fff008" : "0xc0ff0000";
+
+ $code.=<<___;
+ #ifdef OPENSSL_FIPSCANISTER
+@@ -343,7 +352,7 @@ $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
+ ___
+ $code.=<<___;
+ .set reorder
+- la $Ktbl,K${label} # PIC-ified 'load address'
++ $PTR_LA $Ktbl,K${label} # PIC-ified 'load address'
+
+ $LD $A,0*$SZ($ctx) # load context
+ $LD $B,1*$SZ($ctx)
+diff --git a/crypto/sha/asm/sha512-parisc.pl b/crypto/sha/asm/sha512-parisc.pl
+index 6cad72e..fcb6157 100755
+--- a/crypto/sha/asm/sha512-parisc.pl
++++ b/crypto/sha/asm/sha512-parisc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/sha/asm/sha512-ppc.pl b/crypto/sha/asm/sha512-ppc.pl
+index 17fdc6e..fe95b01 100755
+--- a/crypto/sha/asm/sha512-ppc.pl
++++ b/crypto/sha/asm/sha512-ppc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha512-s390x.pl b/crypto/sha/asm/sha512-s390x.pl
+index 7780627..582d393 100644
+--- a/crypto/sha/asm/sha512-s390x.pl
++++ b/crypto/sha/asm/sha512-s390x.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+@@ -240,10 +247,7 @@ $code.=<<___ if ($kimdfunc);
+ lg %r0,0(%r1)
+ tmhl %r0,0x4000 # check for message-security assist
+ jz .Lsoftware
+- lghi %r0,0
+- la %r1,`2*$SIZE_T`($sp)
+- .long 0xb93e0002 # kimd %r0,%r2
+- lg %r0,`2*$SIZE_T`($sp)
++ lg %r0,16(%r1) # check kimd capabilities
+ tmhh %r0,`0x8000>>$kimdfunc`
+ jz .Lsoftware
+ lghi %r0,$kimdfunc
+@@ -311,7 +315,7 @@ $code.=<<___;
+ br %r14
+ .size $Func,.-$Func
+ .string "SHA${label} block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+-.comm OPENSSL_s390xcap_P,16,8
++.comm OPENSSL_s390xcap_P,80,8
+ ___
+
+ $code =~ s/\`([^\`]*)\`/eval $1/gem;
+diff --git a/crypto/sha/asm/sha512-sparcv9.pl b/crypto/sha/asm/sha512-sparcv9.pl
+index 866a7b0..4a1ce5f 100644
+--- a/crypto/sha/asm/sha512-sparcv9.pl
++++ b/crypto/sha/asm/sha512-sparcv9.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/sha/asm/sha512-x86_64.pl b/crypto/sha/asm/sha512-x86_64.pl
+index a62acd2..431383b 100755
+--- a/crypto/sha/asm/sha512-x86_64.pl
++++ b/crypto/sha/asm/sha512-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/asm/sha512p8-ppc.pl b/crypto/sha/asm/sha512p8-ppc.pl
+index 4718950..4d3d3b2 100755
+--- a/crypto/sha/asm/sha512p8-ppc.pl
++++ b/crypto/sha/asm/sha512p8-ppc.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/crypto/sha/build.info b/crypto/sha/build.info
+index 7aa3a91..5843e50 100644
+--- a/crypto/sha/build.info
++++ b/crypto/sha/build.info
+@@ -13,7 +13,7 @@ GENERATE[sha1-ia64.s]=asm/sha1-ia64.pl $(CFLAGS) $(LIB_CFLAGS)
+ GENERATE[sha256-ia64.s]=asm/sha512-ia64.pl $(CFLAGS) $(LIB_CFLAGS)
+ GENERATE[sha512-ia64.s]=asm/sha512-ia64.pl $(CFLAGS) $(LIB_CFLAGS)
+
+-GENERATE[sha1-alpha.s]=asm/sha1-alpha.pl
++GENERATE[sha1-alpha.S]=asm/sha1-alpha.pl $(PERLASM_SCHEME)
+
+ GENERATE[sha1-x86_64.s]=asm/sha1-x86_64.pl $(PERLASM_SCHEME)
+ GENERATE[sha1-mb-x86_64.s]=asm/sha1-mb-x86_64.pl $(PERLASM_SCHEME)
+diff --git a/crypto/sha/sha1_one.c b/crypto/sha/sha1_one.c
+index 32ec6f1..273ab08 100644
+--- a/crypto/sha/sha1_one.c
++++ b/crypto/sha/sha1_one.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/sha/sha1dgst.c b/crypto/sha/sha1dgst.c
+index fb8e866..819370e 100644
+--- a/crypto/sha/sha1dgst.c
++++ b/crypto/sha/sha1dgst.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c
+index 53b6054..5e7ba43 100644
+--- a/crypto/sha/sha256.c
++++ b/crypto/sha/sha256.c
+@@ -1,8 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved
+- * according to the OpenSSL license [found in ../../LICENSE].
+- * ====================================================================
++/*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <openssl/opensslconf.h>
+
+ #include <stdlib.h>
+diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c
+index 2c8954f..d24d103 100644
+--- a/crypto/sha/sha512.c
++++ b/crypto/sha/sha512.c
+@@ -1,8 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved
+- * according to the OpenSSL license [found in ../../LICENSE].
+- * ====================================================================
++/*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <openssl/opensslconf.h>
+ /*-
+ * IMPLEMENTATION NOTES.
+diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h
+index 649cded..918278a 100644
+--- a/crypto/sha/sha_locl.h
++++ b/crypto/sha/sha_locl.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdlib.h>
+diff --git a/crypto/sparc_arch.h b/crypto/sparc_arch.h
+index e30d322..99eafb3 100644
+--- a/crypto/sparc_arch.h
++++ b/crypto/sparc_arch.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #ifndef __SPARC_ARCH_H__
+ # define __SPARC_ARCH_H__
+
+@@ -5,11 +14,16 @@
+ # define SPARCV9_PREFER_FPU (1<<1)
+ # define SPARCV9_VIS1 (1<<2)
+ # define SPARCV9_VIS2 (1<<3)/* reserved */
+-# define SPARCV9_FMADD (1<<4)/* reserved for SPARC64 V */
++# define SPARCV9_FMADD (1<<4)
+ # define SPARCV9_BLK (1<<5)/* VIS1 block copy */
+ # define SPARCV9_VIS3 (1<<6)
+ # define SPARCV9_RANDOM (1<<7)
+ # define SPARCV9_64BIT_STACK (1<<8)
++# define SPARCV9_FJAESX (1<<9)/* Fujitsu SPARC64 X AES */
++# define SPARCV9_FJDESX (1<<10)/* Fujitsu SPARC64 X DES, reserved */
++# define SPARCV9_FJHPCACE (1<<11)/* Fujitsu HPC-ACE, reserved */
++# define SPARCV9_IMA (1<<13)/* reserved */
++# define SPARCV9_VIS4 (1<<14)/* reserved */
+
+ /*
+ * OPENSSL_sparcv9cap_P[1] is copy of Compatibility Feature Register,
+@@ -28,6 +42,9 @@
+ # define CFR_MONTMUL 0x00000200/* Supports MONTMUL opcodes */
+ # define CFR_MONTSQR 0x00000400/* Supports MONTSQR opcodes */
+ # define CFR_CRC32C 0x00000800/* Supports CRC32C opcodes */
++# define CFR_XMPMUL 0x00001000/* Supports XMPMUL opcodes */
++# define CFR_XMONTMUL 0x00002000/* Supports XMONTMUL opcodes */
++# define CFR_XMONTSQR 0x00004000/* Supports XMONTSQR opcodes */
+
+ # if defined(OPENSSL_PIC) && !defined(__PIC__)
+ # define __PIC__
+diff --git a/crypto/sparccpuid.S b/crypto/sparccpuid.S
+index 72c7adf..f48d860 100644
+--- a/crypto/sparccpuid.S
++++ b/crypto/sparccpuid.S
+@@ -349,6 +349,14 @@ _sparcv9_random:
+ .type _sparcv9_random,#function
+ .size _sparcv9_random,.-_sparcv9_vis3_probe
+
++.global _sparcv9_fjaesx_probe
++.align 8
++_sparcv9_fjaesx_probe:
++ .word 0x81b09206 !faesencx %f2,%f6,%f0
++ retl
++ nop
++.size _sparcv9_fjaesx_probe,.-_sparcv9_fjaesx_probe
++
+ .global OPENSSL_cleanse
+ .align 32
+ OPENSSL_cleanse:
+@@ -432,6 +440,40 @@ OPENSSL_cleanse:
+ .type OPENSSL_cleanse,#function
+ .size OPENSSL_cleanse,.-OPENSSL_cleanse
+
++.global CRYPTO_memcmp
++.align 16
++CRYPTO_memcmp:
++ cmp %o2,0
++#ifdef ABI64
++ beq,pn %xcc,.Lno_data
++#else
++ beq .Lno_data
++#endif
++ xor %g1,%g1,%g1
++ nop
++
++.Loop_cmp:
++ ldub [%o0],%o3
++ add %o0,1,%o0
++ ldub [%o1],%o4
++ add %o1,1,%o1
++ subcc %o2,1,%o2
++ xor %o3,%o4,%o4
++#ifdef ABI64
++ bnz %xcc,.Loop_cmp
++#else
++ bnz .Loop_cmp
++#endif
++ or %o4,%g1,%g1
++
++ sub %g0,%g1,%g1
++ srl %g1,31,%g1
++.Lno_data:
++ retl
++ mov %g1,%o0
++.type CRYPTO_memcmp,#function
++.size CRYPTO_memcmp,.-CRYPTO_memcmp
++
+ .global _sparcv9_vis1_instrument_bus
+ .align 8
+ _sparcv9_vis1_instrument_bus:
+diff --git a/crypto/sparcv9cap.c b/crypto/sparcv9cap.c
+index 2058640..92841ce 100644
+--- a/crypto/sparcv9cap.c
++++ b/crypto/sparcv9cap.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -60,9 +69,18 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ if ((OPENSSL_sparcv9cap_P[0] & SPARCV9_VIS3))
+ return bn_mul_mont_vis3(rp, ap, bp, np, n0, num);
+ else if (num >= 8 &&
+- (OPENSSL_sparcv9cap_P[0] &
+- (SPARCV9_PREFER_FPU | SPARCV9_VIS1)) ==
+- (SPARCV9_PREFER_FPU | SPARCV9_VIS1))
++ /*
++ * bn_mul_mont_fpu doesn't use FMADD, we just use the
++ * flag to detect when FPU path is preferable in cases
++ * when current heuristics is unreliable. [it works
++ * out because FMADD-capable processors where FPU
++ * code path is undesirable are also VIS3-capable and
++ * VIS3 code path takes precedence.]
++ */
++ ( (OPENSSL_sparcv9cap_P[0] & SPARCV9_FMADD) ||
++ (OPENSSL_sparcv9cap_P[0] &
++ (SPARCV9_PREFER_FPU | SPARCV9_VIS1)) ==
++ (SPARCV9_PREFER_FPU | SPARCV9_VIS1) ))
+ return bn_mul_mont_fpu(rp, ap, bp, np, n0, num);
+ }
+ return bn_mul_mont_int(rp, ap, bp, np, n0, num);
+@@ -149,16 +167,24 @@ void OPENSSL_cpuid_setup(void)
+ unsigned int vec[1];
+
+ if (getisax (vec,1)) {
+- if (vec[0]&0x0020) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1;
+- if (vec[0]&0x0040) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2;
+- if (vec[0]&0x0080) OPENSSL_sparcv9cap_P[0] |= SPARCV9_BLK;
+- if (vec[0]&0x0100) OPENSSL_sparcv9cap_P[0] |= SPARCV9_FMADD;
+- if (vec[0]&0x0400) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3;
++ if (vec[0]&0x00020) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1;
++ if (vec[0]&0x00040) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2;
++ if (vec[0]&0x00080) OPENSSL_sparcv9cap_P[0] |= SPARCV9_BLK;
++ if (vec[0]&0x00100) OPENSSL_sparcv9cap_P[0] |= SPARCV9_FMADD;
++ if (vec[0]&0x00400) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3;
++ if (vec[0]&0x01000) OPENSSL_sparcv9cap_P[0] |= SPARCV9_FJHPCACE;
++ if (vec[0]&0x02000) OPENSSL_sparcv9cap_P[0] |= SPARCV9_FJDESX;
++ if (vec[0]&0x08000) OPENSSL_sparcv9cap_P[0] |= SPARCV9_IMA;
++ if (vec[0]&0x10000) OPENSSL_sparcv9cap_P[0] |= SPARCV9_FJAESX;
++ if (vec[1]&0x00008) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS4;
+
+ /* reconstruct %cfr copy */
+ OPENSSL_sparcv9cap_P[1] = (vec[0]>>17)&0x3ff;
+ OPENSSL_sparcv9cap_P[1] |= (OPENSSL_sparcv9cap_P[1]&CFR_MONTMUL)<<1;
+ if (vec[0]&0x20000000) OPENSSL_sparcv9cap_P[1] |= CFR_CRC32C;
++ if (vec[1]&0x00000020) OPENSSL_sparcv9cap_P[1] |= CFR_XMPMUL;
++ if (vec[1]&0x00000040)
++ OPENSSL_sparcv9cap_P[1] |= CFR_XMONTMUL|CFR_XMONTSQR;
+
+ /* Some heuristics */
+ /* all known VIS2-capable CPUs have unprivileged tick counter */
+@@ -233,6 +259,11 @@ void OPENSSL_cpuid_setup(void)
+ OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3;
+ }
+
++ if (sigsetjmp(common_jmp, 1) == 0) {
++ _sparcv9_fjaesx_probe();
++ OPENSSL_sparcv9cap_P[0] |= SPARCV9_FJAESX;
++ }
++
+ /*
+ * In wait for better solution _sparcv9_rdcfr is masked by
+ * VIS3 flag, because it goes to uninterruptable endless
+diff --git a/crypto/srp/Makefile.in b/crypto/srp/Makefile.in
+deleted file mode 100644
+index 78e9a4f..0000000
+--- a/crypto/srp/Makefile.in
++++ /dev/null
+@@ -1,39 +0,0 @@
+-DIR= srp
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-DESTDIR=
+-OPENSSLDIR= /usr/local/ssl
+-INSTALLTOP=/usr/local/ssl
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=srp_lib.c srp_vfy.c
+-LIBOBJ=srp_lib.o srp_vfy.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
+index aefc490..766a0a2 100644
+--- a/crypto/srp/srp_lib.c
++++ b/crypto/srp/srp_lib.c
+@@ -1,61 +1,12 @@
+ /*
+- * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
+- * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
+- * EdelKey project and contributed to the OpenSSL project 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #ifndef OPENSSL_NO_SRP
+ # include "internal/cryptlib.h"
+ # include <openssl/sha.h>
+@@ -153,8 +104,7 @@ BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
+ if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)
+ return NULL;
+
+- if ((bn_ctx = BN_CTX_new()) == NULL ||
+- (tmp = BN_new()) == NULL || (S = BN_new()) == NULL)
++ if ((bn_ctx = BN_CTX_new()) == NULL || (tmp = BN_new()) == NULL)
+ goto err;
+
+ /* S = (A*v**u) ** b */
+@@ -163,8 +113,12 @@ BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
+ goto err;
+ if (!BN_mod_mul(tmp, A, tmp, N, bn_ctx))
+ goto err;
+- if (!BN_mod_exp(S, tmp, b, N, bn_ctx))
+- goto err;
++
++ S = BN_new();
++ if (S != NULL && !BN_mod_exp(S, tmp, b, N, bn_ctx)) {
++ BN_free(S);
++ S = NULL;
++ }
+ err:
+ BN_CTX_free(bn_ctx);
+ BN_clear_free(tmp);
+@@ -265,8 +219,7 @@ BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
+
+ if ((tmp = BN_new()) == NULL ||
+ (tmp2 = BN_new()) == NULL ||
+- (tmp3 = BN_new()) == NULL ||
+- (K = BN_new()) == NULL)
++ (tmp3 = BN_new()) == NULL)
+ goto err;
+
+ if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
+@@ -277,12 +230,15 @@ BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
+ goto err;
+ if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx))
+ goto err;
+- if (!BN_mod_mul(tmp3, u, x, N, bn_ctx))
++ if (!BN_mul(tmp3, u, x, bn_ctx))
+ goto err;
+- if (!BN_mod_add(tmp2, a, tmp3, N, bn_ctx))
+- goto err;
+- if (!BN_mod_exp(K, tmp, tmp2, N, bn_ctx))
++ if (!BN_add(tmp2, a, tmp3))
+ goto err;
++ K = BN_new();
++ if (K != NULL && !BN_mod_exp(K, tmp, tmp2, N, bn_ctx)) {
++ BN_free(K);
++ K = NULL;
++ }
+
+ err:
+ BN_CTX_free(bn_ctx);
+diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c
+index 78db608..11b9a4b 100644
+--- a/crypto/srp/srp_vfy.c
++++ b/crypto/srp/srp_vfy.c
+@@ -1,61 +1,12 @@
+ /*
+- * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
+- * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
+- * EdelKey project and contributed to the OpenSSL project 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #ifndef OPENSSL_NO_SRP
+ # include "internal/cryptlib.h"
+ # include <openssl/sha.h>
+@@ -445,7 +396,7 @@ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
+
+ if (sk_SRP_user_pwd_insert(vb->users_pwd, user_pwd, 0) == 0)
+ goto err;
+- user_pwd = NULL; /* abandon responsability */
++ user_pwd = NULL; /* abandon responsibility */
+ }
+ }
+ }
+diff --git a/crypto/stack/Makefile.in b/crypto/stack/Makefile.in
+deleted file mode 100644
+index e127585..0000000
+--- a/crypto/stack/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/stack/Makefile
+-#
+-
+-DIR= stack
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=stack.c
+-LIBOBJ=stack.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
+index d486f33..0076db1 100644
+--- a/crypto/stack/stack.c
++++ b/crypto/stack/stack.c
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include "internal/cryptlib.h"
+ #include <openssl/stack.h>
+@@ -64,7 +17,7 @@ struct stack_st {
+ char **data;
+ int sorted;
+ int num_alloc;
+- int (*comp) (const void *, const void *);
++ OPENSSL_sk_compfunc comp;
+ };
+
+ #undef MIN_NODES
+@@ -72,9 +25,9 @@ struct stack_st {
+
+ #include <errno.h>
+
+-int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
+- (const void *, const void *) {
+- int (*old) (const void *, const void *) = sk->comp;
++OPENSSL_sk_compfunc OPENSSL_sk_set_cmp_func(OPENSSL_STACK *sk, OPENSSL_sk_compfunc c)
++{
++ OPENSSL_sk_compfunc old = sk->comp;
+
+ if (sk->comp != c)
+ sk->sorted = 0;
+@@ -83,12 +36,12 @@ int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
+ return old;
+ }
+
+-_STACK *sk_dup(_STACK *sk)
++OPENSSL_STACK *OPENSSL_sk_dup(OPENSSL_STACK *sk)
+ {
+- _STACK *ret;
++ OPENSSL_STACK *ret;
+ char **s;
+
+- if ((ret = sk_new(sk->comp)) == NULL)
++ if ((ret = OPENSSL_sk_new(sk->comp)) == NULL)
+ goto err;
+ s = OPENSSL_realloc((char *)ret->data,
+ (unsigned int)sizeof(char *) * sk->num_alloc);
+@@ -103,17 +56,17 @@ _STACK *sk_dup(_STACK *sk)
+ ret->comp = sk->comp;
+ return (ret);
+ err:
+- sk_free(ret);
++ OPENSSL_sk_free(ret);
+ return (NULL);
+ }
+
+-_STACK *sk_deep_copy(_STACK *sk, void *(*copy_func) (void *),
+- void (*free_func) (void *))
++OPENSSL_STACK *OPENSSL_sk_deep_copy(OPENSSL_STACK *sk, OPENSSL_sk_copyfunc copy_func,
++ OPENSSL_sk_freefunc free_func)
+ {
+- _STACK *ret;
++ OPENSSL_STACK *ret;
+ int i;
+
+- if ((ret = OPENSSL_malloc(sizeof(_STACK))) == NULL)
++ if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL)
+ return ret;
+ ret->comp = sk->comp;
+ ret->sorted = sk->sorted;
+@@ -134,23 +87,23 @@ _STACK *sk_deep_copy(_STACK *sk, void *(*copy_func) (void *),
+ while (--i >= 0)
+ if (ret->data[i] != NULL)
+ free_func(ret->data[i]);
+- sk_free(ret);
++ OPENSSL_sk_free(ret);
+ return NULL;
+ }
+ }
+ return ret;
+ }
+
+-_STACK *sk_new_null(void)
++OPENSSL_STACK *OPENSSL_sk_new_null(void)
+ {
+- return sk_new((int (*)(const void *, const void *))0);
++ return OPENSSL_sk_new((OPENSSL_sk_compfunc)NULL);
+ }
+
+-_STACK *sk_new(int (*c) (const void *, const void *))
++OPENSSL_STACK *OPENSSL_sk_new(OPENSSL_sk_compfunc c)
+ {
+- _STACK *ret;
++ OPENSSL_STACK *ret;
+
+- if ((ret = OPENSSL_zalloc(sizeof(_STACK))) == NULL)
++ if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL)
+ goto err;
+ if ((ret->data = OPENSSL_zalloc(sizeof(*ret->data) * MIN_NODES)) == NULL)
+ goto err;
+@@ -163,7 +116,7 @@ _STACK *sk_new(int (*c) (const void *, const void *))
+ return (NULL);
+ }
+
+-int sk_insert(_STACK *st, void *data, int loc)
++int OPENSSL_sk_insert(OPENSSL_STACK *st, void *data, int loc)
+ {
+ char **s;
+
+@@ -189,22 +142,22 @@ int sk_insert(_STACK *st, void *data, int loc)
+ return (st->num);
+ }
+
+-void *sk_delete_ptr(_STACK *st, void *p)
++void *OPENSSL_sk_delete_ptr(OPENSSL_STACK *st, const void *p)
+ {
+ int i;
+
+ for (i = 0; i < st->num; i++)
+ if (st->data[i] == p)
+- return (sk_delete(st, i));
+- return (NULL);
++ return OPENSSL_sk_delete(st, i);
++ return NULL;
+ }
+
+-void *sk_delete(_STACK *st, int loc)
++void *OPENSSL_sk_delete(OPENSSL_STACK *st, int loc)
+ {
+ char *ret;
+ int i, j;
+
+- if (!st || (loc < 0) || (loc >= st->num))
++ if (st == NULL || loc < 0 || loc >= st->num)
+ return NULL;
+
+ ret = st->data[loc];
+@@ -221,7 +174,8 @@ void *sk_delete(_STACK *st, int loc)
+ return (ret);
+ }
+
+-static int internal_find(_STACK *st, void *data, int ret_val_options)
++static int internal_find(OPENSSL_STACK *st, const void *data,
++ int ret_val_options)
+ {
+ const void *const *r;
+ int i;
+@@ -235,7 +189,7 @@ static int internal_find(_STACK *st, void *data, int ret_val_options)
+ return (i);
+ return (-1);
+ }
+- sk_sort(st);
++ OPENSSL_sk_sort(st);
+ if (data == NULL)
+ return (-1);
+ r = OBJ_bsearch_ex_(&data, st->data, st->num, sizeof(void *), st->comp,
+@@ -245,45 +199,45 @@ static int internal_find(_STACK *st, void *data, int ret_val_options)
+ return (int)((char **)r - st->data);
+ }
+
+-int sk_find(_STACK *st, void *data)
++int OPENSSL_sk_find(OPENSSL_STACK *st, const void *data)
+ {
+ return internal_find(st, data, OBJ_BSEARCH_FIRST_VALUE_ON_MATCH);
+ }
+
+-int sk_find_ex(_STACK *st, void *data)
++int OPENSSL_sk_find_ex(OPENSSL_STACK *st, const void *data)
+ {
+ return internal_find(st, data, OBJ_BSEARCH_VALUE_ON_NOMATCH);
+ }
+
+-int sk_push(_STACK *st, void *data)
++int OPENSSL_sk_push(OPENSSL_STACK *st, void *data)
+ {
+- return (sk_insert(st, data, st->num));
++ return (OPENSSL_sk_insert(st, data, st->num));
+ }
+
+-int sk_unshift(_STACK *st, void *data)
++int OPENSSL_sk_unshift(OPENSSL_STACK *st, void *data)
+ {
+- return (sk_insert(st, data, 0));
++ return (OPENSSL_sk_insert(st, data, 0));
+ }
+
+-void *sk_shift(_STACK *st)
++void *OPENSSL_sk_shift(OPENSSL_STACK *st)
+ {
+ if (st == NULL)
+ return (NULL);
+ if (st->num <= 0)
+ return (NULL);
+- return (sk_delete(st, 0));
++ return (OPENSSL_sk_delete(st, 0));
+ }
+
+-void *sk_pop(_STACK *st)
++void *OPENSSL_sk_pop(OPENSSL_STACK *st)
+ {
+ if (st == NULL)
+ return (NULL);
+ if (st->num <= 0)
+ return (NULL);
+- return (sk_delete(st, st->num - 1));
++ return (OPENSSL_sk_delete(st, st->num - 1));
+ }
+
+-void sk_zero(_STACK *st)
++void OPENSSL_sk_zero(OPENSSL_STACK *st)
+ {
+ if (st == NULL)
+ return;
+@@ -293,7 +247,7 @@ void sk_zero(_STACK *st)
+ st->num = 0;
+ }
+
+-void sk_pop_free(_STACK *st, void (*func) (void *))
++void OPENSSL_sk_pop_free(OPENSSL_STACK *st, OPENSSL_sk_freefunc func)
+ {
+ int i;
+
+@@ -302,10 +256,10 @@ void sk_pop_free(_STACK *st, void (*func) (void *))
+ for (i = 0; i < st->num; i++)
+ if (st->data[i] != NULL)
+ func(st->data[i]);
+- sk_free(st);
++ OPENSSL_sk_free(st);
+ }
+
+-void sk_free(_STACK *st)
++void OPENSSL_sk_free(OPENSSL_STACK *st)
+ {
+ if (st == NULL)
+ return;
+@@ -313,48 +267,38 @@ void sk_free(_STACK *st)
+ OPENSSL_free(st);
+ }
+
+-int sk_num(const _STACK *st)
++int OPENSSL_sk_num(const OPENSSL_STACK *st)
+ {
+ if (st == NULL)
+ return -1;
+ return st->num;
+ }
+
+-void *sk_value(const _STACK *st, int i)
++void *OPENSSL_sk_value(const OPENSSL_STACK *st, int i)
+ {
+- if (!st || (i < 0) || (i >= st->num))
++ if (st == NULL || i < 0 || i >= st->num)
+ return NULL;
+ return st->data[i];
+ }
+
+-void *sk_set(_STACK *st, int i, void *value)
++void *OPENSSL_sk_set(OPENSSL_STACK *st, int i, void *value)
+ {
+- if (!st || (i < 0) || (i >= st->num))
++ if (st == NULL || i < 0 || i >= st->num)
+ return NULL;
+ return (st->data[i] = value);
+ }
+
+-void sk_sort(_STACK *st)
++void OPENSSL_sk_sort(OPENSSL_STACK *st)
+ {
+ if (st && !st->sorted && st->comp != NULL) {
+- int (*comp_func) (const void *, const void *);
+-
+- /*
+- * same comment as in sk_find ... previously st->comp was declared as
+- * a (void*,void*) callback type, but this made the population of the
+- * callback pointer illogical - our callbacks compare type** with
+- * type**, so we leave the casting until absolutely necessary (ie.
+- * "now").
+- */
+- comp_func = (int (*)(const void *, const void *))(st->comp);
+- qsort(st->data, st->num, sizeof(char *), comp_func);
++ qsort(st->data, st->num, sizeof(char *), st->comp);
+ st->sorted = 1;
+ }
+ }
+
+-int sk_is_sorted(const _STACK *st)
++int OPENSSL_sk_is_sorted(const OPENSSL_STACK *st)
+ {
+- if (!st)
++ if (st == NULL)
+ return 1;
+ return st->sorted;
+ }
+diff --git a/crypto/threads_none.c b/crypto/threads_none.c
+index 4e3b7a5..72bf25b 100644
+--- a/crypto/threads_none.c
++++ b/crypto/threads_none.c
+@@ -1,54 +1,13 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+-#include "internal/threads.h"
+
+ #if !defined(OPENSSL_THREADS) || defined(CRYPTO_TDEBUG)
+
+diff --git a/crypto/threads_pthread.c b/crypto/threads_pthread.c
+index edca77c..6f5e812 100644
+--- a/crypto/threads_pthread.c
++++ b/crypto/threads_pthread.c
+@@ -1,54 +1,13 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+-#include "internal/threads.h"
+
+ #if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG) && !defined(OPENSSL_SYS_WINDOWS)
+
+diff --git a/crypto/threads_win.c b/crypto/threads_win.c
+index 63647a3..545b9be 100644
+--- a/crypto/threads_win.c
++++ b/crypto/threads_win.c
+@@ -1,54 +1,13 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+-#include "internal/threads.h"
+
+ #if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG) && defined(OPENSSL_SYS_WINDOWS)
+
+@@ -96,12 +55,14 @@ void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock)
+ return;
+ }
+
+-# if _WIN32_WINNT < 0x0600
+-
+ # define ONCE_UNINITED 0
+ # define ONCE_ININIT 1
+ # define ONCE_DONE 2
+
++/*
++ * We don't use InitOnceExecuteOnce because that isn't available in WinXP which
++ * we still have to support.
++ */
+ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void))
+ {
+ LONG volatile *lock = (LONG *)once;
+@@ -122,27 +83,6 @@ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void))
+ return (*lock == ONCE_DONE);
+ }
+
+-# else
+-
+-BOOL CALLBACK once_cb(PINIT_ONCE once, PVOID p, PVOID *pp)
+-{
+- void (*init)(void) = p;
+-
+- init();
+-
+- return TRUE;
+-}
+-
+-int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void))
+-{
+- if (InitOnceExecuteOnce(once, once_cb, init, NULL))
+- return 1;
+-
+- return 0;
+-}
+-
+-# endif
+-
+ int CRYPTO_THREAD_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *))
+ {
+ *key = TlsAlloc();
+diff --git a/crypto/ts/Makefile.in b/crypto/ts/Makefile.in
+deleted file mode 100644
+index 64156b5..0000000
+--- a/crypto/ts/Makefile.in
++++ /dev/null
+@@ -1,53 +0,0 @@
+-#
+-#
+-
+-DIR= ts
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I../../include
+-CFLAG = -g
+-DESTDIR=
+-OPENSSLDIR= /usr/local/ssl
+-INSTALLTOP=/usr/local/ssl
+-AR= ar r
+-
+-PLIB_LDFLAG=
+-EX_LIBS=
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL= Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= ts_err.c ts_req_utils.c ts_req_print.c ts_rsp_utils.c ts_rsp_print.c \
+- ts_rsp_sign.c ts_rsp_verify.c ts_verify_ctx.c ts_lib.c ts_conf.c \
+- ts_asn1.c
+-LIBOBJ= ts_err.o ts_req_utils.o ts_req_print.o ts_rsp_utils.o ts_rsp_print.o \
+- ts_rsp_sign.o ts_rsp_verify.o ts_verify_ctx.o ts_lib.o ts_conf.o \
+- ts_asn1.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-test:
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/ts/ts_asn1.c b/crypto/ts/ts_asn1.c
+index 5d0c598..e60675a 100644
+--- a/crypto/ts/ts_asn1.c
++++ b/crypto/ts/ts_asn1.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/ts.h>
+diff --git a/crypto/ts/ts_conf.c b/crypto/ts/ts_conf.c
+index e610691..f5f3934 100644
+--- a/crypto/ts/ts_conf.c
++++ b/crypto/ts/ts_conf.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/crypto/ts/ts_err.c b/crypto/ts/ts_err.c
+index b1dd8a1..08217f7 100644
+--- a/crypto/ts/ts_err.c
++++ b/crypto/ts/ts_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -69,7 +19,6 @@
+ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_TS,0,reason)
+
+ static ERR_STRING_DATA TS_str_functs[] = {
+- {ERR_FUNC(TS_F_D2I_TS_RESP), "d2i_TS_RESP"},
+ {ERR_FUNC(TS_F_DEF_SERIAL_CB), "def_serial_cb"},
+ {ERR_FUNC(TS_F_DEF_TIME_CB), "def_time_cb"},
+ {ERR_FUNC(TS_F_ESS_ADD_SIGNING_CERT), "ESS_add_signing_cert"},
+@@ -118,7 +67,6 @@ static ERR_STRING_DATA TS_str_functs[] = {
+ {ERR_FUNC(TS_F_TS_RESP_SET_TST_INFO), "TS_RESP_set_tst_info"},
+ {ERR_FUNC(TS_F_TS_RESP_SIGN), "ts_RESP_sign"},
+ {ERR_FUNC(TS_F_TS_RESP_VERIFY_SIGNATURE), "TS_RESP_verify_signature"},
+- {ERR_FUNC(TS_F_TS_RESP_VERIFY_TOKEN), "TS_RESP_verify_token"},
+ {ERR_FUNC(TS_F_TS_TST_INFO_SET_ACCURACY), "TS_TST_INFO_set_accuracy"},
+ {ERR_FUNC(TS_F_TS_TST_INFO_SET_MSG_IMPRINT),
+ "TS_TST_INFO_set_msg_imprint"},
+@@ -141,7 +89,6 @@ static ERR_STRING_DATA TS_str_reasons[] = {
+ {ERR_REASON(TS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
+ {ERR_REASON(TS_R_COULD_NOT_SET_ENGINE), "could not set engine"},
+ {ERR_REASON(TS_R_COULD_NOT_SET_TIME), "could not set time"},
+- {ERR_REASON(TS_R_D2I_TS_RESP_INT_FAILED), "d2i ts resp int failed"},
+ {ERR_REASON(TS_R_DETACHED_CONTENT), "detached content"},
+ {ERR_REASON(TS_R_ESS_ADD_SIGNING_CERT_ERROR),
+ "ess add signing cert error"},
+diff --git a/crypto/ts/ts_lcl.h b/crypto/ts/ts_lcl.h
+index e3f915c..d0c3cf8 100644
+--- a/crypto/ts/ts_lcl.h
++++ b/crypto/ts/ts_lcl.h
+@@ -1,58 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+-
+ /*-
+ * MessageImprint ::= SEQUENCE {
+ * hashAlgorithm AlgorithmIdentifier,
+@@ -144,8 +98,6 @@ struct TS_status_info_st {
+ ASN1_BIT_STRING *failure_info;
+ };
+
+-DEFINE_STACK_OF(ASN1_UTF8STRING)
+-
+ /*-
+ * IssuerSerial ::= SEQUENCE {
+ * issuer GeneralNames,
+diff --git a/crypto/ts/ts_lib.c b/crypto/ts/ts_lib.c
+index 087334b..bde1bd7 100644
+--- a/crypto/ts/ts_lib.c
++++ b/crypto/ts/ts_lib.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ts/ts_req_print.c b/crypto/ts/ts_req_print.c
+index 791715c..0dedf47 100644
+--- a/crypto/ts/ts_req_print.c
++++ b/crypto/ts/ts_req_print.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ts/ts_req_utils.c b/crypto/ts/ts_req_utils.c
+index 5e1114a..a37cf84 100644
+--- a/crypto/ts/ts_req_utils.c
++++ b/crypto/ts/ts_req_utils.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ts/ts_rsp_print.c b/crypto/ts/ts_rsp_print.c
+index 643bf4a..6eb0ec8 100644
+--- a/crypto/ts/ts_rsp_print.c
++++ b/crypto/ts/ts_rsp_print.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
+index 0ad6f10..a4acc9e 100644
+--- a/crypto/ts/ts_rsp_sign.c
++++ b/crypto/ts/ts_rsp_sign.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/ts/ts_rsp_utils.c b/crypto/ts/ts_rsp_utils.c
+index 5d0c51a..3747b5c 100644
+--- a/crypto/ts/ts_rsp_utils.c
++++ b/crypto/ts/ts_rsp_utils.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c
+index 89b86e1..e13fd90 100644
+--- a/crypto/ts/ts_rsp_verify.c
++++ b/crypto/ts/ts_rsp_verify.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+- * 2002.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/ts/ts_verify_ctx.c b/crypto/ts/ts_verify_ctx.c
+index b650a00..141385d 100644
+--- a/crypto/ts/ts_verify_ctx.c
++++ b/crypto/ts/ts_verify_ctx.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+- * 2003.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/txt_db/Makefile.in b/crypto/txt_db/Makefile.in
+deleted file mode 100644
+index 905ab41..0000000
+--- a/crypto/txt_db/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/txt_db/Makefile
+-#
+-
+-DIR= txt_db
+-TOP= ../..
+-CC= cc
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=txt_db.c
+-LIBOBJ=txt_db.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER=
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c
+index 219031e..1432230 100644
+--- a/crypto/txt_db/txt_db.c
++++ b/crypto/txt_db/txt_db.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -193,7 +145,7 @@ OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
+ }
+
+ int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
+- LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp)
++ OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC cmp)
+ {
+ LHASH_OF(OPENSSL_STRING) *idx;
+ OPENSSL_STRING *r;
+@@ -204,7 +156,7 @@ int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
+ return (0);
+ }
+ /* FIXME: we lose type checking at this point */
+- if ((idx = (LHASH_OF(OPENSSL_STRING) *)lh_new(hash, cmp)) == NULL) {
++ if ((idx = (LHASH_OF(OPENSSL_STRING) *)OPENSSL_LH_new(hash, cmp)) == NULL) {
+ db->error = DB_ERROR_MALLOC;
+ return (0);
+ }
+diff --git a/crypto/ui/Makefile.in b/crypto/ui/Makefile.in
+deleted file mode 100644
+index 665cd2e..0000000
+--- a/crypto/ui/Makefile.in
++++ /dev/null
+@@ -1,43 +0,0 @@
+-#
+-# OpenSSL/crypto/ui/Makefile
+-#
+-
+-DIR= ui
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= ui_err.c ui_lib.c ui_openssl.c ui_util.c
+-LIBOBJ= ui_err.o ui_lib.o ui_openssl.o ui_util.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= ui_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/ui/ui_err.c b/crypto/ui/ui_err.c
+index b43356e..03cd2bc 100644
+--- a/crypto/ui/ui_err.c
++++ b/crypto/ui/ui_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -71,7 +21,7 @@
+ static ERR_STRING_DATA UI_str_functs[] = {
+ {ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN), "general_allocate_boolean"},
+ {ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT), "general_allocate_prompt"},
+- {ERR_FUNC(UI_F_GENERAL_ALLOCATE_STRING), "GENERAL_ALLOCATE_STRING"},
++ {ERR_FUNC(UI_F_UI_CREATE_METHOD), "UI_create_method"},
+ {ERR_FUNC(UI_F_UI_CTRL), "UI_ctrl"},
+ {ERR_FUNC(UI_F_UI_DUP_ERROR_STRING), "UI_dup_error_string"},
+ {ERR_FUNC(UI_F_UI_DUP_INFO_STRING), "UI_dup_info_string"},
+diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
+index 7b08107..1213892 100644
+--- a/crypto/ui/ui_lib.c
++++ b/crypto/ui/ui_lib.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+@@ -92,7 +43,10 @@ UI *UI_new_method(const UI_METHOD *method)
+ else
+ ret->meth = method;
+
+- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data);
++ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data)) {
++ OPENSSL_free(ret);
++ return NULL;
++ }
+ return ret;
+ }
+
+@@ -582,8 +536,14 @@ UI_METHOD *UI_create_method(char *name)
+ {
+ UI_METHOD *ui_method = OPENSSL_zalloc(sizeof(*ui_method));
+
+- if (ui_method != NULL)
++ if (ui_method != NULL) {
+ ui_method->name = OPENSSL_strdup(name);
++ if (ui_method->name == NULL) {
++ OPENSSL_free(ui_method);
++ UIerr(UI_F_UI_CREATE_METHOD, ERR_R_MALLOC_FAILURE);
++ return NULL;
++ }
++ }
+ return ui_method;
+ }
+
+diff --git a/crypto/ui/ui_locl.h b/crypto/ui/ui_locl.h
+index abbdd1c..2953739 100644
+--- a/crypto/ui/ui_locl.h
++++ b/crypto/ui/ui_locl.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_UI_LOCL_H
+diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
+index 7fc3e17..929f7cb 100644
+--- a/crypto/ui/ui_openssl.c
++++ b/crypto/ui/ui_openssl.c
+@@ -1,118 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) and others for the
+- * OpenSSL project 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+-/*-
+- * The lowest level part of this file was previously in crypto/des/read_pwd.c,
+- * Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/e_os2.h>
+diff --git a/crypto/ui/ui_util.c b/crypto/ui/ui_util.c
+index f04ee7c..3b51db9 100644
+--- a/crypto/ui/ui_util.c
++++ b/crypto/ui/ui_util.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/crypto/uid.c b/crypto/uid.c
+index 2093947..12df8a4 100644
+--- a/crypto/uid.c
++++ b/crypto/uid.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/crypto/vms_rms.h b/crypto/vms_rms.h
+index 09c280e..3b994a0 100644
+--- a/crypto/vms_rms.h
++++ b/crypto/vms_rms.h
+@@ -1,3 +1,11 @@
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ #ifdef NAML$C_MAXRSS
+
+diff --git a/crypto/whrlpool/Makefile.in b/crypto/whrlpool/Makefile.in
+deleted file mode 100644
+index e6c64b7..0000000
+--- a/crypto/whrlpool/Makefile.in
++++ /dev/null
+@@ -1,56 +0,0 @@
+-#
+-# crypto/whrlpool/Makefile
+-#
+-
+-DIR= whrlpool
+-TOP= ../..
+-CC= cc
+-CPP= $(CC) -E
+-INCLUDES=
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-WP_ASM_OBJ=wp_block.o
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC=wp_dgst.c wp_block.c
+-LIBOBJ=wp_dgst.o $(WP_ASM_OBJ)
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= wp_locl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-wp-mmx.s: asm/wp-mmx.pl ../perlasm/x86asm.pl
+- $(PERL) asm/wp-mmx.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-
+-wp-x86_64.s: asm/wp-x86_64.pl
+- $(PERL) asm/wp-x86_64.pl $(PERLASM_SCHEME) $@
+-
+-$(LIBOBJ): $(LIBSRC)
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/whrlpool/asm/wp-mmx.pl b/crypto/whrlpool/asm/wp-mmx.pl
+index a71a29f..f63945c 100644
+--- a/crypto/whrlpool/asm/wp-mmx.pl
++++ b/crypto/whrlpool/asm/wp-mmx.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/whrlpool/asm/wp-x86_64.pl b/crypto/whrlpool/asm/wp-x86_64.pl
+index 5a3bdbc..a52f0b9 100644
+--- a/crypto/whrlpool/asm/wp-x86_64.pl
++++ b/crypto/whrlpool/asm/wp-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+diff --git a/crypto/whrlpool/wp_block.c b/crypto/whrlpool/wp_block.c
+index dc652e8..b29f037 100644
+--- a/crypto/whrlpool/wp_block.c
++++ b/crypto/whrlpool/wp_block.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /**
+ * The Whirlpool hashing function.
+ *
+diff --git a/crypto/whrlpool/wp_dgst.c b/crypto/whrlpool/wp_dgst.c
+index eeb420c..d852db6 100644
+--- a/crypto/whrlpool/wp_dgst.c
++++ b/crypto/whrlpool/wp_dgst.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /**
+ * The Whirlpool hashing function.
+ *
+diff --git a/crypto/whrlpool/wp_locl.h b/crypto/whrlpool/wp_locl.h
+index 6e7b549..3a81cfd 100644
+--- a/crypto/whrlpool/wp_locl.h
++++ b/crypto/whrlpool/wp_locl.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <openssl/whrlpool.h>
+
+ void whirlpool_block(WHIRLPOOL_CTX *, const void *, size_t);
+diff --git a/crypto/x509/Makefile.in b/crypto/x509/Makefile.in
+deleted file mode 100644
+index 8b11dc4..0000000
+--- a/crypto/x509/Makefile.in
++++ /dev/null
+@@ -1,57 +0,0 @@
+-#
+-# OpenSSL/crypto/x509/Makefile
+-#
+-
+-DIR= x509
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile README
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
+- x509_obj.c x509_req.c x509spki.c x509_vfy.c \
+- x509_set.c x509cset.c x509rset.c x509_err.c \
+- x509name.c x509_v3.c x509_ext.c x509_att.c \
+- x509type.c x509_lu.c x_all.c x509_txt.c \
+- x509_trs.c by_file.c by_dir.c x509_vpm.c \
+- x_crl.c t_crl.c x_req.c t_req.c x_x509.c t_x509.c \
+- x_pubkey.c x_x509a.c x_attrib.c x_exten.c x_name.c
+-LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
+- x509_obj.o x509_req.o x509spki.o x509_vfy.o \
+- x509_set.o x509cset.o x509rset.o x509_err.o \
+- x509name.o x509_v3.o x509_ext.o x509_att.o \
+- x509type.o x509_lu.o x_all.o x509_txt.o \
+- x509_trs.o by_file.o by_dir.o x509_vpm.o \
+- x_crl.o t_crl.o x_req.o t_req.o x_x509.o t_x509.o \
+- x_pubkey.o x_x509a.o x_attrib.o x_exten.o x_name.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= x509_lcl.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
+index 5524117..5473cb1 100644
+--- a/crypto/x509/by_dir.c
++++ b/crypto/x509/by_dir.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -71,7 +23,6 @@
+
+ #include <openssl/lhash.h>
+ #include <openssl/x509.h>
+-#include "internal/threads.h"
+ #include "internal/x509_int.h"
+ #include "x509_lcl.h"
+
+diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
+index eea7a7e..4376bed 100644
+--- a/crypto/x509/by_file.c
++++ b/crypto/x509/by_file.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/t_crl.c b/crypto/x509/t_crl.c
+index d4d916e..9b6b5a5 100644
+--- a/crypto/x509/t_crl.c
++++ b/crypto/x509/t_crl.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/t_req.c b/crypto/x509/t_req.c
+index afe59c4..0d0447b 100644
+--- a/crypto/x509/t_req.c
++++ b/crypto/x509/t_req.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -181,6 +133,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
+ goto err;
+ if ((type == V_ASN1_PRINTABLESTRING) ||
+ (type == V_ASN1_T61STRING) ||
++ (type == V_ASN1_UTF8STRING) ||
+ (type == V_ASN1_IA5STRING)) {
+ if (BIO_write(bp, (char *)bs->data, bs->length)
+ != bs->length)
+diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c
+index 996a755..5fbe767 100644
+--- a/crypto/x509/t_x509.c
++++ b/crypto/x509/t_x509.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c
+index fb04cdc..3708d43 100644
+--- a/crypto/x509/x509_att.c
++++ b/crypto/x509/x509_att.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -288,7 +240,7 @@ int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
+ return (0);
+ ASN1_OBJECT_free(attr->object);
+ attr->object = OBJ_dup(obj);
+- return (1);
++ return attr->object != NULL;
+ }
+
+ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
+diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
+index d3b2c19..63cef40 100644
+--- a/crypto/x509/x509_cmp.c
++++ b/crypto/x509/x509_cmp.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -187,9 +139,10 @@ int X509_cmp(const X509 *a, const X509 *b)
+ return rv;
+ /* Check for match against stored encoding too */
+ if (!a->cert_info.enc.modified && !b->cert_info.enc.modified) {
+- rv = (int)(a->cert_info.enc.len - b->cert_info.enc.len);
+- if (rv)
+- return rv;
++ if (a->cert_info.enc.len < b->cert_info.enc.len)
++ return -1;
++ if (a->cert_info.enc.len > b->cert_info.enc.len)
++ return 1;
+ return memcmp(a->cert_info.enc.enc, b->cert_info.enc.enc,
+ a->cert_info.enc.len);
+ }
+diff --git a/crypto/x509/x509_d2.c b/crypto/x509/x509_d2.c
+index d833733..cb03dbf 100644
+--- a/crypto/x509/x509_d2.c
++++ b/crypto/x509/x509_d2.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509_def.c b/crypto/x509/x509_def.c
+index 0633cae..d11358e 100644
+--- a/crypto/x509/x509_def.c
++++ b/crypto/x509/x509_def.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c
+index d140d52..dbebbaa 100644
+--- a/crypto/x509/x509_err.c
++++ b/crypto/x509/x509_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -109,6 +59,7 @@ static ERR_STRING_DATA X509_str_functs[] = {
+ "X509_NAME_ENTRY_set_object"},
+ {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
+ {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
++ {ERR_FUNC(X509_F_X509_OBJECT_NEW), "X509_OBJECT_new"},
+ {ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"},
+ {ERR_FUNC(X509_F_X509_PUBKEY_DECODE), "x509_pubkey_decode"},
+ {ERR_FUNC(X509_F_X509_PUBKEY_GET0), "X509_PUBKEY_get0"},
+@@ -126,8 +77,6 @@ static ERR_STRING_DATA X509_str_functs[] = {
+ {ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"},
+ {ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT),
+ "X509_STORE_CTX_purpose_inherit"},
+- {ERR_FUNC(X509_F_X509_STORE_GET_X509_BY_SUBJECT),
+- "X509_STORE_get_X509_by_subject"},
+ {ERR_FUNC(X509_F_X509_TO_X509_REQ), "X509_to_X509_REQ"},
+ {ERR_FUNC(X509_F_X509_TRUST_ADD), "X509_TRUST_add"},
+ {ERR_FUNC(X509_F_X509_TRUST_SET), "X509_TRUST_set"},
+@@ -145,7 +94,6 @@ static ERR_STRING_DATA X509_str_reasons[] = {
+ "cert already in hash table"},
+ {ERR_REASON(X509_R_CRL_ALREADY_DELTA), "crl already delta"},
+ {ERR_REASON(X509_R_CRL_VERIFY_FAILURE), "crl verify failure"},
+- {ERR_REASON(X509_R_ERR_ASN1_LIB), "err asn1 lib"},
+ {ERR_REASON(X509_R_IDP_MISMATCH), "idp mismatch"},
+ {ERR_REASON(X509_R_INVALID_DIRECTORY), "invalid directory"},
+ {ERR_REASON(X509_R_INVALID_FIELD_NAME), "invalid field name"},
+@@ -156,6 +104,7 @@ static ERR_STRING_DATA X509_str_reasons[] = {
+ {ERR_REASON(X509_R_LOADING_CERT_DIR), "loading cert dir"},
+ {ERR_REASON(X509_R_LOADING_DEFAULTS), "loading defaults"},
+ {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED), "method not supported"},
++ {ERR_REASON(X509_R_NAME_TOO_LONG), "name too long"},
+ {ERR_REASON(X509_R_NEWER_CRL_NOT_NEWER), "newer crl not newer"},
+ {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),
+ "no cert set for us to verify"},
+diff --git a/crypto/x509/x509_ext.c b/crypto/x509/x509_ext.c
+index 9691d2d..b01ad12 100644
+--- a/crypto/x509/x509_ext.c
++++ b/crypto/x509/x509_ext.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509_lcl.h b/crypto/x509/x509_lcl.h
+index db98a10..340bb60 100644
+--- a/crypto/x509/x509_lcl.h
++++ b/crypto/x509/x509_lcl.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2013.
+- */
+-/* ====================================================================
+- * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
+index b822966..ea7f471 100644
+--- a/crypto/x509/x509_lu.c
++++ b/crypto/x509/x509_lu.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -294,25 +246,22 @@ X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
+ }
+ }
+
+-X509_OBJECT *X509_STORE_get_X509_by_subject(X509_STORE_CTX *vs, int type,
+- X509_NAME *name)
++X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs, int type,
++ X509_NAME *name)
+ {
+- X509_OBJECT *ret;
++ X509_OBJECT *ret = X509_OBJECT_new();
+
+- ret = OPENSSL_malloc(sizeof (*ret));
+- if (ret == NULL) {
+- X509err(X509_F_X509_STORE_GET_X509_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
++ if (ret == NULL)
+ return NULL;
+- }
+- if (!X509_STORE_get_by_subject(vs, type, name, ret)) {
+- OPENSSL_free(ret);
++ if (!X509_STORE_CTX_get_by_subject(vs, type, name, ret)) {
++ X509_OBJECT_free(ret);
+ return NULL;
+ }
+ return ret;
+ }
+
+-int X509_STORE_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
+- X509_NAME *name, X509_OBJECT *ret)
++int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
++ X509_NAME *name, X509_OBJECT *ret)
+ {
+ X509_STORE *ctx = vs->ctx;
+ X509_LOOKUP *lu;
+@@ -341,9 +290,6 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
+ return 0;
+ }
+
+-/*- if (ret->data.ptr != NULL)
+- X509_OBJECT_free_contents(ret); */
+-
+ ret->type = tmp->type;
+ ret->data.ptr = tmp->data.ptr;
+
+@@ -359,11 +305,9 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
+
+ if (x == NULL)
+ return 0;
+- obj = OPENSSL_malloc(sizeof(*obj));
+- if (obj == NULL) {
+- X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE);
++ obj = X509_OBJECT_new();
++ if (obj == NULL)
+ return 0;
+- }
+ obj->type = X509_LU_X509;
+ obj->data.x509 = x;
+
+@@ -372,8 +316,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
+ X509_OBJECT_up_ref_count(obj);
+
+ if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
+- X509_OBJECT_free_contents(obj);
+- OPENSSL_free(obj);
++ X509_OBJECT_free(obj);
+ X509err(X509_F_X509_STORE_ADD_CERT,
+ X509_R_CERT_ALREADY_IN_HASH_TABLE);
+ ret = 0;
+@@ -392,11 +335,9 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
+
+ if (x == NULL)
+ return 0;
+- obj = OPENSSL_malloc(sizeof(*obj));
+- if (obj == NULL) {
+- X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE);
++ obj = X509_OBJECT_new();
++ if (obj == NULL)
+ return 0;
+- }
+ obj->type = X509_LU_CRL;
+ obj->data.crl = x;
+
+@@ -405,8 +346,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
+ X509_OBJECT_up_ref_count(obj);
+
+ if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
+- X509_OBJECT_free_contents(obj);
+- OPENSSL_free(obj);
++ X509_OBJECT_free(obj);
+ X509err(X509_F_X509_STORE_ADD_CRL, X509_R_CERT_ALREADY_IN_HASH_TABLE);
+ ret = 0;
+ } else
+@@ -417,34 +357,52 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
+ return ret;
+ }
+
+-void X509_OBJECT_up_ref_count(X509_OBJECT *a)
++int X509_OBJECT_up_ref_count(X509_OBJECT *a)
+ {
+ switch (a->type) {
+ default:
+ break;
+ case X509_LU_X509:
+- X509_up_ref(a->data.x509);
+- break;
++ return X509_up_ref(a->data.x509);
+ case X509_LU_CRL:
+- X509_CRL_up_ref(a->data.crl);
+- break;
++ return X509_CRL_up_ref(a->data.crl);
+ }
++ return 1;
+ }
+
+ X509 *X509_OBJECT_get0_X509(X509_OBJECT *a)
+ {
++ if (a == NULL || a->type != X509_LU_X509)
++ return NULL;
+ return a->data.x509;
+ }
+
+-void X509_OBJECT_free(X509_OBJECT *a)
++X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *a)
+ {
+- if (a == NULL)
+- return;
+- X509_OBJECT_free_contents(a);
+- OPENSSL_free(a);
++ if (a == NULL || a->type != X509_LU_CRL)
++ return NULL;
++ return a->data.crl;
+ }
+
+-void X509_OBJECT_free_contents(X509_OBJECT *a)
++int X509_OBJECT_get_type(X509_OBJECT *a)
++{
++ return a->type;
++}
++
++X509_OBJECT *X509_OBJECT_new()
++{
++ X509_OBJECT *ret = OPENSSL_zalloc(sizeof(*ret));
++
++ if (ret == NULL) {
++ X509err(X509_F_X509_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
++ return NULL;
++ }
++ ret->type = X509_LU_FAIL;
++ return ret;
++}
++
++
++void X509_OBJECT_free(X509_OBJECT *a)
+ {
+ if (a == NULL)
+ return;
+@@ -458,6 +416,7 @@ void X509_OBJECT_free_contents(X509_OBJECT *a)
+ X509_CRL_free(a->data.crl);
+ break;
+ }
++ OPENSSL_free(a);
+ }
+
+ static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type,
+@@ -515,13 +474,18 @@ X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+ return sk_X509_OBJECT_value(h, idx);
+ }
+
+-STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
++STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v)
++{
++ return v->objs;
++}
++
++STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
+ {
+ int i, idx, cnt;
+- STACK_OF(X509) *sk;
++ STACK_OF(X509) *sk = NULL;
+ X509 *x;
+ X509_OBJECT *obj;
+- sk = sk_X509_new_null();
++
+ CRYPTO_THREAD_write_lock(ctx->ctx->lock);
+ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
+ if (idx < 0) {
+@@ -529,21 +493,25 @@ STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
+ * Nothing found in cache: do lookup to possibly add new objects to
+ * cache
+ */
+- X509_OBJECT xobj;
++ X509_OBJECT *xobj = X509_OBJECT_new();
++
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
+- if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
+- sk_X509_free(sk);
++ if (xobj == NULL)
++ return NULL;
++ if (!X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509, nm, xobj)) {
++ X509_OBJECT_free(xobj);
+ return NULL;
+ }
+- X509_OBJECT_free_contents(&xobj);
++ X509_OBJECT_free(xobj);
+ CRYPTO_THREAD_write_lock(ctx->ctx->lock);
+ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
+ if (idx < 0) {
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
+- sk_X509_free(sk);
+ return NULL;
+ }
+ }
++
++ sk = sk_X509_new_null();
+ for (i = 0; i < cnt; i++, idx++) {
+ obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
+ x = obj->data.x509;
+@@ -557,25 +525,23 @@ STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
+ }
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
+ return sk;
+-
+ }
+
+-STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
++STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
+ {
+ int i, idx, cnt;
+- STACK_OF(X509_CRL) *sk;
++ STACK_OF(X509_CRL) *sk = sk_X509_CRL_new_null();
+ X509_CRL *x;
+- X509_OBJECT *obj, xobj;
+- sk = sk_X509_CRL_new_null();
++ X509_OBJECT *obj, *xobj = X509_OBJECT_new();
+
+- /*
+- * Always do lookup to possibly add new CRLs to cache
+- */
+- if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) {
++ /* Always do lookup to possibly add new CRLs to cache */
++ if (sk == NULL || xobj == NULL ||
++ !X509_STORE_CTX_get_by_subject(ctx, X509_LU_CRL, nm, xobj)) {
++ X509_OBJECT_free(xobj);
+ sk_X509_CRL_free(sk);
+ return NULL;
+ }
+- X509_OBJECT_free_contents(&xobj);
++ X509_OBJECT_free(xobj);
+ CRYPTO_THREAD_write_lock(ctx->ctx->lock);
+ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
+ if (idx < 0) {
+@@ -641,32 +607,36 @@ X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
+ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
+ {
+ X509_NAME *xn;
+- X509_OBJECT obj, *pobj;
++ X509_OBJECT *obj = X509_OBJECT_new(), *pobj = NULL;
+ int i, ok, idx, ret;
+
++ if (obj == NULL)
++ return -1;
+ *issuer = NULL;
+ xn = X509_get_issuer_name(x);
+- ok = X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj);
++ ok = X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509, xn, obj);
+ if (ok != X509_LU_X509) {
++ X509_OBJECT_free(obj);
+ if (ok == X509_LU_RETRY) {
+- X509_OBJECT_free_contents(&obj);
+ X509err(X509_F_X509_STORE_CTX_GET1_ISSUER, X509_R_SHOULD_RETRY);
+ return -1;
+- } else if (ok != X509_LU_FAIL) {
+- X509_OBJECT_free_contents(&obj);
++ }
++ if (ok != X509_LU_FAIL) {
+ /* not good :-(, break anyway */
+ return -1;
+ }
+ return 0;
+ }
+ /* If certificate matches all OK */
+- if (ctx->check_issued(ctx, x, obj.data.x509)) {
+- if (x509_check_cert_time(ctx, obj.data.x509, -1)) {
+- *issuer = obj.data.x509;
++ if (ctx->check_issued(ctx, x, obj->data.x509)) {
++ if (x509_check_cert_time(ctx, obj->data.x509, -1)) {
++ *issuer = obj->data.x509;
++ X509_up_ref(*issuer);
++ X509_OBJECT_free(obj);
+ return 1;
+ }
+ }
+- X509_OBJECT_free_contents(&obj);
++ X509_OBJECT_free(obj);
+
+ /* Else find index of first cert accepted by 'check_issued' */
+ ret = 0;
+@@ -729,12 +699,22 @@ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
+ return X509_VERIFY_PARAM_set1(ctx->param, param);
+ }
+
++X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx)
++{
++ return ctx->param;
++}
++
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+ int (*verify_cb) (int, X509_STORE_CTX *))
+ {
+ ctx->verify_cb = verify_cb;
+ }
+
++void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify verify)
++{
++ ctx->verify = verify;
++}
++
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+ STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
+ *ctx,
+@@ -743,6 +723,16 @@ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+ ctx->lookup_crls = cb;
+ }
+
++int X509_STORE_set_ex_data(X509_STORE *ctx, int idx, void *data)
++{
++ return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);
++}
++
++void *X509_STORE_get_ex_data(X509_STORE *ctx, int idx)
++{
++ return CRYPTO_get_ex_data(&ctx->ex_data, idx);
++}
++
+ X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx)
+ {
+ return ctx->ctx;
+diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
+index 8b4d436..ccec20d 100644
+--- a/crypto/x509/x509_obj.c
++++ b/crypto/x509/x509_obj.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -63,6 +15,13 @@
+ #include <openssl/buffer.h>
+ #include "internal/x509_int.h"
+
++/*
++ * Limit to ensure we don't overflow: much greater than
++ * anything enountered in practice.
++ */
++
++#define NAME_ONELINE_MAX (1024 * 1024)
++
+ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
+ {
+ X509_NAME_ENTRY *ne;
+@@ -76,7 +35,7 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
+ int gs_doit[4];
+ char tmp_buf[80];
+ #ifdef CHARSET_EBCDIC
+- char ebcdic_buf[1024];
++ unsigned char ebcdic_buf[1024];
+ #endif
+
+ if (buf == NULL) {
+@@ -86,6 +45,8 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
+ goto err;
+ b->data[0] = '\0';
+ len = 200;
++ } else if (len == 0) {
++ return NULL;
+ }
+ if (a == NULL) {
+ if (b) {
+@@ -110,15 +71,20 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
+
+ type = ne->value->type;
+ num = ne->value->length;
++ if (num > NAME_ONELINE_MAX) {
++ X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
++ goto end;
++ }
+ q = ne->value->data;
+ #ifdef CHARSET_EBCDIC
+ if (type == V_ASN1_GENERALSTRING ||
+ type == V_ASN1_VISIBLESTRING ||
+ type == V_ASN1_PRINTABLESTRING ||
+ type == V_ASN1_TELETEXSTRING ||
+- type == V_ASN1_VISIBLESTRING || type == V_ASN1_IA5STRING) {
+- ascii2ebcdic(ebcdic_buf, q, (num > sizeof ebcdic_buf)
+- ? sizeof ebcdic_buf : num);
++ type == V_ASN1_IA5STRING) {
++ if (num > (int)sizeof(ebcdic_buf))
++ num = sizeof(ebcdic_buf);
++ ascii2ebcdic(ebcdic_buf, q, num);
+ q = ebcdic_buf;
+ }
+ #endif
+@@ -154,6 +120,10 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
+
+ lold = l;
+ l += 1 + l1 + 1 + l2;
++ if (l > NAME_ONELINE_MAX) {
++ X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
++ goto end;
++ }
+ if (b != NULL) {
+ if (!BUF_MEM_grow(b, l + 1))
+ goto err;
+@@ -206,6 +176,7 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
+ return (p);
+ err:
+ X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
++ end:
+ BUF_MEM_free(b);
+ return (NULL);
+ }
+diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
+index d082636..3d72787 100644
+--- a/crypto/x509/x509_r2x.c
++++ b/crypto/x509/x509_r2x.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
+index 2b2cbce..3574322 100644
+--- a/crypto/x509/x509_req.c
++++ b/crypto/x509/x509_req.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
+index 360ead8..6addfbe 100644
+--- a/crypto/x509/x509_set.c
++++ b/crypto/x509/x509_set.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -146,10 +98,16 @@ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
+ return (X509_PUBKEY_set(&(x->cert_info.key), pkey));
+ }
+
+-void X509_up_ref(X509 *x)
++int X509_up_ref(X509 *x)
+ {
+ int i;
+- CRYPTO_atomic_add(&x->references, 1, &i, x->lock);
++
++ if (CRYPTO_atomic_add(&x->references, 1, &i, x->lock) <= 0)
++ return 0;
++
++ REF_PRINT_COUNT("X509", x);
++ REF_ASSERT_ISNT(i < 2);
++ return ((i > 1) ? 1 : 0);
+ }
+
+ long X509_get_version(X509 *x)
+diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c
+index 4c5281a..db0024f 100644
+--- a/crypto/x509/x509_trs.c
++++ b/crypto/x509/x509_trs.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
+index 8a9a7f0..ae54de1 100644
+--- a/crypto/x509/x509_txt.c
++++ b/crypto/x509/x509_txt.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -209,6 +161,12 @@ const char *X509_verify_cert_error_string(long n)
+ return ("CA certificate key too weak");
+ case X509_V_ERR_CA_MD_TOO_WEAK:
+ return ("CA signature digest algorithm too weak");
++ case X509_V_ERR_INVALID_CALL:
++ return ("Invalid certificate verification context");
++ case X509_V_ERR_STORE_LOOKUP:
++ return ("Issuer certificate lookup error");
++ case X509_V_ERR_NO_VALID_SCTS:
++ return ("Certificate Transparency required, but no valid SCTs found");
+
+ default:
+ /* Printing an error number into a static buffer is not thread-safe */
+diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c
+index f3fe305..ce69d19 100644
+--- a/crypto/x509/x509_v3.c
++++ b/crypto/x509/x509_v3.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -235,7 +187,7 @@ int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
+ return (0);
+ ASN1_OBJECT_free(ex->object);
+ ex->object = OBJ_dup(obj);
+- return (1);
++ return ex->object != NULL;
+ }
+
+ int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
+diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
+index efa6bca..a5e7789 100644
+--- a/crypto/x509/x509_vfy.c
++++ b/crypto/x509/x509_vfy.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -299,9 +251,11 @@ static int verify_chain(X509_STORE_CTX *ctx)
+ int X509_verify_cert(X509_STORE_CTX *ctx)
+ {
+ SSL_DANE *dane = ctx->dane;
++ int ret;
+
+ if (ctx->cert == NULL) {
+ X509err(X509_F_X509_VERIFY_CERT, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
++ ctx->error = X509_V_ERR_INVALID_CALL;
+ return -1;
+ }
+
+@@ -311,6 +265,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
+ * cannot do another one.
+ */
+ X509err(X509_F_X509_VERIFY_CERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
++ ctx->error = X509_V_ERR_INVALID_CALL;
+ return -1;
+ }
+
+@@ -321,6 +276,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
+ if (((ctx->chain = sk_X509_new_null()) == NULL) ||
+ (!sk_X509_push(ctx->chain, ctx->cert))) {
+ X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
++ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ return -1;
+ }
+ X509_up_ref(ctx->cert);
+@@ -331,15 +287,19 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
+ !verify_cb_cert(ctx, ctx->cert, 0, X509_V_ERR_EE_KEY_TOO_SMALL))
+ return 0;
+
++ if (DANETLS_ENABLED(dane))
++ ret = dane_verify(ctx);
++ else
++ ret = verify_chain(ctx);
++
+ /*
+- * If dane->trecs is an empty stack, we'll fail, since the user enabled
+- * DANE. If none of the TLSA records were usable, and it makes sense to
+- * keep going with an unauthenticated handshake, they can handle that in
+- * the verify callback, or not set SSL_VERIFY_PEER.
++ * Safety-net. If we are returning an error, we must also set ctx->error,
++ * so that the chain is not considered verified should the error be ignored
++ * (e.g. TLS with SSL_VERIFY_NONE).
+ */
+- if (DANETLS_ENABLED(dane))
+- return dane_verify(ctx);
+- return verify_chain(ctx);
++ if (ret <= 0 && ctx->error == X509_V_OK)
++ ctx->error = X509_V_ERR_UNSPECIFIED;
++ return ret;
+ }
+
+ /*
+@@ -610,8 +570,16 @@ static int check_name_constraints(X509_STORE_CTX *ctx)
+ if (nc) {
+ int rv = NAME_CONSTRAINTS_check(x, nc);
+
+- if (rv != X509_V_OK && !verify_cb_cert(ctx, x, i, rv))
++ switch (rv) {
++ case X509_V_OK:
++ break;
++ case X509_V_ERR_OUT_OF_MEM:
+ return 0;
++ default:
++ if (!verify_cb_cert(ctx, x, i, rv))
++ return 0;
++ break;
++ }
+ }
+ }
+ }
+@@ -1505,6 +1473,7 @@ static int check_policy(X509_STORE_CTX *ctx)
+ */
+ if (ctx->bare_ta_signed && !sk_X509_push(ctx->chain, NULL)) {
+ X509err(X509_F_CHECK_POLICY, ERR_R_MALLOC_FAILURE);
++ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ return 0;
+ }
+ ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
+@@ -1514,6 +1483,7 @@ static int check_policy(X509_STORE_CTX *ctx)
+
+ if (ret == X509_PCY_TREE_INTERNAL) {
+ X509err(X509_F_CHECK_POLICY, ERR_R_MALLOC_FAILURE);
++ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ return 0;
+ }
+ /* Invalid or inconsistent extensions */
+@@ -1544,7 +1514,12 @@ static int check_policy(X509_STORE_CTX *ctx)
+
+ if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) {
+ ctx->current_cert = NULL;
+- ctx->error = X509_V_OK;
++ /*
++ * Verification errors need to be "sticky", a callback may have allowed
++ * an SSL handshake to continue despite an error, and we must then
++ * remain in an error state. Therefore, we MUST NOT clear earlier
++ * verification errors by setting the error to X509_V_OK.
++ */
+ if (!ctx->verify_cb(2, ctx))
+ return 0;
+ }
+@@ -1989,11 +1964,21 @@ int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
+ return ctx->error_depth;
+ }
+
++void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth)
++{
++ ctx->error_depth = depth;
++}
++
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
+ {
+ return ctx->current_cert;
+ }
+
++void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x)
++{
++ ctx->current_cert = x;
++}
++
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx)
+ {
+ return ctx->chain;
+@@ -2161,11 +2146,10 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
+ /* Zero ex_data to make sure we're cleanup-safe */
+ memset(&ctx->ex_data, 0, sizeof(ctx->ex_data));
+
+- if (store) {
+- ctx->verify_cb = store->verify_cb;
+- /* Seems to always be 0 in OpenSSL, else must be idempotent */
++ /* store->cleanup is always 0 in OpenSSL, if set must be idempotent */
++ if (store)
+ ctx->cleanup = store->cleanup;
+- } else
++ else
+ ctx->cleanup = 0;
+
+ if (store && store->check_issued)
+@@ -2211,12 +2195,12 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
+ if (store && store->lookup_certs)
+ ctx->lookup_certs = store->lookup_certs;
+ else
+- ctx->lookup_certs = X509_STORE_get1_certs;
++ ctx->lookup_certs = X509_STORE_CTX_get1_certs;
+
+ if (store && store->lookup_crls)
+ ctx->lookup_crls = store->lookup_crls;
+ else
+- ctx->lookup_crls = X509_STORE_get1_crls;
++ ctx->lookup_crls = X509_STORE_CTX_get1_crls;
+
+ ctx->check_policy = check_policy;
+
+@@ -2549,9 +2533,9 @@ static int dane_match(X509_STORE_CTX *ctx, X509 *cert, int depth)
+ cmplen = i2dlen;
+
+ if (md != NULL) {
+- cmpbuf = mdbuf;
+- if (!EVP_Digest(i2dbuf, i2dlen, cmpbuf, &cmplen, md, 0)) {
+- matched = -1;
++ cmpbuf = mdbuf;
++ if (!EVP_Digest(i2dbuf, i2dlen, cmpbuf, &cmplen, md, 0)) {
++ matched = -1;
+ break;
+ }
+ }
+@@ -2781,15 +2765,31 @@ static int build_chain(X509_STORE_CTX *ctx)
+ */
+ if (ctx->untrusted && (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) {
+ X509err(X509_F_BUILD_CHAIN, ERR_R_MALLOC_FAILURE);
++ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ return 0;
+ }
+
+- /* Include any untrusted full certificates from DNS */
++ /*
++ * If we got any "DANE-TA(2) Cert(0) Full(0)" trust-anchors from DNS, add
++ * them to our working copy of the untrusted certificate stack. Since the
++ * caller of X509_STORE_CTX_init() may have provided only a leaf cert with
++ * no corresponding stack of untrusted certificates, we may need to create
++ * an empty stack first. [ At present only the ssl library provides DANE
++ * support, and ssl_verify_cert_chain() always provides a non-null stack
++ * containing at least the leaf certificate, but we must be prepared for
++ * this to change. ]
++ */
+ if (DANETLS_ENABLED(dane) && dane->certs != NULL) {
++ if (sktmp == NULL && (sktmp = sk_X509_new_null()) == NULL) {
++ X509err(X509_F_BUILD_CHAIN, ERR_R_MALLOC_FAILURE);
++ ctx->error = X509_V_ERR_OUT_OF_MEM;
++ return 0;
++ }
+ for (i = 0; i < sk_X509_num(dane->certs); ++i) {
+ if (!sk_X509_push(sktmp, sk_X509_value(dane->certs, i))) {
+ sk_X509_free(sktmp);
+ X509err(X509_F_BUILD_CHAIN, ERR_R_MALLOC_FAILURE);
++ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ return 0;
+ }
+ }
+@@ -2853,6 +2853,7 @@ static int build_chain(X509_STORE_CTX *ctx)
+
+ if (ok < 0) {
+ trust = X509_TRUST_REJECTED;
++ ctx->error = X509_V_ERR_STORE_LOOKUP;
+ search = 0;
+ continue;
+ }
+@@ -2899,6 +2900,7 @@ static int build_chain(X509_STORE_CTX *ctx)
+ X509_free(xtmp);
+ X509err(X509_F_BUILD_CHAIN, ERR_R_MALLOC_FAILURE);
+ trust = X509_TRUST_REJECTED;
++ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ search = 0;
+ continue;
+ }
+@@ -2995,6 +2997,7 @@ static int build_chain(X509_STORE_CTX *ctx)
+ if (!sk_X509_push(ctx->chain, xtmp)) {
+ X509err(X509_F_BUILD_CHAIN, ERR_R_MALLOC_FAILURE);
+ trust = X509_TRUST_REJECTED;
++ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ search = 0;
+ continue;
+ }
+diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
+index 4a0bed0..f7ecdec 100644
+--- a/crypto/x509/x509_vpm.c
++++ b/crypto/x509/x509_vpm.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
+index ab5f192..43ff668 100644
+--- a/crypto/x509/x509cset.c
++++ b/crypto/x509/x509cset.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -132,10 +83,16 @@ int X509_CRL_sort(X509_CRL *c)
+ return 1;
+ }
+
+-void X509_CRL_up_ref(X509_CRL *crl)
++int X509_CRL_up_ref(X509_CRL *crl)
+ {
+ int i;
+- CRYPTO_atomic_add(&crl->references, 1, &i, crl->lock);
++
++ if (CRYPTO_atomic_add(&crl->references, 1, &i, crl->lock) <= 0)
++ return 0;
++
++ REF_PRINT_COUNT("X509_CRL", crl);
++ REF_ASSERT_ISNT(i < 2);
++ return ((i > 1) ? 1 : 0);
+ }
+
+ long X509_CRL_get_version(X509_CRL *crl)
+diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
+index 2a5e1ce..6cd22b4 100644
+--- a/crypto/x509/x509name.c
++++ b/crypto/x509/x509name.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509rset.c b/crypto/x509/x509rset.c
+index e8afcac..6dee297 100644
+--- a/crypto/x509/x509rset.c
++++ b/crypto/x509/x509rset.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509spki.c b/crypto/x509/x509spki.c
+index 6efcb96..b142485 100644
+--- a/crypto/x509/x509spki.c
++++ b/crypto/x509/x509spki.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c
+index 870b47f..9acab04 100644
+--- a/crypto/x509/x509type.c
++++ b/crypto/x509/x509type.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
+index 0f28c58..d9f42ed 100644
+--- a/crypto/x509/x_all.c
++++ b/crypto/x509/x_all.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x_attrib.c b/crypto/x509/x_attrib.c
+index 7ee99ca..35f4aee 100644
+--- a/crypto/x509/x_attrib.c
++++ b/crypto/x509/x_attrib.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
+index 0be8405..f4bcea5 100644
+--- a/crypto/x509/x_crl.c
++++ b/crypto/x509/x_crl.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x_exten.c b/crypto/x509/x_exten.c
+index 3b4dd86..f10f4a4 100644
+--- a/crypto/x509/x_exten.c
++++ b/crypto/x509/x_exten.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c
+index 5e6abeb..f0b35fb 100644
+--- a/crypto/x509/x_name.c
++++ b/crypto/x509/x_name.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -64,6 +16,13 @@
+ #include "internal/asn1_int.h"
+ #include "x509_lcl.h"
+
++/*
++ * Maximum length of X509_NAME: much larger than anything we should
++ * ever see in practice.
++ */
++
++#define X509_NAME_MAX (1024 * 1024)
++
+ static int x509_name_ex_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long len,
+ const ASN1_ITEM *it,
+@@ -187,6 +146,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
+ int i, j, ret;
+ STACK_OF(X509_NAME_ENTRY) *entries;
+ X509_NAME_ENTRY *entry;
++ if (len > X509_NAME_MAX)
++ len = X509_NAME_MAX;
+ q = p;
+
+ /* Get internal representation of Name */
+@@ -335,7 +296,7 @@ static int x509_name_canon(X509_NAME *a)
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
+ STACK_OF(X509_NAME_ENTRY) *entries = NULL;
+ X509_NAME_ENTRY *entry, *tmpentry = NULL;
+- int i, set = -1, ret = 0;
++ int i, set = -1, ret = 0, len;
+
+ OPENSSL_free(a->canon_enc);
+ a->canon_enc = NULL;
+@@ -370,7 +331,10 @@ static int x509_name_canon(X509_NAME *a)
+
+ /* Finally generate encoding */
+
+- a->canon_enclen = i2d_name_canon(intname, NULL);
++ len = i2d_name_canon(intname, NULL);
++ if (len < 0)
++ goto err;
++ a->canon_enclen = len;
+
+ p = OPENSSL_malloc(a->canon_enclen);
+
+diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
+index 485d768..cc69283 100644
+--- a/crypto/x509/x_pubkey.c
++++ b/crypto/x509/x_pubkey.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x_req.c b/crypto/x509/x_req.c
+index 2fdf015..c2da95a 100644
+--- a/crypto/x509/x_req.c
++++ b/crypto/x509/x_req.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
+index 3463955..9445430 100644
+--- a/crypto/x509/x_x509.c
++++ b/crypto/x509/x_x509.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -99,7 +51,8 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ #endif
+ ret->aux = NULL;
+ ret->crldp = NULL;
+- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
++ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data))
++ return 0;
+ break;
+
+ case ASN1_OP_FREE_POST:
+@@ -180,12 +133,72 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
+ return NULL;
+ }
+
++/*
++ * Serialize trusted certificate to *pp or just return the required buffer
++ * length if pp == NULL. We ultimately want to avoid modifying *pp in the
++ * error path, but that depends on similar hygiene in lower-level functions.
++ * Here we avoid compounding the problem.
++ */
++static int i2d_x509_aux_internal(X509 *a, unsigned char **pp)
++{
++ int length, tmplen;
++ unsigned char *start = pp != NULL ? *pp : NULL;
++
++ OPENSSL_assert(pp == NULL || *pp != NULL);
++
++ /*
++ * This might perturb *pp on error, but fixing that belongs in i2d_X509()
++ * not here. It should be that if a == NULL length is zero, but we check
++ * both just in case.
++ */
++ length = i2d_X509(a, pp);
++ if (length <= 0 || a == NULL)
++ return length;
++
++ tmplen = i2d_X509_CERT_AUX(a->aux, pp);
++ if (tmplen < 0) {
++ if (start != NULL)
++ *pp = start;
++ return tmplen;
++ }
++ length += tmplen;
++
++ return length;
++}
++
++/*
++ * Serialize trusted certificate to *pp, or just return the required buffer
++ * length if pp == NULL.
++ *
++ * When pp is not NULL, but *pp == NULL, we allocate the buffer, but since
++ * we're writing two ASN.1 objects back to back, we can't have i2d_X509() do
++ * the allocation, nor can we allow i2d_X509_CERT_AUX() to increment the
++ * allocated buffer.
++ */
+ int i2d_X509_AUX(X509 *a, unsigned char **pp)
+ {
+ int length;
+- length = i2d_X509(a, pp);
+- if (a)
+- length += i2d_X509_CERT_AUX(a->aux, pp);
++ unsigned char *tmp;
++
++ /* Buffer provided by caller */
++ if (pp == NULL || *pp != NULL)
++ return i2d_x509_aux_internal(a, pp);
++
++ /* Obtain the combined length */
++ if ((length = i2d_x509_aux_internal(a, NULL)) <= 0)
++ return length;
++
++ /* Allocate requisite combined storage */
++ *pp = tmp = OPENSSL_malloc(length);
++ if (tmp == NULL)
++ return -1; /* Push error onto error stack? */
++
++ /* Encode, but keep *pp at the originally malloced pointer */
++ length = i2d_x509_aux_internal(a, &tmp);
++ if (length <= 0) {
++ OPENSSL_free(*pp);
++ *pp = NULL;
++ }
+ return length;
+ }
+
+diff --git a/crypto/x509/x_x509a.c b/crypto/x509/x_x509a.c
+index a274ec9..2efa214 100644
+--- a/crypto/x509/x_x509a.c
++++ b/crypto/x509/x_x509a.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/Makefile.in b/crypto/x509v3/Makefile.in
+deleted file mode 100644
+index 5598ddb..0000000
+--- a/crypto/x509v3/Makefile.in
++++ /dev/null
+@@ -1,53 +0,0 @@
+-#
+-# OpenSSL/crypto/x509v3/Makefile
+-#
+-
+-DIR= x509v3
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I.. -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile README
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \
+-v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \
+-v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \
+-v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c v3_pcia.c v3_pci.c \
+-pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c \
+-v3_asid.c v3_addr.c v3_tlsf.c
+-LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
+-v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
+-v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \
+-v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o v3_pcia.o v3_pci.o \
+-pcy_cache.o pcy_node.o pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o \
+-v3_asid.o v3_addr.o v3_tlsf.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= pcy_int.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+-
+-all: lib
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/crypto/x509v3/ext_dat.h b/crypto/x509v3/ext_dat.h
+index 4e213f3..332cb87 100644
+--- a/crypto/x509v3/ext_dat.h
++++ b/crypto/x509v3/ext_dat.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ int name_cmp(const char *name, const char *cmp);
+diff --git a/crypto/x509v3/pcy_cache.c b/crypto/x509v3/pcy_cache.c
+index bdce5a8..e254142 100644
+--- a/crypto/x509v3/pcy_cache.c
++++ b/crypto/x509v3/pcy_cache.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/x509v3/pcy_data.c b/crypto/x509v3/pcy_data.c
+index 03631d7..6cc74de 100644
+--- a/crypto/x509v3/pcy_data.c
++++ b/crypto/x509v3/pcy_data.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/x509v3/pcy_int.h b/crypto/x509v3/pcy_int.h
+index 809dc5e..5daf78d 100644
+--- a/crypto/x509v3/pcy_int.h
++++ b/crypto/x509v3/pcy_int.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ typedef struct X509_POLICY_DATA_st X509_POLICY_DATA;
+@@ -168,7 +119,7 @@ struct X509_POLICY_TREE_st {
+ * required.
+ */
+ STACK_OF(X509_POLICY_DATA) *extra_data;
+- /* This is the authority constained policy set */
++ /* This is the authority constrained policy set */
+ STACK_OF(X509_POLICY_NODE) *auth_policies;
+ STACK_OF(X509_POLICY_NODE) *user_policies;
+ unsigned int flags;
+diff --git a/crypto/x509v3/pcy_lib.c b/crypto/x509v3/pcy_lib.c
+index f3ec70d..67f7eaf 100644
+--- a/crypto/x509v3/pcy_lib.c
++++ b/crypto/x509v3/pcy_lib.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/x509v3/pcy_map.c b/crypto/x509v3/pcy_map.c
+index 415e5dd..ab9dd21 100644
+--- a/crypto/x509v3/pcy_map.c
++++ b/crypto/x509v3/pcy_map.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/x509v3/pcy_node.c b/crypto/x509v3/pcy_node.c
+index 581c246..80443bf 100644
+--- a/crypto/x509v3/pcy_node.c
++++ b/crypto/x509v3/pcy_node.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/asn1.h>
+diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
+index b3995d6..8c13c53 100644
+--- a/crypto/x509v3/pcy_tree.c
++++ b/crypto/x509v3/pcy_tree.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/cryptlib.h"
+diff --git a/crypto/x509v3/tabtest.c b/crypto/x509v3/tabtest.c
+index 4a3d103..a33a63a 100644
+--- a/crypto/x509v3/tabtest.c
++++ b/crypto/x509v3/tabtest.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
+index 49d0d4d..be8ca5d 100644
+--- a/crypto/x509v3/v3_addr.c
++++ b/crypto/x509v3/v3_addr.c
+@@ -1,58 +1,10 @@
+ /*
+- * Contributed to the OpenSSL Project by the American Registry for
+- * Internet Numbers ("ARIN").
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+@@ -897,7 +849,8 @@ static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors,
+ IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+ if (a != NULL && a->type == IPAddressOrRange_addressRange) {
+ unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
+- extract_min_max(a, a_min, a_max, length);
++ if (!extract_min_max(a, a_min, a_max, length))
++ return 0;
+ if (memcmp(a_min, a_max, length) > 0)
+ return 0;
+ }
+@@ -1213,6 +1166,11 @@ int X509v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b)
+
+ /*
+ * Core code for RFC 3779 2.3 path validation.
++ *
++ * Returns 1 for success, 0 on error.
++ *
++ * When returning 0, ctx->error MUST be set to an appropriate value other than
++ * X509_V_OK.
+ */
+ static int addr_validate_path_internal(X509_STORE_CTX *ctx,
+ STACK_OF(X509) *chain,
+@@ -1247,6 +1205,7 @@ static int addr_validate_path_internal(X509_STORE_CTX *ctx,
+ if ((child = sk_IPAddressFamily_dup(ext)) == NULL) {
+ X509V3err(X509V3_F_ADDR_VALIDATE_PATH_INTERNAL,
+ ERR_R_MALLOC_FAILURE);
++ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ ret = 0;
+ goto done;
+ }
+diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c
+index edf6396..a7d0b29 100644
+--- a/crypto/x509v3/v3_akey.c
++++ b/crypto/x509v3/v3_akey.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_akeya.c b/crypto/x509v3/v3_akeya.c
+index cc0c1ed..d6dd6bc 100644
+--- a/crypto/x509v3/v3_akeya.c
++++ b/crypto/x509v3/v3_akeya.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
+index 4b143f9..05dfe36 100644
+--- a/crypto/x509v3/v3_alt.c
++++ b/crypto/x509v3/v3_alt.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c
+index 73cbbd1..af4fcf4 100644
+--- a/crypto/x509v3/v3_asid.c
++++ b/crypto/x509v3/v3_asid.c
+@@ -1,58 +1,10 @@
+ /*
+- * Contributed to the OpenSSL Project by the American Registry for
+- * Internet Numbers ("ARIN").
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/crypto/x509v3/v3_bcons.c b/crypto/x509v3/v3_bcons.c
+index 3c2f88a..3bbf155 100644
+--- a/crypto/x509v3/v3_bcons.c
++++ b/crypto/x509v3/v3_bcons.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_bitst.c b/crypto/x509v3/v3_bitst.c
+index a0db610..4802116 100644
+--- a/crypto/x509v3/v3_bitst.c
++++ b/crypto/x509v3/v3_bitst.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
+index c7d2682..b943877 100644
+--- a/crypto/x509v3/v3_conf.c
++++ b/crypto/x509v3/v3_conf.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* extension creation utilities */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
+index b4dd3ad..fe722b1 100644
+--- a/crypto/x509v3/v3_cpols.c
++++ b/crypto/x509v3/v3_cpols.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -188,6 +139,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
+ pol = POLICYINFO_new();
+ if (pol == NULL) {
+ X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
++ ASN1_OBJECT_free(pobj);
+ goto err;
+ }
+ pol->policyid = pobj;
+diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c
+index d9442a2..221eedf 100644
+--- a/crypto/x509v3/v3_crld.c
++++ b/crypto/x509v3/v3_crld.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_enum.c b/crypto/x509v3/v3_enum.c
+index 26ef657..03daef9 100644
+--- a/crypto/x509v3/v3_enum.c
++++ b/crypto/x509v3/v3_enum.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_extku.c b/crypto/x509v3/v3_extku.c
+index 354b828..bae755e 100644
+--- a/crypto/x509v3/v3_extku.c
++++ b/crypto/x509v3/v3_extku.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c
+index d225d0d..8d11997 100644
+--- a/crypto/x509v3/v3_genn.c
++++ b/crypto/x509v3/v3_genn.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_ia5.c b/crypto/x509v3/v3_ia5.c
+index 073a2bb..e509fba 100644
+--- a/crypto/x509v3/v3_ia5.c
++++ b/crypto/x509v3/v3_ia5.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c
+index 16e25fa..bec8c42 100644
+--- a/crypto/x509v3/v3_info.c
++++ b/crypto/x509v3/v3_info.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_int.c b/crypto/x509v3/v3_int.c
+index fc4dd92..a644c33 100644
+--- a/crypto/x509v3/v3_int.c
++++ b/crypto/x509v3/v3_int.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_lib.c b/crypto/x509v3/v3_lib.c
+index a82050f..20b7d96 100644
+--- a/crypto/x509v3/v3_lib.c
++++ b/crypto/x509v3/v3_lib.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* X509 v3 extension utilities */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c
+index 31e37a0..e6775eb 100644
+--- a/crypto/x509v3/v3_ncons.c
++++ b/crypto/x509v3/v3_ncons.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_pci.c b/crypto/x509v3/v3_pci.c
+index cadedef..2c05edb 100644
+--- a/crypto/x509v3/v3_pci.c
++++ b/crypto/x509v3/v3_pci.c
+@@ -1,7 +1,12 @@
+ /*
+- * Contributed to the OpenSSL Project 2004 by Richard Levitte
+- * (richard at levitte.org)
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* Copyright (c) 2004 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+diff --git a/crypto/x509v3/v3_pcia.c b/crypto/x509v3/v3_pcia.c
+index 99bf325..e6f7a91 100644
+--- a/crypto/x509v3/v3_pcia.c
++++ b/crypto/x509v3/v3_pcia.c
+@@ -1,7 +1,12 @@
+ /*
+- * Contributed to the OpenSSL Project 2004 by Richard Levitte
+- * (richard at levitte.org)
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* Copyright (c) 2004 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+diff --git a/crypto/x509v3/v3_pcons.c b/crypto/x509v3/v3_pcons.c
+index 89960ca..24f7ff4 100644
+--- a/crypto/x509v3/v3_pcons.c
++++ b/crypto/x509v3/v3_pcons.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_pku.c b/crypto/x509v3/v3_pku.c
+index 9f0c5da..ed82bca 100644
+--- a/crypto/x509v3/v3_pku.c
++++ b/crypto/x509v3/v3_pku.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_pmaps.c b/crypto/x509v3/v3_pmaps.c
+index 1e7324b..959b678 100644
+--- a/crypto/x509v3/v3_pmaps.c
++++ b/crypto/x509v3/v3_pmaps.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c
+index 457bd95..8666636 100644
+--- a/crypto/x509v3/v3_prn.c
++++ b/crypto/x509v3/v3_prn.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* X509 v3 extension utilities */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
+index ae82fd1..b757d8e 100644
+--- a/crypto/x509v3/v3_purp.c
++++ b/crypto/x509v3/v3_purp.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_skey.c b/crypto/x509v3/v3_skey.c
+index e633cd8..4838b9b 100644
+--- a/crypto/x509v3/v3_skey.c
++++ b/crypto/x509v3/v3_skey.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_sxnet.c b/crypto/x509v3/v3_sxnet.c
+index 0f8ac5e..5338466 100644
+--- a/crypto/x509v3/v3_sxnet.c
++++ b/crypto/x509v3/v3_sxnet.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3_tlsf.c b/crypto/x509v3/v3_tlsf.c
+index 286db1d..fec6724 100644
+--- a/crypto/x509v3/v3_tlsf.c
++++ b/crypto/x509v3/v3_tlsf.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Rob Stradling (rob at comodo.com) for the OpenSSL project 2015.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -155,7 +107,7 @@ static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method,
+ extval = val->name;
+
+ for (j = 0; j < OSSL_NELEM(tls_feature_tbl); j++)
+- if (OPENSSL_strcasecmp(extval, tls_feature_tbl[j].name) == 0)
++ if (strcasecmp(extval, tls_feature_tbl[j].name) == 0)
+ break;
+ if (j < OSSL_NELEM(tls_feature_tbl))
+ tlsextid = tls_feature_tbl[j].num;
+diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
+index ae9645d..6fb672f 100644
+--- a/crypto/x509v3/v3_utl.c
++++ b/crypto/x509v3/v3_utl.c
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* X509 v3 extension utilities */
+
+ #include <stdio.h>
+@@ -1177,19 +1129,17 @@ static int ipv6_hex(unsigned char *out, const char *in, int inlen)
+ {
+ unsigned char c;
+ unsigned int num = 0;
++ int x;
++
+ if (inlen > 4)
+ return 0;
+ while (inlen--) {
+ c = *in++;
+ num <<= 4;
+- if ((c >= '0') && (c <= '9'))
+- num |= c - '0';
+- else if ((c >= 'A') && (c <= 'F'))
+- num |= c - 'A' + 10;
+- else if ((c >= 'a') && (c <= 'f'))
+- num |= c - 'a' + 10;
+- else
++ x = OPENSSL_hexchar2int(c);
++ if (x < 0)
+ return 0;
++ num |= (char)x;
+ }
+ out[0] = num >> 8;
+ out[1] = num & 0xff;
+diff --git a/crypto/x509v3/v3conf.c b/crypto/x509v3/v3conf.c
+index 95a24a5..966ab90 100644
+--- a/crypto/x509v3/v3conf.c
++++ b/crypto/x509v3/v3conf.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x509v3/v3err.c b/crypto/x509v3/v3err.c
+index e399b29..1f838bc 100644
+--- a/crypto/x509v3/v3err.c
++++ b/crypto/x509v3/v3err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -70,6 +20,8 @@
+
+ static ERR_STRING_DATA X509V3_str_functs[] = {
+ {ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "a2i_GENERAL_NAME"},
++ {ERR_FUNC(X509V3_F_ADDR_VALIDATE_PATH_INTERNAL),
++ "addr_validate_path_internal"},
+ {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),
+ "ASIdentifierChoice_canonize"},
+ {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),
+@@ -77,10 +29,8 @@ static ERR_STRING_DATA X509V3_str_functs[] = {
+ {ERR_FUNC(X509V3_F_COPY_EMAIL), "copy_email"},
+ {ERR_FUNC(X509V3_F_COPY_ISSUER), "copy_issuer"},
+ {ERR_FUNC(X509V3_F_DO_DIRNAME), "do_dirname"},
+- {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
+ {ERR_FUNC(X509V3_F_DO_EXT_I2D), "do_ext_i2d"},
+ {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "do_ext_nconf"},
+- {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
+ {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "gnames_from_sectname"},
+ {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
+ {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "i2s_ASN1_IA5STRING"},
+@@ -96,7 +46,6 @@ static ERR_STRING_DATA X509V3_str_functs[] = {
+ {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "s2i_ASN1_IA5STRING"},
+ {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
+ {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
+- {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
+ {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "s2i_skey_id"},
+ {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "set_dist_point_name"},
+ {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
+@@ -122,14 +71,11 @@ static ERR_STRING_DATA X509V3_str_functs[] = {
+ {ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "v2i_POLICY_MAPPINGS"},
+ {ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "v2i_subject_alt"},
+ {ERR_FUNC(X509V3_F_V2I_TLS_FEATURE), "v2i_TLS_FEATURE"},
+- {ERR_FUNC(X509V3_F_ADDR_VALIDATE_PATH_INTERNAL),
+- "addr_validate_path_internal"},
+ {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "v3_generic_extension"},
+ {ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
+ {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
+- {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
+ {ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
+@@ -201,7 +147,6 @@ static ERR_STRING_DATA X509V3_str_reasons[] = {
+ "no proxy cert policy language defined"},
+ {ERR_REASON(X509V3_R_NO_PUBLIC_KEY), "no public key"},
+ {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS), "no subject details"},
+- {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
+ {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
+ {ERR_REASON(X509V3_R_OTHERNAME_ERROR), "othername error"},
+ {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),
+@@ -209,8 +154,6 @@ static ERR_STRING_DATA X509V3_str_reasons[] = {
+ {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH), "policy path length"},
+ {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),
+ "policy path length already defined"},
+- {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),
+- "policy syntax not currently supported"},
+ {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),
+ "policy when proxy language requires no policy"},
+ {ERR_REASON(X509V3_R_SECTION_NOT_FOUND), "section not found"},
+diff --git a/crypto/x509v3/v3prin.c b/crypto/x509v3/v3prin.c
+index 2c8902e..7431a4e 100644
+--- a/crypto/x509v3/v3prin.c
++++ b/crypto/x509v3/v3prin.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/crypto/x86_64cpuid.pl b/crypto/x86_64cpuid.pl
+index db5aa4a..4946688 100644
+--- a/crypto/x86_64cpuid.pl
++++ b/crypto/x86_64cpuid.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $flavour = shift;
+ $output = shift;
+@@ -217,6 +224,28 @@ OPENSSL_cleanse:
+ jne .Little
+ ret
+ .size OPENSSL_cleanse,.-OPENSSL_cleanse
++
++.globl CRYPTO_memcmp
++.type CRYPTO_memcmp,\@abi-omnipotent
++.align 16
++CRYPTO_memcmp:
++ xor %rax,%rax
++ xor %r10,%r10
++ cmp \$0,$arg3
++ je .Lno_data
++.Loop_cmp:
++ mov ($arg1),%r10b
++ lea 1($arg1),$arg1
++ xor ($arg2),%r10b
++ lea 1($arg2),$arg2
++ or %r10b,%al
++ dec $arg3
++ jnz .Loop_cmp
++ neg %rax
++ shr \$63,%rax
++.Lno_data:
++ ret
++.size CRYPTO_memcmp,.-CRYPTO_memcmp
+ ___
+
+ print<<___ if (!$win64);
+diff --git a/crypto/x86cpuid.pl b/crypto/x86cpuid.pl
+index 48c4cf2..99ffa1d 100644
+--- a/crypto/x86cpuid.pl
++++ b/crypto/x86cpuid.pl
+@@ -1,4 +1,10 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+ push(@INC, "${dir}perlasm", "perlasm");
+@@ -359,6 +365,31 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+ &ret ();
+ &function_end_B("OPENSSL_cleanse");
+
++&function_begin_B("CRYPTO_memcmp");
++ &push ("esi");
++ &push ("edi");
++ &mov ("esi",&wparam(0));
++ &mov ("edi",&wparam(1));
++ &mov ("ecx",&wparam(2));
++ &xor ("eax","eax");
++ &xor ("edx","edx");
++ &cmp ("ecx",0);
++ &je (&label("no_data"));
++&set_label("loop");
++ &mov ("dl",&BP(0,"esi"));
++ &lea ("esi",&DWP(1,"esi"));
++ &xor ("dl",&BP(0,"edi"));
++ &lea ("edi",&DWP(1,"edi"));
++ &or ("al","dl");
++ &dec ("ecx");
++ &jnz (&label("loop"));
++ &neg ("eax");
++ &shr ("eax",31);
++&set_label("no_data");
++ &pop ("edi");
++ &pop ("esi");
++ &ret ();
++&function_end_B("CRYPTO_memcmp");
+ {
+ my $lasttick = "esi";
+ my $lastdiff = "ebx";
+diff --git a/demos/bio/Makefile.in b/demos/bio/Makefile.in
+deleted file mode 100644
+index 04c5dc7..0000000
+--- a/demos/bio/Makefile.in
++++ /dev/null
+@@ -1,23 +0,0 @@
+-CC=cc
+-CFLAGS= -g -I../../include
+-LIBS= -L../.. ../../libssl.a ../../libcrypto.a -ldl
+-EXAMPLES=saccept sconnect client-arg client-conf
+-
+-all: $(EXAMPLES)
+-
+-saccept: saccept.o
+- $(CC) -o saccept saccept.o $(LIBS)
+-
+-sconnect: sconnect.o
+- $(CC) -o sconnect sconnect.o $(LIBS)
+-
+-client-arg: client-arg.o
+- $(CC) -o client-arg client-arg.o $(LIBS)
+-
+-client-conf: client-conf.o
+- $(CC) -o client-conf client-conf.o $(LIBS)
+-
+-clean:
+- rm -f $(EXAMPLES) *.o
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/demos/bio/client-arg.c b/demos/bio/client-arg.c
+index 630b166..9e136e5 100644
+--- a/demos/bio/client-arg.c
++++ b/demos/bio/client-arg.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <string.h>
+ #include <openssl/err.h>
+ #include <openssl/ssl.h>
+diff --git a/demos/bio/client-conf.c b/demos/bio/client-conf.c
+index 4e4d4bc..66b5cac 100644
+--- a/demos/bio/client-conf.c
++++ b/demos/bio/client-conf.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <string.h>
+ #include <openssl/err.h>
+ #include <openssl/ssl.h>
+diff --git a/demos/bio/saccept.c b/demos/bio/saccept.c
+index 240132c..106a089 100644
+--- a/demos/bio/saccept.c
++++ b/demos/bio/saccept.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /*-
+ * A minimal program to serve an SSL connection.
+ * It uses blocking.
+diff --git a/demos/bio/sconnect.c b/demos/bio/sconnect.c
+index 16dba40..284bc30 100644
+--- a/demos/bio/sconnect.c
++++ b/demos/bio/sconnect.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /*-
+ * A minimal program to do SSL to a passed host and port.
+ * It is actually using non-blocking IO but in a very simple manner
+diff --git a/demos/bio/server-arg.c b/demos/bio/server-arg.c
+index b2a43a9..4e9b7bd 100644
+--- a/demos/bio/server-arg.c
++++ b/demos/bio/server-arg.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * A minimal program to serve an SSL connection. It uses blocking. It use the
+ * SSL_CONF API with the command line. cc -I../../include server-arg.c
+ * -L../.. -lssl -lcrypto -ldl
+diff --git a/demos/bio/server-cmod.c b/demos/bio/server-cmod.c
+index 51291da..77b456a 100644
+--- a/demos/bio/server-cmod.c
++++ b/demos/bio/server-cmod.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * A minimal TLS server it ses SSL_CTX_config and a configuration file to
+ * set most server parameters.
+ */
+diff --git a/demos/bio/server-conf.c b/demos/bio/server-conf.c
+index db624ba..32abefd 100644
+--- a/demos/bio/server-conf.c
++++ b/demos/bio/server-conf.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * A minimal program to serve an SSL connection. It uses blocking. It uses
+ * the SSL_CONF API with a configuration file. cc -I../../include saccept.c
+ * -L../.. -lssl -lcrypto -ldl
+diff --git a/demos/cms/cms_comp.c b/demos/cms/cms_comp.c
+index f902d20..0d548f9 100644
+--- a/demos/cms/cms_comp.c
++++ b/demos/cms/cms_comp.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* Simple S/MIME compress example */
+ #include <openssl/pem.h>
+ #include <openssl/cms.h>
+diff --git a/demos/cms/cms_ddec.c b/demos/cms/cms_ddec.c
+index 3b23e8d..8f2e9ae 100644
+--- a/demos/cms/cms_ddec.c
++++ b/demos/cms/cms_ddec.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * S/MIME detached data decrypt example: rarely done but should the need
+ * arise this is an example....
+ */
+diff --git a/demos/cms/cms_dec.c b/demos/cms/cms_dec.c
+index 22181c2..4f9428b 100644
+--- a/demos/cms/cms_dec.c
++++ b/demos/cms/cms_dec.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* Simple S/MIME decryption example */
+ #include <openssl/pem.h>
+ #include <openssl/cms.h>
+diff --git a/demos/cms/cms_denc.c b/demos/cms/cms_denc.c
+index 8aa82aa..adba69b 100644
+--- a/demos/cms/cms_denc.c
++++ b/demos/cms/cms_denc.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * S/MIME detached data encrypt example: rarely done but should the need
+ * arise this is an example....
+ */
+diff --git a/demos/cms/cms_enc.c b/demos/cms/cms_enc.c
+index f4ba542..4d17d72 100644
+--- a/demos/cms/cms_enc.c
++++ b/demos/cms/cms_enc.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* Simple S/MIME encrypt example */
+ #include <openssl/pem.h>
+ #include <openssl/cms.h>
+diff --git a/demos/cms/cms_sign.c b/demos/cms/cms_sign.c
+index 8b5a64d..15bd5b8 100644
+--- a/demos/cms/cms_sign.c
++++ b/demos/cms/cms_sign.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* Simple S/MIME signing example */
+ #include <openssl/pem.h>
+ #include <openssl/cms.h>
+diff --git a/demos/cms/cms_sign2.c b/demos/cms/cms_sign2.c
+index 9fdd035..14ebf27 100644
+--- a/demos/cms/cms_sign2.c
++++ b/demos/cms/cms_sign2.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* S/MIME signing example: 2 signers */
+ #include <openssl/pem.h>
+ #include <openssl/cms.h>
+diff --git a/demos/cms/cms_uncomp.c b/demos/cms/cms_uncomp.c
+index 2c10b81..3e3b4c4 100644
+--- a/demos/cms/cms_uncomp.c
++++ b/demos/cms/cms_uncomp.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* Simple S/MIME uncompression example */
+ #include <openssl/pem.h>
+ #include <openssl/cms.h>
+diff --git a/demos/cms/cms_ver.c b/demos/cms/cms_ver.c
+index c6e83c0..43c10e2 100644
+--- a/demos/cms/cms_ver.c
++++ b/demos/cms/cms_ver.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* Simple S/MIME verification example */
+ #include <openssl/pem.h>
+ #include <openssl/cms.h>
+diff --git a/demos/evp/aesccm.c b/demos/evp/aesccm.c
+index e0240e5..cc4d0b5 100644
+--- a/demos/evp/aesccm.c
++++ b/demos/evp/aesccm.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Simple AES CCM test program, uses the same NIST data used for the FIPS
+ * self test but uses the application level EVP APIs.
+ */
+diff --git a/demos/evp/aesgcm.c b/demos/evp/aesgcm.c
+index 72028a0..17b0ef4 100644
+--- a/demos/evp/aesgcm.c
++++ b/demos/evp/aesgcm.c
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Simple AES GCM test program, uses the same NIST data used for the FIPS
+ * self test but uses the application level EVP APIs.
+ */
+diff --git a/demos/pkcs12/pkread.c b/demos/pkcs12/pkread.c
+index 3739814..3b87d7a 100644
+--- a/demos/pkcs12/pkread.c
++++ b/demos/pkcs12/pkread.c
+@@ -1,3 +1,11 @@
++/*
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ #include <stdio.h>
+ #include <stdlib.h>
+diff --git a/demos/pkcs12/pkwrite.c b/demos/pkcs12/pkwrite.c
+index d04a22b..e14cf83 100644
+--- a/demos/pkcs12/pkwrite.c
++++ b/demos/pkcs12/pkwrite.c
+@@ -1,3 +1,11 @@
++/*
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ #include <stdio.h>
+ #include <stdlib.h>
+diff --git a/demos/smime/smdec.c b/demos/smime/smdec.c
+index f1a987a..c4d1b09 100644
+--- a/demos/smime/smdec.c
++++ b/demos/smime/smdec.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* Simple S/MIME signing example */
+ #include <openssl/pem.h>
+ #include <openssl/pkcs7.h>
+diff --git a/demos/smime/smenc.c b/demos/smime/smenc.c
+index 79fe2d0..5d36e9a 100644
+--- a/demos/smime/smenc.c
++++ b/demos/smime/smenc.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* Simple S/MIME encrypt example */
+ #include <openssl/pem.h>
+ #include <openssl/pkcs7.h>
+diff --git a/demos/smime/smsign.c b/demos/smime/smsign.c
+index 8505e71..ba0adb3 100644
+--- a/demos/smime/smsign.c
++++ b/demos/smime/smsign.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* Simple S/MIME signing example */
+ #include <openssl/pem.h>
+ #include <openssl/pkcs7.h>
+diff --git a/demos/smime/smsign2.c b/demos/smime/smsign2.c
+index 415ecf3..2b7f45b 100644
+--- a/demos/smime/smsign2.c
++++ b/demos/smime/smsign2.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* S/MIME signing example: 2 signers. OpenSSL 0.9.9 only */
+ #include <openssl/pem.h>
+ #include <openssl/pkcs7.h>
+diff --git a/demos/smime/smver.c b/demos/smime/smver.c
+index 13ba18b..75411c4 100644
+--- a/demos/smime/smver.c
++++ b/demos/smime/smver.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* Simple S/MIME verification example */
+ #include <openssl/pem.h>
+ #include <openssl/pkcs7.h>
+diff --git a/doc/apps/CA.pl.pod b/doc/apps/CA.pl.pod
+index 35a40aa..ed30d6a 100644
+--- a/doc/apps/CA.pl.pod
++++ b/doc/apps/CA.pl.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -103,7 +102,7 @@ B<cessationOfOperation>, B<certificateHold>, or B<removeFromCRL>.
+ =item B<-verify>
+
+ verifies certificates against the CA certificate for "demoCA". If no certificates
+-are specified on the command line it tries to verify the file "newcert.pem".
++are specified on the command line it tries to verify the file "newcert.pem".
+
+ =item B<files>
+
+@@ -148,7 +147,7 @@ enter cacert.pem when prompted for the CA file name.
+ Create a DSA certificate request and private key (a different set of parameters
+ can optionally be created first):
+
+- openssl req -out newreq.pem -newkey dsa:dsap.pem
++ openssl req -out newreq.pem -newkey dsa:dsap.pem
+
+ Sign the request:
+
+@@ -169,7 +168,7 @@ be wrong. In this case the command:
+
+ perl -S CA.pl
+
+-can be used and the B<OPENSSL_CONF> environment variable changed to point to
++can be used and the B<OPENSSL_CONF> environment variable changed to point to
+ the correct path of the configuration file "openssl.cnf".
+
+ The script is intended as a simple front end for the B<openssl> program for use
+@@ -187,4 +186,13 @@ configuration file, not just its directory.
+ L<x509(1)>, L<ca(1)>, L<req(1)>, L<pkcs12(1)>,
+ L<config(5)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/asn1parse.pod b/doc/apps/asn1parse.pod
+index fdaae40..6679108 100644
+--- a/doc/apps/asn1parse.pod
++++ b/doc/apps/asn1parse.pod
+@@ -92,7 +92,7 @@ L<ASN1_generate_nconf(3)> format. If B<file> only is
+ present then the string is obtained from the default section using the name
+ B<asn1>. The encoded data is passed through the ASN1 parser and printed out as
+ though it came from a file, the contents can thus be examined and written to a
+-file using the B<out> option.
++file using the B<out> option.
+
+ =item B<-strictpem>
+
+@@ -104,24 +104,24 @@ END marker in a PEM file.
+
+ =back
+
+-=head2 OUTPUT
++=head2 Output
+
+ The output will typically contain lines like this:
+
+- 0:d=0 hl=4 l= 681 cons: SEQUENCE
++ 0:d=0 hl=4 l= 681 cons: SEQUENCE
+
+ .....
+
+ 229:d=3 hl=3 l= 141 prim: BIT STRING
+- 373:d=2 hl=3 l= 162 cons: cont [ 3 ]
+- 376:d=3 hl=3 l= 159 cons: SEQUENCE
+- 379:d=4 hl=2 l= 29 cons: SEQUENCE
++ 373:d=2 hl=3 l= 162 cons: cont [ 3 ]
++ 376:d=3 hl=3 l= 159 cons: SEQUENCE
++ 379:d=4 hl=2 l= 29 cons: SEQUENCE
+ 381:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier
+- 386:d=5 hl=2 l= 22 prim: OCTET STRING
+- 410:d=4 hl=2 l= 112 cons: SEQUENCE
++ 386:d=5 hl=2 l= 22 prim: OCTET STRING
++ 410:d=4 hl=2 l= 112 cons: SEQUENCE
+ 412:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier
+- 417:d=5 hl=2 l= 105 prim: OCTET STRING
+- 524:d=4 hl=2 l= 12 cons: SEQUENCE
++ 417:d=5 hl=2 l= 105 prim: OCTET STRING
++ 524:d=4 hl=2 l= 12 cons: SEQUENCE
+
+ .....
+
+@@ -133,27 +133,27 @@ the contents octets.
+
+ The B<-i> option can be used to make the output more readable.
+
+-Some knowledge of the ASN.1 structure is needed to interpret the output.
++Some knowledge of the ASN.1 structure is needed to interpret the output.
+
+ In this example the BIT STRING at offset 229 is the certificate public key.
+ The contents octets of this will contain the public key information. This can
+ be examined using the option B<-strparse 229> to yield:
+
+- 0:d=0 hl=3 l= 137 cons: SEQUENCE
++ 0:d=0 hl=3 l= 137 cons: SEQUENCE
+ 3:d=1 hl=3 l= 129 prim: INTEGER :E5D21E1F5C8D208EA7A2166C7FAF9F6BDF2059669C60876DDB70840F1A5AAFA59699FE471F379F1DD6A487E7D5409AB6A88D4A9746E24B91D8CF55DB3521015460C8EDE44EE8A4189F7A7BE77D6CD3A9AF2696F486855CF58BF0EDF2B4068058C7A947F52548DDF7E15E96B385F86422BEA9064A3EE9E1158A56E4A6F47E5897
+ 135:d=1 hl=2 l= 3 prim: INTEGER :010001
+
+ =head1 NOTES
+
+ If an OID is not part of OpenSSL's internal table it will be represented in
+-numerical form (for example 1.2.3.4). The file passed to the B<-oid> option
++numerical form (for example 1.2.3.4). The file passed to the B<-oid> option
+ allows additional OIDs to be included. Each line consists of three columns,
+ the first column is the OID in numerical format and should be followed by white
+ space. The second column is the "short name" which is a single word followed
+ by white space. The final column is the rest of the line and is the
+ "long name". B<asn1parse> displays the long name. Example:
+
+-C<1.2.3.4 shortName A long name>
++C<1.2.3.4 shortName A long name>
+
+ =head1 EXAMPLES
+
+@@ -196,4 +196,13 @@ ASN.1 types is not well handled (if at all).
+
+ L<ASN1_generate_nconf(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod
+index cd7cad7..cd7eda3 100644
+--- a/doc/apps/ca.pod
++++ b/doc/apps/ca.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -101,7 +100,7 @@ section for information on the required input and output format.
+ =item B<-infiles>
+
+ if present this should be the last option, all subsequent arguments
+-are taken as the names of files containing certificate requests.
++are taken as the names of files containing certificate requests.
+
+ =item B<-out filename>
+
+@@ -195,7 +194,7 @@ need this option.
+ =item B<-preserveDN>
+
+ Normally the DN order of a certificate is the same as the order of the
+-fields in the relevant policy section. When this option is set the order
++fields in the relevant policy section. When this option is set the order
+ is the same as the request. This is largely for compatibility with the
+ older IE enrollment control which would only accept certificates if their
+ DNs match the order of the request. This is not needed for Xenroll.
+@@ -245,7 +244,7 @@ characters may be escaped by \ (backslash), no spaces are skipped.
+
+ =item B<-utf8>
+
+-this option causes field values to be interpreted as UTF8 strings, by
++this option causes field values to be interpreted as UTF8 strings, by
+ default they are interpreted as ASCII. This means that the field
+ values, whether prompted from a terminal or obtained from a
+ configuration file, must be valid UTF8 strings.
+@@ -366,7 +365,7 @@ any) used.
+ This specifies a file containing additional B<OBJECT IDENTIFIERS>.
+ Each line of the file should consist of the numerical form of the
+ object identifier followed by white space then the short name followed
+-by white space and finally the long name.
++by white space and finally the long name.
+
+ =item B<oid_section>
+
+@@ -398,7 +397,7 @@ an EGD socket (see L<RAND_egd(3)>).
+ =item B<default_days>
+
+ the same as the B<-days> option. The number of days to certify
+-a certificate for.
++a certificate for.
+
+ =item B<default_startdate>
+
+@@ -521,7 +520,7 @@ this can be regarded more of a quirk than intended behaviour.
+
+ The input to the B<-spkac> command line option is a Netscape
+ signed public key and challenge. This will usually come from
+-the B<KEYGEN> tag in an HTML form to create a new private key.
++the B<KEYGEN> tag in an HTML form to create a new private key.
+ It is however possible to create SPKACs using the B<spkac> utility.
+
+ The file should contain the variable SPKAC set to the value of
+@@ -581,18 +580,18 @@ A sample configuration file with the relevant sections for B<ca>:
+
+ [ ca ]
+ default_ca = CA_default # The default ca section
+-
++
+ [ CA_default ]
+
+ dir = ./demoCA # top dir
+ database = $dir/index.txt # index file.
+- new_certs_dir = $dir/newcerts # new certs dir
+-
++ new_certs_dir = $dir/newcerts # new certs dir
++
+ certificate = $dir/cacert.pem # The CA cert
+ serial = $dir/serial # serial no file
+ private_key = $dir/private/cakey.pem# CA private key
+ RANDFILE = $dir/private/.rand # random number file
+-
++
+ default_days = 365 # how long to certify for
+ default_crl_days= 30 # how long before next CRL
+ default_md = md5 # md to use
+@@ -600,9 +599,9 @@ A sample configuration file with the relevant sections for B<ca>:
+ policy = policy_any # default policy
+ email_in_dn = no # Don't add the email into cert DN
+
+- name_opt = ca_default # Subject name display option
+- cert_opt = ca_default # Certificate display option
+- copy_extensions = none # Don't copy extensions from request
++ name_opt = ca_default # Subject name display option
++ cert_opt = ca_default # Certificate display option
++ copy_extensions = none # Don't copy extensions from request
+
+ [ policy_any ]
+ countryName = supplied
+@@ -636,7 +635,7 @@ be overridden by the B<-config> command line option.
+
+ =head1 RESTRICTIONS
+
+-The text database index file is a critical part of the process and
++The text database index file is a critical part of the process and
+ if corrupted it can be difficult to fix. It is theoretically possible
+ to rebuild the index file from all the issued certificates and a current
+ CRL: however there is no option to do this.
+@@ -704,6 +703,15 @@ then even if a certificate is issued with CA:TRUE it will not be valid.
+ =head1 SEE ALSO
+
+ L<req(1)>, L<spkac(1)>, L<x509(1)>, L<CA.pl(1)>,
+-L<config(5)>, L<x509v3_config(5)>
++L<config(5)>, L<x509v3_config(5)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
+index 9788fa3..a8a7c87 100644
+--- a/doc/apps/ciphers.pod
++++ b/doc/apps/ciphers.pod
+@@ -17,6 +17,7 @@ B<openssl> B<ciphers>
+ [B<-tls1_2>]
+ [B<-s>]
+ [B<-psk>]
++[B<-srp>]
+ [B<-stdname>]
+ [B<cipherlist>]
+
+@@ -37,13 +38,12 @@ Print a usage message.
+ =item B<-s>
+
+ Only list supported ciphers: those consistent with the security level, and
+-minimum and maximum protocol version.
+-This is closer to the actual cipher list an application will support.
++minimum and maximum protocol version. This is closer to the actual cipher list
++an application will support.
++
++PSK and SRP ciphers are not enabled by default: they require B<-psk> or B<-srp>
++to enable them.
+
+-This program does not set up support for SRP and so SRP based ciphers will
+-always be excluded when using this option.
+-PSK ciphers are not enabled by default and it requires the B<-psk> to enable
+-them.
+ It also does not change the default list of supported signature algorithms.
+
+ On a server the list of supported ciphers might also exclude other ciphers
+@@ -56,6 +56,10 @@ listed.
+
+ When combined with B<-s> includes cipher suites which require PSK.
+
++=item B<-srp>
++
++When combined with B<-s> includes cipher suites which require SRP.
++
+ =item B<-v>
+
+ Verbose output: For each ciphersuite, list details as provided by
+@@ -390,7 +394,7 @@ relevant specification and their OpenSSL equivalents. It should be noted,
+ that several cipher suite names do not include the authentication used,
+ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
+
+-=head2 SSL v3.0 cipher suites.
++=head2 SSL v3.0 cipher suites
+
+ SSL_RSA_WITH_NULL_MD5 NULL-MD5
+ SSL_RSA_WITH_NULL_SHA NULL-SHA
+@@ -411,7 +415,7 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
+ SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA Not implemented.
+ SSL_FORTEZZA_KEA_WITH_RC4_128_SHA Not implemented.
+
+-=head2 TLS v1.0 cipher suites.
++=head2 TLS v1.0 cipher suites
+
+ TLS_RSA_WITH_NULL_MD5 NULL-MD5
+ TLS_RSA_WITH_NULL_SHA NULL-SHA
+@@ -576,7 +580,7 @@ Note: these ciphers can also be used in SSL v3.
+ TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-RSA-CAMELLIA128-SHA256
+ TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-RSA-CAMELLIA256-SHA384
+
+-=head2 Pre shared keying (PSK) ciphersuites
++=head2 Pre-shared keying (PSK) ciphersuites
+
+ PSK_WITH_NULL_SHA PSK-NULL-SHA
+ DHE_PSK_WITH_NULL_SHA DHE-PSK-NULL-SHA
+@@ -650,7 +654,7 @@ Note: these ciphers can also be used in SSL v3.
+ DHE_PSK_WITH_AES_128_CCM_8 DHE-PSK-AES128-CCM8
+ DHE_PSK_WITH_AES_256_CCM_8 DHE-PSK-AES256-CCM8
+
+-=head2 ChaCha20-Poly1305 cipher suites from draft-ietf-tls-chacha20-poly1305-04, extending TLS v1.2
++=head2 ChaCha20-Poly1305 cipher suites, extending TLS v1.2
+
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE-RSA-CHACHA20-POLY1305
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-CHACHA20-POLY1305
+@@ -706,4 +710,13 @@ L<s_client(1)>, L<s_server(1)>, L<ssl(3)>
+
+ The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod
+index 42c3514..4a2b604 100644
+--- a/doc/apps/cms.pod
++++ b/doc/apps/cms.pod
+@@ -47,6 +47,7 @@ B<openssl> B<cms>
+ [B<-ignore_critical>]
+ [B<-inhibit_any>]
+ [B<-inhibit_map>]
++[B<-no_check_time>]
+ [B<-partial_chain>]
+ [B<-policy arg>]
+ [B<-policy_check>]
+@@ -73,6 +74,7 @@ B<openssl> B<cms>
+ [B<-noattr>]
+ [B<-nosmimecap>]
+ [B<-binary>]
++[B<-crlfeol>]
+ [B<-asciicrlf>]
+ [B<-nodetach>]
+ [B<-certfile file>]
+@@ -184,13 +186,13 @@ B<EncrytedData> type and output the content.
+
+ =item B<-sign_receipt>
+
+-Generate and output a signed receipt for the supplied message. The input
++Generate and output a signed receipt for the supplied message. The input
+ message B<must> contain a signed receipt request. Functionality is otherwise
+ similar to the B<-sign> operation.
+
+ =item B<-verify_receipt receipt>
+
+-Verify a signed receipt in filename B<receipt>. The input message B<must>
++Verify a signed receipt in filename B<receipt>. The input message B<must>
+ contain the original receipt request. Functionality is otherwise similar
+ to the B<-verify> operation.
+
+@@ -254,7 +256,7 @@ is S/MIME and it uses the multipart/signed MIME content type.
+
+ this option adds plain text (text/plain) MIME headers to the supplied
+ message if encrypting or signing. If decrypting or verifying it strips
+-off text headers: if the decrypted or verified message is not of MIME
++off text headers: if the decrypted or verified message is not of MIME
+ type text/plain then an error occurs.
+
+ =item B<-noout>
+@@ -296,11 +298,11 @@ default digest algorithm for the signing key will be used (usually SHA1).
+
+ the encryption algorithm to use. For example triple DES (168 bits) - B<-des3>
+ or 256 bit AES - B<-aes256>. Any standard algorithm name (as used by the
+-EVP_get_cipherbyname() function) can also be used preceded by a dash, for
++EVP_get_cipherbyname() function) can also be used preceded by a dash, for
+ example B<-aes-128-cbc>. See L<B<enc>|enc(1)> for a list of ciphers
+ supported by your version of OpenSSL.
+
+-If not specified triple DES is used. Only used with B<-encrypt> and
++If not specified triple DES is used. Only used with B<-encrypt> and
+ B<-EncryptedData_create> commands.
+
+ =item B<-nointern>
+@@ -339,6 +341,11 @@ effectively using CR and LF as end of line: as required by the S/MIME
+ specification. When this option is present no translation occurs. This
+ is useful when handling binary data which may not be in MIME format.
+
++=item B<-crlfeol>
++
++normally the output file uses a single B<LF> as end of line. When this
++option is present B<CRLF> is used instead.
++
+ =item B<-asciicrlf>
+
+ when signing use ASCII CRLF format canonicalisation. This strips trailing
+@@ -401,7 +408,7 @@ address where receipts should be supplied.
+
+ =item B<-receipt_request_to emailaddress>
+
+-Add an explicit email address where signed receipts should be sent to. This
++Add an explicit email address where signed receipts should be sent to. This
+ option B<must> but supplied if a signed receipt it requested.
+
+ =item B<-receipt_request_print>
+@@ -429,7 +436,7 @@ B<KEKRecipientInfo> structures.
+
+ set the encapsulated content type to B<type> if not supplied the B<Data> type
+ is used. The B<type> argument can be any valid OID name in either text or
+-numerical format.
++numerical format.
+
+ =item B<-inkey file>
+
+@@ -462,7 +469,7 @@ all others.
+ =item B<cert.pem...>
+
+ one or more certificates of message recipients: used when encrypting
+-a message.
++a message.
+
+ =item B<-to, -from, -subject>
+
+@@ -473,7 +480,7 @@ address matches that specified in the From: address.
+
+ =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
+ B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
+-B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,
++B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,
+ B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
+ B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
+ B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
+@@ -527,7 +534,7 @@ attempt is made to locate the recipient by trying each potential recipient
+ in turn using the supplied private key. To thwart the MMA attack
+ (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) all recipients are
+ tried whether they succeed or not and if no recipients match the message
+-is "decrypted" using a random key which will typically output garbage.
++is "decrypted" using a random key which will typically output garbage.
+ The B<-debug_decrypt> option can be used to disable the MMA attack protection
+ and return an error if no recipient can be found: this option should be used
+ with caution. For a fuller description see L<CMS_decrypt(3)>).
+@@ -591,29 +598,29 @@ be processed by the older B<smime> command.
+ Create a cleartext signed message:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+- -signer mycert.pem
++ -signer mycert.pem
+
+ Create an opaque signed message
+
+ openssl cms -sign -in message.txt -text -out mail.msg -nodetach \
+- -signer mycert.pem
++ -signer mycert.pem
+
+ Create a signed message, include some additional certificates and
+ read the private key from another file:
+
+ openssl cms -sign -in in.txt -text -out mail.msg \
+- -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
++ -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
+
+ Create a signed message with two signers, use key identifier:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+- -signer mycert.pem -signer othercert.pem -keyid
++ -signer mycert.pem -signer othercert.pem -keyid
+
+ Send a signed message under Unix directly to sendmail, including headers:
+
+ openssl cms -sign -in in.txt -text -signer mycert.pem \
+- -from steve at openssl.org -to someone at somewhere \
+- -subject "Signed message" | sendmail someone at somewhere
++ -from steve at openssl.org -to someone at somewhere \
++ -subject "Signed message" | sendmail someone at somewhere
+
+ Verify a message and extract the signer's certificate if successful:
+
+@@ -622,15 +629,15 @@ Verify a message and extract the signer's certificate if successful:
+ Send encrypted mail using triple DES:
+
+ openssl cms -encrypt -in in.txt -from steve at openssl.org \
+- -to someone at somewhere -subject "Encrypted message" \
+- -des3 user.pem -out mail.msg
++ -to someone at somewhere -subject "Encrypted message" \
++ -des3 user.pem -out mail.msg
+
+ Sign and encrypt mail:
+
+ openssl cms -sign -in ml.txt -signer my.pem -text \
+- | openssl cms -encrypt -out mail.msg \
+- -from steve at openssl.org -to someone at somewhere \
+- -subject "Signed and Encrypted message" -des3 user.pem
++ | openssl cms -encrypt -out mail.msg \
++ -from steve at openssl.org -to someone at somewhere \
++ -subject "Signed and Encrypted message" -des3 user.pem
+
+ Note: the encryption command does not include the B<-text> option because the
+ message being encrypted already has MIME headers.
+@@ -647,7 +654,7 @@ it with:
+ -----BEGIN PKCS7-----
+ -----END PKCS7-----
+
+-and using the command,
++and using the command,
+
+ openssl cms -verify -inform PEM -in signature.pem -content content.txt
+
+@@ -666,17 +673,17 @@ Add a signer to an existing message:
+ Sign mail using RSA-PSS:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+- -signer mycert.pem -keyopt rsa_padding_mode:pss
++ -signer mycert.pem -keyopt rsa_padding_mode:pss
+
+ Create encrypted mail using RSA-OAEP:
+
+ openssl cms -encrypt -in plain.txt -out mail.msg \
+- -recip cert.pem -keyopt rsa_padding_mode:oaep
++ -recip cert.pem -keyopt rsa_padding_mode:oaep
+
+ Use SHA256 KDF with an ECDH certificate:
+
+ openssl cms -encrypt -in plain.txt -out mail.msg \
+- -recip ecdhcert.pem -keyopt ecdh_kdf_md:sha256
++ -recip ecdhcert.pem -keyopt ecdh_kdf_md:sha256
+
+ =head1 BUGS
+
+@@ -708,11 +715,20 @@ The B<keyopt> option was first added in OpenSSL 1.1.0
+ The use of B<-recip> to specify the recipient when encrypting mail was first
+ added to OpenSSL 1.1.0
+
+-Support for RSA-OAEP and RSA-PSS was first added to OpenSSL 1.1.0.
++Support for RSA-OAEP and RSA-PSS was first added to OpenSSL 1.1.0.
+
+ The use of non-RSA keys with B<-encrypt> and B<-decrypt> was first added
+ to OpenSSL 1.1.0.
+
+ The -no_alt_chains options was first added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/config.pod b/doc/apps/config.pod
+index 665a1bb..a9cde89 100644
+--- a/doc/apps/config.pod
++++ b/doc/apps/config.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =for comment openssl_manual_section:5
+@@ -63,14 +62,14 @@ functionality: any sub command uses the master OpenSSL configuration file
+ unless an option is used in the sub command to use an alternative configuration
+ file.
+
+-To enable library configuration the default section needs to contain an
++To enable library configuration the default section needs to contain an
+ appropriate line which points to the main configuration section. The default
+ name is B<openssl_conf> which is used by the B<openssl> utility. Other
+ applications may use an alternative name such as B<myapplicaton_conf>.
+
+ The configuration section should consist of a set of name value pairs which
+ contain specific module configuration information. The B<name> represents
+-the name of the I<configuration module> the meaning of the B<value> is
++the name of the I<configuration module> the meaning of the B<value> is
+ module specific: it may, for example, represent a further configuration
+ section containing configuration module specific information. E.g.
+
+@@ -91,7 +90,7 @@ section containing configuration module specific information. E.g.
+
+ The features of each configuration module are described below.
+
+-=head2 ASN1 OBJECT CONFIGURATION MODULE
++=head2 ASN1 Object Configuration Module
+
+ This module has the name B<oid_section>. The value of this variable points
+ to a section containing name value pairs of OIDs: the name is the OID short
+@@ -102,7 +101,7 @@ B<all> the B<openssl> utility sub commands can see the new objects as well
+ as any compliant applications. For example:
+
+ [new_oids]
+-
++
+ some_new_oid = 1.2.3.4
+ some_other_oid = 1.2.3.5
+
+@@ -111,7 +110,7 @@ by a comma and the numerical OID form. For example:
+
+ shortName = some object long name, 1.2.3.4
+
+-=head2 ENGINE CONFIGURATION MODULE
++=head2 Engine Configuration Module
+
+ This ENGINE configuration module has the name B<engines>. The value of this
+ variable points to a section containing further ENGINE configuration
+@@ -141,7 +140,7 @@ For example:
+ [bar_section]
+ ... "bar" ENGINE specific commands ...
+
+-The command B<engine_id> is used to give the ENGINE name. If used this
++The command B<engine_id> is used to give the ENGINE name. If used this
+ command must be first. For example:
+
+ [engine_section]
+@@ -168,7 +167,7 @@ The command B<default_algorithms> sets the default algorithms an ENGINE will
+ supply using the functions ENGINE_set_default_string().
+
+ If the name matches none of the above command names it is assumed to be a
+-ctrl command which is sent to the ENGINE. The value of the command is the
++ctrl command which is sent to the ENGINE. The value of the command is the
+ argument to the ctrl command. If the value is the string B<EMPTY> then no
+ value is sent to the command.
+
+@@ -190,7 +189,7 @@ For example:
+ # Supply all default algorithms
+ default_algorithms = ALL
+
+-=head2 EVP CONFIGURATION MODULE
++=head2 EVP Configuration Module
+
+ This modules has the name B<alg_section> which points to a section containing
+ algorithm commands.
+@@ -208,7 +207,7 @@ For example:
+
+ fips_mode = on
+
+-=head2 SSL CONFIGURATION MODULE
++=head2 SSL Configuration Module
+
+ This module has the name B<ssl_conf> which points to a section containing
+ SSL configurations.
+@@ -266,7 +265,7 @@ Here is a sample configuration file using some of the features
+ mentioned above.
+
+ # This is the default section.
+-
++
+ HOME=/temp
+ RANDFILE= ${ENV::HOME}/.rnd
+ configdir=$ENV::HOME/config
+@@ -296,7 +295,7 @@ the B<TEMP> or B<TMP> environment variables but they may not be
+ set to any value at all. If you just include the environment variable
+ names and the variable doesn't exist then this will cause an error when
+ an attempt is made to load the configuration file. By making use of the
+-default section both values can be looked up with B<TEMP> taking
++default section both values can be looked up with B<TEMP> taking
+ priority and B</tmp> used if neither is defined:
+
+ TMP=/tmp
+@@ -375,4 +374,13 @@ file.
+
+ L<x509(1)>, L<req(1)>, L<ca(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/crl.pod b/doc/apps/crl.pod
+index 2deecfe..0edff8d 100644
+--- a/doc/apps/crl.pod
++++ b/doc/apps/crl.pod
+@@ -42,7 +42,7 @@ the DER form with header and footer lines.
+
+ =item B<-outform DER|PEM>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in filename>
+@@ -130,4 +130,13 @@ and files too.
+
+ L<crl2pkcs7(1)>, L<ca(1)>, L<x509(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/crl2pkcs7.pod b/doc/apps/crl2pkcs7.pod
+index bc64412..a96699b 100644
+--- a/doc/apps/crl2pkcs7.pod
++++ b/doc/apps/crl2pkcs7.pod
+@@ -74,8 +74,8 @@ Create a PKCS#7 structure from a certificate and CRL:
+ Creates a PKCS#7 structure in DER format with no CRL from several
+ different certificates:
+
+- openssl crl2pkcs7 -nocrl -certfile newcert.pem
+- -certfile demoCA/cacert.pem -outform DER -out p7.der
++ openssl crl2pkcs7 -nocrl -certfile newcert.pem
++ -certfile demoCA/cacert.pem -outform DER -out p7.der
+
+ =head1 NOTES
+
+@@ -93,4 +93,13 @@ install user certificates and CAs in MSIE using the Xenroll control.
+
+ L<pkcs7(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod
+index fc256b2..f0f9844 100644
+--- a/doc/apps/dgst.pod
++++ b/doc/apps/dgst.pod
+@@ -156,7 +156,7 @@ a file or files containing random data used to seed the random number
+ generator, or an EGD socket (see L<RAND_egd(3)>).
+ Multiple files can be specified separated by an OS-dependent character.
+ The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+-all others.
++all others.
+
+ =item B<-fips-fingerprint>
+
+@@ -228,4 +228,13 @@ prior to verification.
+ The default digest was changed from MD5 to SHA256 in Openssl 1.1.
+ The FIPS-related options were removed in OpenSSL 1.1
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/dhparam.pod b/doc/apps/dhparam.pod
+index 3557dee..63cc0d3 100644
+--- a/doc/apps/dhparam.pod
++++ b/doc/apps/dhparam.pod
+@@ -44,7 +44,7 @@ additional header and footer lines.
+
+ =item B<-outform DER|PEM>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in> I<filename>
+@@ -123,7 +123,7 @@ for all available algorithms.
+
+ The program B<dhparam> combines the functionality of the programs B<dh> and
+ B<gendh> in previous versions of OpenSSL. The B<dh> and B<gendh>
+-programs are retained for now but may have different purposes in future
++programs are retained for now but may have different purposes in future
+ versions of OpenSSL.
+
+ =head1 NOTES
+@@ -146,4 +146,13 @@ There should be a way to generate and manipulate DH keys.
+
+ L<dsaparam(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/dsa.pod b/doc/apps/dsa.pod
+index 2d370ec..caa0696 100644
+--- a/doc/apps/dsa.pod
++++ b/doc/apps/dsa.pod
+@@ -59,7 +59,7 @@ PKCS#8 format is also accepted.
+
+ =item B<-outform DER|PEM>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in filename>
+@@ -149,7 +149,7 @@ To encrypt a private key using triple DES:
+
+ openssl dsa -in key.pem -des3 -out keyout.pem
+
+-To convert a private key from PEM to DER format:
++To convert a private key from PEM to DER format:
+
+ openssl dsa -in key.pem -outform DER -out keyout.der
+
+@@ -166,4 +166,13 @@ To just output the public part of a private key:
+ L<dsaparam(1)>, L<gendsa(1)>, L<rsa(1)>,
+ L<genrsa(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/dsaparam.pod b/doc/apps/dsaparam.pod
+index f8eff94..08ad47f 100644
+--- a/doc/apps/dsaparam.pod
++++ b/doc/apps/dsaparam.pod
+@@ -41,7 +41,7 @@ of the B<DER> format base64 encoded with additional header and footer lines.
+
+ =item B<-outform DER|PEM>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in filename>
+@@ -112,4 +112,13 @@ DSA parameters is often used to generate several distinct keys.
+ L<gendsa(1)>, L<dsa(1)>, L<genrsa(1)>,
+ L<rsa(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/ec.pod b/doc/apps/ec.pod
+index befb93c..10c5e85 100644
+--- a/doc/apps/ec.pod
++++ b/doc/apps/ec.pod
+@@ -31,7 +31,7 @@ B<openssl> B<ec>
+ =head1 DESCRIPTION
+
+ The B<ec> command processes EC keys. They can be converted between various
+-forms and their components printed out. B<Note> OpenSSL uses the
++forms and their components printed out. B<Note> OpenSSL uses the
+ private key format specified in 'SEC 1: Elliptic Curve Cryptography'
+ (http://www.secg.org/). To convert an OpenSSL EC private key into the
+ PKCS#8 private key format use the B<pkcs8> command.
+@@ -55,7 +55,7 @@ PKCS#8 format is also accepted.
+
+ =item B<-outform DER|PEM>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in filename>
+@@ -83,7 +83,7 @@ see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
+
+ =item B<-des|-des3|-idea>
+
+-These options encrypt the private key with the DES, triple DES, IDEA or
++These options encrypt the private key with the DES, triple DES, IDEA or
+ any other cipher supported by OpenSSL before outputting it. A pass phrase is
+ prompted for.
+ If none of these options is specified the key is written in plain text. This
+@@ -130,7 +130,7 @@ the preprocessor macro B<OPENSSL_EC_BIN_PT_COMP> at compile time.
+ This specifies how the elliptic curve parameters are encoded.
+ Possible value are: B<named_curve>, i.e. the ec parameters are
+ specified by an OID, or B<explicit> where the ec parameters are
+-explicitly given (see RFC 3279 for the definition of the
++explicitly given (see RFC 3279 for the definition of the
+ EC parameters structures). The default value is B<named_curve>.
+ B<Note> the B<implicitlyCA> alternative ,as specified in RFC 3279,
+ is currently not implemented in OpenSSL.
+@@ -170,7 +170,7 @@ To encrypt a private key using triple DES:
+
+ openssl ec -in key.pem -des3 -out keyout.pem
+
+-To convert a private key from PEM to DER format:
++To convert a private key from PEM to DER format:
+
+ openssl ec -in key.pem -outform DER -out keyout.der
+
+@@ -194,4 +194,13 @@ To change the point conversion form to B<compressed>:
+
+ L<ecparam(1)>, L<dsa(1)>, L<rsa(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/ecparam.pod b/doc/apps/ecparam.pod
+index c5500b2..e55322c 100644
+--- a/doc/apps/ecparam.pod
++++ b/doc/apps/ecparam.pod
+@@ -41,12 +41,12 @@ Print out a usage message.
+
+ This specifies the input format. The B<DER> option uses an ASN.1 DER encoded
+ form compatible with RFC 3279 EcpkParameters. The PEM form is the default
+-format: it consists of the B<DER> format base64 encoded with additional
++format: it consists of the B<DER> format base64 encoded with additional
+ header and footer lines.
+
+ =item B<-outform DER|PEM>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in filename>
+@@ -102,7 +102,7 @@ the preprocessor macro B<OPENSSL_EC_BIN_PT_COMP> at compile time.
+ This specifies how the elliptic curve parameters are encoded.
+ Possible value are: B<named_curve>, i.e. the ec parameters are
+ specified by an OID, or B<explicit> where the ec parameters are
+-explicitly given (see RFC 3279 for the definition of the
++explicitly given (see RFC 3279 for the definition of the
+ EC parameters structures). The default value is B<named_curve>.
+ B<Note> the B<implicitlyCA> alternative ,as specified in RFC 3279,
+ is currently not implemented in OpenSSL.
+@@ -141,7 +141,7 @@ PEM format EC parameters use the header and footer lines:
+ -----END EC PARAMETERS-----
+
+ OpenSSL is currently not able to generate new groups and therefore
+-B<ecparam> can only create EC parameters from known (named) curves.
++B<ecparam> can only create EC parameters from known (named) curves.
+
+ =head1 EXAMPLES
+
+@@ -173,4 +173,13 @@ To print out the EC parameters to standard output:
+
+ L<ec(1)>, L<dsaparam(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/enc.pod b/doc/apps/enc.pod
+index 62e1383..d790992 100644
+--- a/doc/apps/enc.pod
++++ b/doc/apps/enc.pod
+@@ -257,7 +257,7 @@ authentication tag.
+ desx DESX algorithm.
+
+ gost89 GOST 28147-89 in CFB mode (provided by ccgost engine)
+- gost89-cnt `GOST 28147-89 in CNT mode (provided by ccgost engine)
++ gost89-cnt `GOST 28147-89 in CNT mode (provided by ccgost engine)
+
+ idea-cbc IDEA algorithm in CBC mode
+ idea same as idea-cbc
+@@ -283,13 +283,13 @@ authentication tag.
+ rc5-ecb RC5 cipher in ECB mode
+ rc5-ofb RC5 cipher in OFB mode
+
+- aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode
+- aes[128|192|256] Alias for aes-[128|192|256]-cbc
+- aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode
+- aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode
+- aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode
+- aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode
+- aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode
++ aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode
++ aes[128|192|256] Alias for aes-[128|192|256]-cbc
++ aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode
++ aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode
++ aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode
++ aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode
++ aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode
+
+ =head1 EXAMPLES
+
+@@ -299,11 +299,11 @@ Just base64 encode a binary file:
+
+ Decode the same file
+
+- openssl base64 -d -in file.b64 -out file.bin
++ openssl base64 -d -in file.b64 -out file.bin
+
+ Encrypt a file using triple DES in CBC mode using a prompted password:
+
+- openssl des3 -salt -in file.txt -out file.des3
++ openssl des3 -salt -in file.txt -out file.des3
+
+ Decrypt a file using a supplied password:
+
+@@ -336,4 +336,13 @@ certain parameters. So if, for example, you want to use RC2 with a
+
+ The default digest was changed from MD5 to SHA256 in Openssl 1.1.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/engine.pod b/doc/apps/engine.pod
+index 467d195..674ab56 100644
+--- a/doc/apps/engine.pod
++++ b/doc/apps/engine.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -25,7 +24,7 @@ B<openssl engine>
+
+ The B<engine> command is used to query the status and capabilities
+ of the specified B<engine>'s.
+-Engines may be speicifed before and after all other command-line flags.
++Engines may be specified before and after all other command-line flags.
+ Only those specified are queried.
+
+ =head1 OPTIONS
+@@ -52,6 +51,7 @@ Tests if each specified engine is available, and displays the answer.
+ Displays an error trace for any unavailable engine.
+
+ =item B<-pre> I<command>
++
+ =item B<-post> I<command>
+
+ Command-line configuration of engines.
+@@ -92,4 +92,13 @@ To list the capabilities of the I<rsax> engine:
+ [RSA]
+ (dynamic) Dynamic engine loading support
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/errstr.pod b/doc/apps/errstr.pod
+index 7d1fee4..5c6ecd3 100644
+--- a/doc/apps/errstr.pod
++++ b/doc/apps/errstr.pod
+@@ -11,7 +11,7 @@ B<openssl errstr error_code>
+ =head1 DESCRIPTION
+
+ Sometimes an application will not load error message and only
+-numerical forms will be available. The B<errstr> utility can be used to
++numerical forms will be available. The B<errstr> utility can be used to
+ display the meaning of the hex code. The hex code is the hex digits after the
+ second colon.
+
+@@ -22,7 +22,7 @@ The error code:
+ 27594:error:2006D080:lib(32):func(109):reason(128):bss_file.c:107:
+
+ can be displayed with:
+-
++
+ openssl errstr 2006D080
+
+ to produce the error message:
+@@ -33,4 +33,13 @@ to produce the error message:
+
+ L<err(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/gendsa.pod b/doc/apps/gendsa.pod
+index f4fef8d..4fd1714 100644
+--- a/doc/apps/gendsa.pod
++++ b/doc/apps/gendsa.pod
+@@ -79,4 +79,13 @@ much quicker that RSA key generation for example.
+ L<dsaparam(1)>, L<dsa(1)>, L<genrsa(1)>,
+ L<rsa(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/genpkey.pod b/doc/apps/genpkey.pod
+index 1bb8c60..a916e76 100644
+--- a/doc/apps/genpkey.pod
++++ b/doc/apps/genpkey.pod
+@@ -213,12 +213,12 @@ Encrypt output private key using 128 bit AES and the passphrase "hello":
+ Generate a 2048 bit RSA key using 3 as the public exponent:
+
+ openssl genpkey -algorithm RSA -out key.pem -pkeyopt rsa_keygen_bits:2048 \
+- -pkeyopt rsa_keygen_pubexp:3
++ -pkeyopt rsa_keygen_pubexp:3
+
+ Generate 1024 bit DSA parameters:
+
+ openssl genpkey -genparam -algorithm DSA -out dsap.pem \
+- -pkeyopt dsa_paramgen_bits:1024
++ -pkeyopt dsa_paramgen_bits:1024
+
+ Generate DSA key from parameters:
+
+@@ -227,7 +227,7 @@ Generate DSA key from parameters:
+ Generate 1024 bit DH parameters:
+
+ openssl genpkey -genparam -algorithm DH -out dhp.pem \
+- -pkeyopt dh_paramgen_prime_len:1024
++ -pkeyopt dh_paramgen_prime_len:1024
+
+ Output RFC5114 2048 bit DH parameters with 224 bit subgroup:
+
+@@ -240,8 +240,8 @@ Generate DH key from parameters:
+ Generate EC parameters:
+
+ openssl genpkey -genparam -algorithm EC -out ecp.pem \
+- -pkeyopt ec_paramgen_curve:secp384r1 \
+- -pkeyopt ec_param_enc:named_curve
++ -pkeyopt ec_paramgen_curve:secp384r1 \
++ -pkeyopt ec_param_enc:named_curve
+
+ Generate EC key from parameters:
+
+@@ -250,13 +250,21 @@ Generate EC key from parameters:
+ Generate EC key directly:
+
+ openssl genpkey -algorithm EC -out eckey.pem \
+- -pkeyopt ec_paramgen_curve:P-384 \
+- -pkeyopt ec_param_enc:named_curve
++ -pkeyopt ec_paramgen_curve:P-384 \
++ -pkeyopt ec_param_enc:named_curve
+
+ =head1 HISTORY
+
+ The ability to use NIST curve names, and to generate an EC key directly,
+ were added in OpenSSL 1.0.2.
+
+-=cut
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/apps/genrsa.pod b/doc/apps/genrsa.pod
+index 37ced0d..38e83f7 100644
+--- a/doc/apps/genrsa.pod
++++ b/doc/apps/genrsa.pod
+@@ -103,5 +103,13 @@ be much larger (typically 1024 bits).
+
+ L<gendsa(1)>
+
+-=cut
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/apps/nseq.pod b/doc/apps/nseq.pod
+index 198e7f4..6954965 100644
+--- a/doc/apps/nseq.pod
++++ b/doc/apps/nseq.pod
+@@ -72,4 +72,13 @@ It is used by Netscape certificate server for example.
+ This program needs a few more options: like allowing DER or PEM input and
+ output files and allowing multiple certificate files to be used.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/ocsp.pod b/doc/apps/ocsp.pod
+index c796fd5..50fb4fa 100644
+--- a/doc/apps/ocsp.pod
++++ b/doc/apps/ocsp.pod
+@@ -42,6 +42,7 @@ B<openssl> B<ocsp>
+ [B<-ignore_critical>]
+ [B<-inhibit_any>]
+ [B<-inhibit_map>]
++[B<-no_check_time>]
+ [B<-partial_chain>]
+ [B<-policy arg>]
+ [B<-policy_check>]
+@@ -195,7 +196,7 @@ Do not load the trusted CA certificates from the default directory location
+
+ =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
+ B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
+-B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,
++B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,
+ B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
+ B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
+ B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
+@@ -265,24 +266,25 @@ only be used for testing purposes.
+ =item B<-validity_period nsec>, B<-status_age age>
+
+ these options specify the range of times, in seconds, which will be tolerated
+-in an OCSP response. Each certificate status response includes a B<notBefore> time and
+-an optional B<notAfter> time. The current time should fall between these two values, but
+-the interval between the two times may be only a few seconds. In practice the OCSP
+-responder and clients clocks may not be precisely synchronised and so such a check
+-may fail. To avoid this the B<-validity_period> option can be used to specify an
+-acceptable error range in seconds, the default value is 5 minutes.
+-
+-If the B<notAfter> time is omitted from a response then this means that new status
+-information is immediately available. In this case the age of the B<notBefore> field
+-is checked to see it is not older than B<age> seconds old. By default this additional
+-check is not performed.
++in an OCSP response. Each certificate status response includes a B<notBefore>
++time and an optional B<notAfter> time. The current time should fall between
++these two values, but the interval between the two times may be only a few
++seconds. In practice the OCSP responder and clients clocks may not be precisely
++synchronised and so such a check may fail. To avoid this the
++B<-validity_period> option can be used to specify an acceptable error range in
++seconds, the default value is 5 minutes.
++
++If the B<notAfter> time is omitted from a response then this means that new
++status information is immediately available. In this case the age of the
++B<notBefore> field is checked to see it is not older than B<age> seconds old.
++By default this additional check is not performed.
+
+ =item B<-[digest]>
+
+-this option sets digest algorithm to use for certificate identification
+-in the OCSP request.
+-Any digest supported by the OpenSSL B<dgst> command can be used.
+-The default is SHA-1.
++this option sets digest algorithm to use for certificate identification in the
++OCSP request. Any digest supported by the OpenSSL B<dgst> command can be used.
++The default is SHA-1. This option may be used multiple times to specify the
++digest used by subsequent certificate identifiers.
+
+ =back
+
+@@ -335,13 +337,13 @@ option.
+
+ =item B<-nrequest number>
+
+-The OCSP server will exit after receiving B<number> requests, default unlimited.
++The OCSP server will exit after receiving B<number> requests, default unlimited.
+
+ =item B<-nmin minutes>, B<-ndays days>
+
+ Number of minutes or days when fresh revocation information is available: used in the
+-B<nextUpdate> field. If neither option is present then the B<nextUpdate> field is
+-omitted meaning fresh revocation information is immediately available.
++B<nextUpdate> field. If neither option is present then the B<nextUpdate> field
++is omitted meaning fresh revocation information is immediately available.
+
+ =back
+
+@@ -411,7 +413,7 @@ Create an OCSP request and write it to a file:
+
+ openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem -reqout req.der
+
+-Send a query to an OCSP responder with URL http://ocsp.myhost.com/ save the
++Send a query to an OCSP responder with URL http://ocsp.myhost.com/ save the
+ response to a file, print it out in text form, and verify the response:
+
+ openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem \
+@@ -425,7 +427,7 @@ OCSP server on port 8888 using a standard B<ca> configuration, and a separate
+ responder certificate. All requests and responses are printed to a file.
+
+ openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
+- -text -out log.txt
++ -text -out log.txt
+
+ As above but exit after processing one request:
+
+@@ -447,4 +449,13 @@ to a second file.
+
+ The -no_alt_chains options was first added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/openssl.pod b/doc/apps/openssl.pod
+index 717550d..b63754b 100644
+--- a/doc/apps/openssl.pod
++++ b/doc/apps/openssl.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -65,7 +64,7 @@ availability of ciphers in the B<openssl> program. (B<no->I<XXX> is
+ not able to detect pseudo-commands such as B<quit>,
+ B<list>, or B<no->I<XXX> itself.)
+
+-=head2 STANDARD COMMANDS
++=head2 Standard Commands
+
+ =over 10
+
+@@ -259,7 +258,7 @@ X.509 Certificate Data Management.
+
+ =back
+
+-=head2 MESSAGE DIGEST COMMANDS
++=head2 Message Digest Commands
+
+ =over 10
+
+@@ -305,7 +304,7 @@ SHA-512 Digest
+
+ =back
+
+-=head2 ENCODING AND CIPHER COMMANDS
++=head2 Encoding and Cipher Commands
+
+ =over 10
+
+@@ -416,4 +415,13 @@ The B<list->I<XXX>B<-algorithms> pseudo-commands were added in OpenSSL 1.0.0;
+ For notes on the availability of other commands, see their individual
+ manual pages.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/passwd.pod b/doc/apps/passwd.pod
+index b784f6c..87dd8d8 100644
+--- a/doc/apps/passwd.pod
++++ b/doc/apps/passwd.pod
+@@ -84,4 +84,13 @@ B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXj
+
+ B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/pkcs12.pod b/doc/apps/pkcs12.pod
+index d38484b..2f2c4d1 100644
+--- a/doc/apps/pkcs12.pod
++++ b/doc/apps/pkcs12.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -337,7 +336,7 @@ Output only client certificates to a file:
+ openssl pkcs12 -in file.p12 -clcerts -out file.pem
+
+ Don't encrypt the private key:
+-
++
+ openssl pkcs12 -in file.p12 -out file.pem -nodes
+
+ Print some info about a PKCS#12 file:
+@@ -357,3 +356,13 @@ Include some extra certificates:
+
+ L<pkcs8(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/apps/pkcs7.pod b/doc/apps/pkcs7.pod
+index 6cb015c..8c3c11f 100644
+--- a/doc/apps/pkcs7.pod
++++ b/doc/apps/pkcs7.pod
+@@ -37,7 +37,7 @@ the DER form with header and footer lines.
+
+ =item B<-outform DER|PEM>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in filename>
+@@ -100,11 +100,20 @@ For compatibility with some CAs it will also accept:
+
+ There is no option to print out all the fields of a PKCS#7 file.
+
+-This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC2315 they
++This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC2315 they
+ cannot currently parse, for example, the new CMS as described in RFC2630.
+
+ =head1 SEE ALSO
+
+ L<crl2pkcs7(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/pkcs8.pod b/doc/apps/pkcs8.pod
+index 8d28a12..cd6db02 100644
+--- a/doc/apps/pkcs8.pod
++++ b/doc/apps/pkcs8.pod
+@@ -18,6 +18,7 @@ B<openssl> B<pkcs8>
+ [B<-iter count>]
+ [B<-noiter>]
+ [B<-nocrypt>]
++[B<-traditional>]
+ [B<-v2 alg>]
+ [B<-v2prf alg>]
+ [B<-v1 alg>]
+@@ -43,22 +44,22 @@ Print out a usage message.
+
+ =item B<-topk8>
+
+-Normally a PKCS#8 private key is expected on input and a traditional format
+-private key will be written. With the B<-topk8> option the situation is
+-reversed: it reads a traditional format private key and writes a PKCS#8
+-format key.
++Normally a PKCS#8 private key is expected on input and a private key will be
++written to the output file. With the B<-topk8> option the situation is
++reversed: it reads a private key and writes a PKCS#8 format key.
+
+ =item B<-inform DER|PEM>
+
+-This specifies the input format. If a PKCS#8 format key is expected on input
+-then either a B<DER> or B<PEM> encoded version of a PKCS#8 key will be
+-expected. Otherwise the B<DER> or B<PEM> format of the traditional format
+-private key is used.
++This specifies the input format: see L<KEY FORMATS> for more details.
+
+ =item B<-outform DER|PEM>
+
+-This specifies the output format, the options have the same meaning as the
+-B<-inform> option.
++This specifies the output format: see L<KEY FORMATS> for more details.
++
++=item B<-traditional>
++
++When this option is present and B<-topk8> is not a traditional format private
++key is written.
+
+ =item B<-in filename>
+
+@@ -100,28 +101,26 @@ code signing software used unencrypted private keys.
+
+ =item B<-v2 alg>
+
+-This option enables the use of PKCS#5 v2.0 algorithms. Normally PKCS#8
+-private keys are encrypted with the password based encryption algorithm
+-called B<pbeWithMD5AndDES-CBC> this uses 56 bit DES encryption but it
+-was the strongest encryption algorithm supported in PKCS#5 v1.5. Using
+-the B<-v2> option PKCS#5 v2.0 algorithms are used which can use any
+-encryption algorithm such as 168 bit triple DES or 128 bit RC2 however
+-not many implementations support PKCS#5 v2.0 yet. If you are just using
+-private keys with OpenSSL then this doesn't matter.
++This option sets the PKCS#5 v2.0 algorithm.
+
+ The B<alg> argument is the encryption algorithm to use, valid values include
+-B<des>, B<des3> and B<rc2>. It is recommended that B<des3> is used.
++B<aes128>, B<aes256> and B<des3>. If this option isn't specified then B<aes256>
++is used.
+
+ =item B<-v2prf alg>
+
+ This option sets the PRF algorithm to use with PKCS#5 v2.0. A typical value
+-values would be B<hmacWithSHA256>. If this option isn't set then the default
+-for the cipher is used or B<hmacWithSHA1> if there is no default.
++value would be B<hmacWithSHA256>. If this option isn't set then the default
++for the cipher is used or B<hmacWithSHA256> if there is no default.
++
++Some implementations may not support custom PRF algorithms and may require
++the B<hmacWithSHA1> option to work.
+
+ =item B<-v1 alg>
+
+-This option specifies a PKCS#5 v1.5 or PKCS#12 algorithm to use. A complete
+-list of possible algorithms is included below.
++This option indicates a PKCS#5 v1.5 or PKCS#12 algorithm should be used. Some
++older implementations may not support PKCS#5 v2.0 and may require this option.
++If not specified PKCS#5 v2.0 form is used.
+
+ =item B<-engine id>
+
+@@ -143,8 +142,36 @@ sets the scrypt B<N>, B<r> or B<p> parameters.
+
+ =back
+
++=head1 KEY FORMATS
++
++Various different formats are used by the pkcs8 utility. These are detailed
++below.
++
++If a key is being converted from PKCS#8 form (i.e. the B<-topk8> option is
++not used) then the input file must be in PKCS#8 format. An encrypted
++key is expected unless B<-nocrypt> is included.
++
++If B<-topk8> is not used and B<PEM> mode is set the output file will be an
++unencrypted private key in PKCS#8 format. If the B<-traditional> option is
++used then a traditional format private key is written instead.
++
++If B<-topk8> is not used and B<DER> mode is set the output file will be an
++unencrypted private key in traditional DER format.
++
++If B<-topk8> is used then any supported private key can be used for the input
++file in a format specified by B<-inform>. The output file will be encrypted
++PKCS#8 format using the specified encryption parameters unless B<-nocrypt>
++is included.
++
+ =head1 NOTES
+
++By default, when converting a key to PKCS#8 format, PKCS#5 v2.0 using 256 bit
++AES with HMAC and SHA256 is used.
++
++Some older implementations do not support PKCS#5 v2.0 format and require
++the older PKCS#5 v1.5 form instead, possibly also requiring insecure weak
++encryption algorithms such as 56 bit DES.
++
+ The encrypted form of a PEM encode PKCS#8 files uses the following
+ headers and footers:
+
+@@ -161,13 +188,6 @@ counts are more secure that those encrypted using the traditional
+ SSLeay compatible formats. So if additional security is considered
+ important the keys should be converted.
+
+-The default encryption is only 56 bits because this is the encryption
+-that most current implementations of PKCS#8 will support.
+-
+-Some software may use PKCS#12 password based encryption algorithms
+-with PKCS#8 format private keys: these are handled automatically
+-but there is no option to produce them.
+-
+ It is possible to write out DER encoded encrypted private keys in
+ PKCS#8 format because the encryption details are included at an ASN1
+ level whereas the traditional format includes them at a PEM level.
+@@ -201,20 +221,28 @@ allow strong encryption algorithms like triple DES or 128 bit RC2 to be used.
+
+ =head1 EXAMPLES
+
+-Convert a private from traditional to PKCS#5 v2.0 format using triple
+-DES:
++Convert a private key to PKCS#8 format using default parameters (AES with
++256 bit key and B<hmacWithSHA256>):
++
++ openssl pkcs8 -in key.pem -topk8 -out enckey.pem
++
++Convert a private key to PKCS#8 unencrypted format:
++
++ openssl pkcs8 -in key.pem -topk8 -nocrypt -out enckey.pem
++
++Convert a private key to PKCS#5 v2.0 format using triple DES:
+
+ openssl pkcs8 -in key.pem -topk8 -v2 des3 -out enckey.pem
+
+-Convert a private from traditional to PKCS#5 v2.0 format using AES with
+-256 bits in CBC mode and B<hmacWithSHA256> PRF:
++Convert a private key to PKCS#5 v2.0 format using AES with 256 bits in CBC
++mode and B<hmacWithSHA512> PRF:
+
+- openssl pkcs8 -in key.pem -topk8 -v2 aes-256-cbc -v2prf hmacWithSHA256 -out enckey.pem
++ openssl pkcs8 -in key.pem -topk8 -v2 aes-256-cbc -v2prf hmacWithSHA512 -out enckey.pem
+
+ Convert a private key to PKCS#8 using a PKCS#5 1.5 compatible algorithm
+ (DES):
+
+- openssl pkcs8 -in key.pem -topk8 -out enckey.pem
++ openssl pkcs8 -in key.pem -topk8 -v1 PBE-MD5-DES -out enckey.pem
+
+ Convert a private key to PKCS#8 using a PKCS#12 compatible algorithm
+ (3DES):
+@@ -225,14 +253,14 @@ Read a DER unencrypted PKCS#8 format private key:
+
+ openssl pkcs8 -inform DER -nocrypt -in key.der -out key.pem
+
+-Convert a private key from any PKCS#8 format to traditional format:
++Convert a private key from any PKCS#8 encrypted format to traditional format:
++
++ openssl pkcs8 -in pk8.pem -traditional -out key.pem
+
+- openssl pkcs8 -in pk8.pem -out key.pem
+-
+-Convert a private key to PKCS#8 format, encrypting with AES-256 and with
++Convert a private key to PKCS#8 format, encrypting with AES-256 and with
+ one million iterations of the password:
+
+- openssl pkcs8 -in raw.pem -topk8 -v2 aes-256-cbc -iter 1000000 -out pk8.pem
++ openssl pkcs8 -in key.pem -topk8 -v2 aes-256-cbc -iter 1000000 -out pk8.pem
+
+ =head1 STANDARDS
+
+@@ -252,17 +280,22 @@ PKCS#8 private key format complies with this standard.
+ There should be an option that prints out the encryption algorithm
+ in use and other details such as the iteration count.
+
+-PKCS#8 using triple DES and PKCS#5 v2.0 should be the default private
+-key format for OpenSSL: for compatibility several of the utilities use
+-the old format at present.
+-
+ =head1 SEE ALSO
+
+ L<dsa(1)>, L<rsa(1)>, L<genrsa(1)>,
+-L<gendsa(1)>
++L<gendsa(1)>
+
+ =head1 HISTORY
+
+ The B<-iter> option was added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/pkey.pod b/doc/apps/pkey.pod
+index 5808390..dc736a3 100644
+--- a/doc/apps/pkey.pod
++++ b/doc/apps/pkey.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -15,6 +14,7 @@ B<openssl> B<pkey>
+ [B<-passin arg>]
+ [B<-out filename>]
+ [B<-passout arg>]
++[B<-traditional>]
+ [B<-cipher>]
+ [B<-text>]
+ [B<-text_pub>]
+@@ -42,7 +42,7 @@ This specifies the input format DER or PEM.
+
+ =item B<-outform DER|PEM>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in filename>
+@@ -68,6 +68,12 @@ filename.
+ the output file password source. For more information about the format of B<arg>
+ see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
+
++=item B<-traditional>
++
++normally a private key is written using standard format: this is PKCS#8 form
++with the appropriate encryption algorithm (if any). If the B<-traditional>
++option is specified then the older "traditional" format is used instead.
++
+ =item B<-cipher>
+
+ These options encrypt the private key with the supplied cipher. Any algorithm
+@@ -76,7 +82,7 @@ name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
+ =item B<-text>
+
+ prints out the various public or private key components in
+-plain text in addition to the encoded version.
++plain text in addition to the encoded version.
+
+ =item B<-text_pub>
+
+@@ -116,7 +122,7 @@ To encrypt a private key using triple DES:
+
+ openssl pkey -in key.pem -des3 -out keyout.pem
+
+-To convert a private key from PEM to DER format:
++To convert a private key from PEM to DER format:
+
+ openssl pkey -in key.pem -outform DER -out keyout.der
+
+@@ -135,6 +141,15 @@ To just output the public part of a private key:
+ =head1 SEE ALSO
+
+ L<genpkey(1)>, L<rsa(1)>, L<pkcs8(1)>,
+-L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)>
++L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)>
++
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/apps/pkeyparam.pod b/doc/apps/pkeyparam.pod
+index c3c6dbb..6a8c4a8 100644
+--- a/doc/apps/pkeyparam.pod
++++ b/doc/apps/pkeyparam.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -40,7 +39,7 @@ this option is not specified.
+
+ =item B<-text>
+
+-prints out the parameters in plain text in addition to the encoded version.
++prints out the parameters in plain text in addition to the encoded version.
+
+ =item B<-noout>
+
+@@ -69,6 +68,15 @@ PEM format is supported because the key type is determined by the PEM headers.
+ =head1 SEE ALSO
+
+ L<genpkey(1)>, L<rsa(1)>, L<pkcs8(1)>,
+-L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)>
++L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)>
++
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/apps/pkeyutl.pod b/doc/apps/pkeyutl.pod
+index fed683f..6b8e2bc 100644
+--- a/doc/apps/pkeyutl.pod
++++ b/doc/apps/pkeyutl.pod
+@@ -84,11 +84,11 @@ the peer key format PEM, DER or ENGINE. Default is PEM.
+
+ =item B<-pubin>
+
+-the input file is a public key.
++the input file is a public key.
+
+ =item B<-certin>
+
+-the input is a certificate containing a public key.
++the input is a certificate containing a public key.
+
+ =item B<-rev>
+
+@@ -198,7 +198,7 @@ This sets the RSA padding mode. Acceptable values for B<mode> are B<pkcs1> for
+ PKCS#1 padding, B<sslv23> for SSLv23 padding, B<none> for no padding, B<oaep>
+ for B<OAEP> mode, B<x931> for X9.31 mode and B<pss> for PSS.
+
+-In PKCS#1 padding if the message digest is not set then the supplied data is
++In PKCS#1 padding if the message digest is not set then the supplied data is
+ signed or verified directly instead of using a B<DigestInfo> structure. If a
+ digest is set then the a B<DigestInfo> structure is used and its the length
+ must correspond to the digest type.
+@@ -273,3 +273,14 @@ seed consisting of the single byte 0xFF:
+ L<genpkey(1)>, L<pkey(1)>, L<rsautl(1)>
+ L<dgst(1)>, L<rsa(1)>, L<genrsa(1)>,
+ L<EVP_PKEY_HKDF(3)>, L<EVP_PKEY_TLS1_PRF(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/apps/rand.pod b/doc/apps/rand.pod
+index 444dcbb..0faf687 100644
+--- a/doc/apps/rand.pod
++++ b/doc/apps/rand.pod
+@@ -57,4 +57,13 @@ Show the output as a hex string.
+
+ L<RAND_bytes(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/rehash.pod b/doc/apps/rehash.pod
+index 7ec6511..62e39cf 100644
+--- a/doc/apps/rehash.pod
++++ b/doc/apps/rehash.pod
+@@ -125,3 +125,14 @@ Ignored if directories are listed on the command line.
+ L<openssl(1)>,
+ L<crl(1)>.
+ L<x509(1)>.
++
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/apps/req.pod b/doc/apps/req.pod
+index 8353e9a..5440de5 100644
+--- a/doc/apps/req.pod
++++ b/doc/apps/req.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -70,7 +69,7 @@ footer lines.
+
+ =item B<-outform DER|PEM>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in filename>
+@@ -257,7 +256,7 @@ a variety of purposes.
+
+ =item B<-utf8>
+
+-this option causes field values to be interpreted as UTF8 strings, by
++this option causes field values to be interpreted as UTF8 strings, by
+ default they are interpreted as ASCII. This means that the field
+ values, whether prompted from a terminal or obtained from a
+ configuration file, must be valid UTF8 strings.
+@@ -272,7 +271,7 @@ set multiple options. See the L<x509(1)> manual page for details.
+ =item B<-reqopt>
+
+ customise the output format used with B<-text>. The B<option> argument can be
+-a single option or multiple options separated by commas.
++a single option or multiple options separated by commas.
+
+ See discussion of the B<-certopt> parameter in the L<x509(1)>
+ command.
+@@ -342,7 +341,7 @@ overridden by the B<-keyout> option.
+ This specifies a file containing additional B<OBJECT IDENTIFIERS>.
+ Each line of the file should consist of the numerical form of the
+ object identifier followed by white space then the short name followed
+-by white space and finally the long name.
++by white space and finally the long name.
+
+ =item B<oid_section>
+
+@@ -376,7 +375,7 @@ This option masks out the use of certain string types in certain
+ fields. Most users will not need to change this option.
+
+ It can be set to several values B<default> which is also the default
+-option uses PrintableStrings, T61Strings and BMPStrings if the
++option uses PrintableStrings, T61Strings and BMPStrings if the
+ B<pkix> value is used then only PrintableStrings and BMPStrings will
+ be used. This follows the PKIX recommendation in RFC2459. If the
+ B<utf8only> option is used then only UTF8Strings will be used: this
+@@ -388,7 +387,7 @@ problems with BMPStrings and UTF8Strings: in particular Netscape.
+
+ this specifies the configuration file section containing a list of
+ extensions to add to the certificate request. It can be overridden
+-by the B<-reqexts> command line switch. See the
++by the B<-reqexts> command line switch. See the
+ L<x509v3_config(5)> manual page for details of the
+ extension section format.
+
+@@ -499,8 +498,8 @@ Generate a self signed root certificate:
+
+ Example of a file pointed to by the B<oid_file> option:
+
+- 1.2.3.4 shortName A longer Name
+- 1.2.3.6 otherName Other longer Name
++ 1.2.3.4 shortName A longer Name
++ 1.2.3.6 otherName Other longer Name
+
+ Example of a section pointed to by B<oid_section> making use of variable
+ expansion:
+@@ -511,34 +510,34 @@ expansion:
+ Sample configuration file prompting for field values:
+
+ [ req ]
+- default_bits = 2048
+- default_keyfile = privkey.pem
+- distinguished_name = req_distinguished_name
+- attributes = req_attributes
+- req_extensions = v3_ca
++ default_bits = 2048
++ default_keyfile = privkey.pem
++ distinguished_name = req_distinguished_name
++ attributes = req_attributes
++ req_extensions = v3_ca
+
+ dirstring_type = nobmp
+
+ [ req_distinguished_name ]
+- countryName = Country Name (2 letter code)
+- countryName_default = AU
+- countryName_min = 2
+- countryName_max = 2
++ countryName = Country Name (2 letter code)
++ countryName_default = AU
++ countryName_min = 2
++ countryName_max = 2
+
+- localityName = Locality Name (eg, city)
++ localityName = Locality Name (eg, city)
+
+- organizationalUnitName = Organizational Unit Name (eg, section)
++ organizationalUnitName = Organizational Unit Name (eg, section)
+
+- commonName = Common Name (eg, YOUR name)
+- commonName_max = 64
++ commonName = Common Name (eg, YOUR name)
++ commonName_max = 64
+
+- emailAddress = Email Address
+- emailAddress_max = 40
++ emailAddress = Email Address
++ emailAddress_max = 40
+
+ [ req_attributes ]
+- challengePassword = A challenge password
+- challengePassword_min = 4
+- challengePassword_max = 20
++ challengePassword = A challenge password
++ challengePassword_min = 4
++ challengePassword_max = 20
+
+ [ v3_ca ]
+
+@@ -549,27 +548,27 @@ Sample configuration file prompting for field values:
+ Sample configuration containing all field values:
+
+
+- RANDFILE = $ENV::HOME/.rnd
++ RANDFILE = $ENV::HOME/.rnd
+
+ [ req ]
+- default_bits = 2048
+- default_keyfile = keyfile.pem
+- distinguished_name = req_distinguished_name
+- attributes = req_attributes
+- prompt = no
+- output_password = mypass
++ default_bits = 2048
++ default_keyfile = keyfile.pem
++ distinguished_name = req_distinguished_name
++ attributes = req_attributes
++ prompt = no
++ output_password = mypass
+
+ [ req_distinguished_name ]
+- C = GB
+- ST = Test State or Province
+- L = Test Locality
+- O = Organization Name
+- OU = Organizational Unit Name
+- CN = Common Name
+- emailAddress = test at email.address
++ C = GB
++ ST = Test State or Province
++ L = Test Locality
++ O = Organization Name
++ OU = Organizational Unit Name
++ CN = Common Name
++ emailAddress = test at email.address
+
+ [ req_attributes ]
+- challengePassword = A challenge password
++ challengePassword = A challenge password
+
+
+ =head1 NOTES
+@@ -596,13 +595,13 @@ by the script in an extendedKeyUsage extension.
+
+ The following messages are frequently asked about:
+
+- Using configuration from /some/path/openssl.cnf
+- Unable to load config info
++ Using configuration from /some/path/openssl.cnf
++ Unable to load config info
+
+ This is followed some time later by...
+
+- unable to find 'distinguished_name' in config
+- problems making Certificate Request
++ unable to find 'distinguished_name' in config
++ problems making Certificate Request
+
+ The first error message is the clue: it can't find the configuration
+ file! Certain operations (like examining a certificate request) don't
+@@ -652,6 +651,15 @@ address in subjectAltName should be input by the user.
+
+ L<x509(1)>, L<ca(1)>, L<genrsa(1)>,
+ L<gendsa(1)>, L<config(5)>,
+-L<x509v3_config(5)>
++L<x509v3_config(5)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/apps/rsa.pod b/doc/apps/rsa.pod
+index dbb3df5..c3178ab 100644
+--- a/doc/apps/rsa.pod
++++ b/doc/apps/rsa.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -61,7 +60,7 @@ section.
+
+ =item B<-outform DER|NET|PEM>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in filename>
+@@ -100,7 +99,7 @@ These options can only be used with PEM format output files.
+ =item B<-text>
+
+ prints out the various public or private key components in
+-plain text in addition to the encoded version.
++plain text in addition to the encoded version.
+
+ =item B<-noout>
+
+@@ -176,7 +175,7 @@ To encrypt a private key using triple DES:
+
+ openssl rsa -in key.pem -des3 -out keyout.pem
+
+-To convert a private key from PEM to DER format:
++To convert a private key from PEM to DER format:
+
+ openssl rsa -in key.pem -outform DER -out keyout.der
+
+@@ -203,6 +202,15 @@ without having to manually edit them.
+ =head1 SEE ALSO
+
+ L<pkcs8(1)>, L<dsa(1)>, L<genrsa(1)>,
+-L<gendsa(1)>
++L<gendsa(1)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/apps/rsautl.pod b/doc/apps/rsautl.pod
+index 357b722..325c691 100644
+--- a/doc/apps/rsautl.pod
++++ b/doc/apps/rsautl.pod
+@@ -61,7 +61,7 @@ the input file is an RSA public key.
+
+ =item B<-certin>
+
+-the input is a certificate containing an RSA public key.
++the input is a certificate containing an RSA public key.
+
+ =item B<-sign>
+
+@@ -136,24 +136,24 @@ example in certs/pca-cert.pem . Running B<asn1parse> as follows yields:
+
+ openssl asn1parse -in pca-cert.pem
+
+- 0:d=0 hl=4 l= 742 cons: SEQUENCE
+- 4:d=1 hl=4 l= 591 cons: SEQUENCE
+- 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
++ 0:d=0 hl=4 l= 742 cons: SEQUENCE
++ 4:d=1 hl=4 l= 591 cons: SEQUENCE
++ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+- 16:d=2 hl=2 l= 13 cons: SEQUENCE
++ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption
+- 29:d=3 hl=2 l= 0 prim: NULL
+- 31:d=2 hl=2 l= 92 cons: SEQUENCE
+- 33:d=3 hl=2 l= 11 cons: SET
+- 35:d=4 hl=2 l= 9 cons: SEQUENCE
++ 29:d=3 hl=2 l= 0 prim: NULL
++ 31:d=2 hl=2 l= 92 cons: SEQUENCE
++ 33:d=3 hl=2 l= 11 cons: SET
++ 35:d=4 hl=2 l= 9 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :countryName
+ 42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU
+ ....
+- 599:d=1 hl=2 l= 13 cons: SEQUENCE
++ 599:d=1 hl=2 l= 13 cons: SEQUENCE
+ 601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption
+- 612:d=2 hl=2 l= 0 prim: NULL
+- 614:d=1 hl=3 l= 129 prim: BIT STRING
++ 612:d=2 hl=2 l= 0 prim: NULL
++ 614:d=1 hl=3 l= 129 prim: BIT STRING
+
+
+ The final BIT STRING contains the actual signature. It can be extracted with:
+@@ -161,18 +161,18 @@ The final BIT STRING contains the actual signature. It can be extracted with:
+ openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614
+
+ The certificate public key can be extracted with:
+-
++
+ openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem
+
+ The signature can be analysed with:
+
+ openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin
+
+- 0:d=0 hl=2 l= 32 cons: SEQUENCE
+- 2:d=1 hl=2 l= 12 cons: SEQUENCE
++ 0:d=0 hl=2 l= 32 cons: SEQUENCE
++ 2:d=1 hl=2 l= 12 cons: SEQUENCE
+ 4:d=2 hl=2 l= 8 prim: OBJECT :md5
+- 14:d=2 hl=2 l= 0 prim: NULL
+- 16:d=1 hl=2 l= 16 prim: OCTET STRING
++ 14:d=2 hl=2 l= 0 prim: NULL
++ 16:d=1 hl=2 l= 16 prim: OCTET STRING
+ 0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5 .F...Js.7...H%..
+
+ This is the parsed version of an ASN1 DigestInfo structure. It can be seen that
+@@ -191,3 +191,14 @@ which it can be seen agrees with the recovered value above.
+ =head1 SEE ALSO
+
+ L<dgst(1)>, L<rsa(1)>, L<genrsa(1)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
+index e06af14..f5e3b63 100644
+--- a/doc/apps/s_client.pod
++++ b/doc/apps/s_client.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -34,6 +33,7 @@ B<openssl> B<s_client>
+ [B<-ignore_critical>]
+ [B<-inhibit_any>]
+ [B<-inhibit_map>]
++[B<-no_check_time>]
+ [B<-partial_chain>]
+ [B<-policy arg>]
+ [B<-policy_check>]
+@@ -227,7 +227,7 @@ whitespace is ignored in the associated data field. For example:
+
+ =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
+ B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
+-B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,
++B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,
+ B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
+ B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
+ B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
+@@ -415,7 +415,7 @@ print out a hex dump of any TLS extensions received from the server.
+
+ =item B<-no_ticket>
+
+-disable RFC4507bis session ticket support.
++disable RFC4507bis session ticket support.
+
+ =item B<-sess_out filename>
+
+@@ -443,7 +443,7 @@ all others.
+
+ =item B<-serverinfo types>
+
+-a list of comma-separated TLS Extension Types (numbers between 0 and
++a list of comma-separated TLS Extension Types (numbers between 0 and
+ 65535). Each type will be sent as an empty ClientHello TLS Extension.
+ The server's response (if any) will be encoded and displayed as a PEM
+ file.
+@@ -549,4 +549,13 @@ L<sess_id(1)>, L<s_server(1)>, L<ciphers(1)>
+
+ The -no_alt_chains options was first added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod
+index 08554f4..f887cc6 100644
+--- a/doc/apps/s_server.pod
++++ b/doc/apps/s_server.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -44,6 +43,7 @@ B<openssl> B<s_server>
+ [B<-ignore_critical>]
+ [B<-inhibit_any>]
+ [B<-inhibit_map>]
++[B<-no_check_time>]
+ [B<-partial_chain>]
+ [B<-policy arg>]
+ [B<-policy_check>]
+@@ -232,7 +232,7 @@ anonymous ciphersuite or PSK) this option has no effect.
+
+ =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
+ B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
+-B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,
++B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,
+ B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
+ B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
+ B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
+@@ -559,4 +559,13 @@ L<sess_id(1)>, L<s_client(1)>, L<ciphers(1)>
+
+ The -no_alt_chains options was first added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/s_time.pod b/doc/apps/s_time.pod
+index b9a7dd9..acadd30 100644
+--- a/doc/apps/s_time.pod
++++ b/doc/apps/s_time.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -183,4 +182,13 @@ fails.
+
+ L<s_client(1)>, L<s_server(1)>, L<ciphers(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/sess_id.pod b/doc/apps/sess_id.pod
+index 1407dfa..b3b77b7 100644
+--- a/doc/apps/sess_id.pod
++++ b/doc/apps/sess_id.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -57,7 +56,7 @@ output if this option is not specified.
+ =item B<-text>
+
+ prints out the various public or private key components in
+-plain text in addition to the encoded version.
++plain text in addition to the encoded version.
+
+ =item B<-cert>
+
+@@ -150,4 +149,13 @@ The cipher and start time should be printed out in human readable form.
+
+ L<ciphers(1)>, L<s_server(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod
+index e6323ad..05cefea 100644
+--- a/doc/apps/smime.pod
++++ b/doc/apps/smime.pod
+@@ -14,6 +14,8 @@ B<openssl> B<smime>
+ [B<-resign>]
+ [B<-verify>]
+ [B<-pk7out>]
++[B<-binary>]
++[B<-crlfeol>]
+ [B<-[cipher]>]
+ [B<-in file>]
+ [B<-CAfile file>]
+@@ -168,7 +170,7 @@ is S/MIME and it uses the multipart/signed MIME content type.
+
+ this option adds plain text (text/plain) MIME headers to the supplied
+ message if encrypting or signing. If decrypting or verifying it strips
+-off text headers: if the decrypted or verified message is not of MIME
++off text headers: if the decrypted or verified message is not of MIME
+ type text/plain then an error occurs.
+
+ =item B<-CAfile file>
+@@ -199,7 +201,7 @@ default digest algorithm for the signing key will be used (usually SHA1).
+
+ the encryption algorithm to use. For example DES (56 bits) - B<-des>,
+ triple DES (168 bits) - B<-des3>,
+-EVP_get_cipherbyname() function) can also be used preceded by a dash, for
++EVP_get_cipherbyname() function) can also be used preceded by a dash, for
+ example B<-aes-128-cbc>. See L<B<enc>|enc(1)> for list of ciphers
+ supported by your version of OpenSSL.
+
+@@ -245,6 +247,11 @@ effectively using CR and LF as end of line: as required by the S/MIME
+ specification. When this option is present no translation occurs. This
+ is useful when handling binary data which may not be in MIME format.
+
++=item B<-crlfeol>
++
++normally the output file uses a single B<LF> as end of line. When this
++option is present B<CRLF> is used instead.
++
+ =item B<-nodetach>
+
+ when signing a message use opaque signing: this form is more resistant
+@@ -294,7 +301,7 @@ all others.
+ =item B<cert.pem...>
+
+ one or more certificates of message recipients: used when encrypting
+-a message.
++a message.
+
+ =item B<-to, -from, -subject>
+
+@@ -391,29 +398,29 @@ the signers certificates.
+ Create a cleartext signed message:
+
+ openssl smime -sign -in message.txt -text -out mail.msg \
+- -signer mycert.pem
++ -signer mycert.pem
+
+ Create an opaque signed message:
+
+ openssl smime -sign -in message.txt -text -out mail.msg -nodetach \
+- -signer mycert.pem
++ -signer mycert.pem
+
+ Create a signed message, include some additional certificates and
+ read the private key from another file:
+
+ openssl smime -sign -in in.txt -text -out mail.msg \
+- -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
++ -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
+
+ Create a signed message with two signers:
+
+ openssl smime -sign -in message.txt -text -out mail.msg \
+- -signer mycert.pem -signer othercert.pem
++ -signer mycert.pem -signer othercert.pem
+
+ Send a signed message under Unix directly to sendmail, including headers:
+
+ openssl smime -sign -in in.txt -text -signer mycert.pem \
+- -from steve at openssl.org -to someone at somewhere \
+- -subject "Signed message" | sendmail someone at somewhere
++ -from steve at openssl.org -to someone at somewhere \
++ -subject "Signed message" | sendmail someone at somewhere
+
+ Verify a message and extract the signer's certificate if successful:
+
+@@ -422,15 +429,15 @@ Verify a message and extract the signer's certificate if successful:
+ Send encrypted mail using triple DES:
+
+ openssl smime -encrypt -in in.txt -from steve at openssl.org \
+- -to someone at somewhere -subject "Encrypted message" \
+- -des3 user.pem -out mail.msg
++ -to someone at somewhere -subject "Encrypted message" \
++ -des3 user.pem -out mail.msg
+
+ Sign and encrypt mail:
+
+ openssl smime -sign -in ml.txt -signer my.pem -text \
+- | openssl smime -encrypt -out mail.msg \
+- -from steve at openssl.org -to someone at somewhere \
+- -subject "Signed and Encrypted message" -des3 user.pem
++ | openssl smime -encrypt -out mail.msg \
++ -from steve at openssl.org -to someone at somewhere \
++ -subject "Signed and Encrypted message" -des3 user.pem
+
+ Note: the encryption command does not include the B<-text> option because the
+ message being encrypted already has MIME headers.
+@@ -447,7 +454,7 @@ it with:
+ -----BEGIN PKCS7-----
+ -----END PKCS7-----
+
+-and using the command:
++and using the command:
+
+ openssl smime -verify -inform PEM -in signature.pem -content content.txt
+
+@@ -493,4 +500,13 @@ added in OpenSSL 1.0.0
+
+ The -no_alt_chains options was first added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/speed.pod b/doc/apps/speed.pod
+index 7f28382..ab2c7d7 100644
+--- a/doc/apps/speed.pod
++++ b/doc/apps/speed.pod
+@@ -77,4 +77,13 @@ the above are tested.
+
+ =back
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/spkac.pod b/doc/apps/spkac.pod
+index f5ce8a6..35c6a12 100644
+--- a/doc/apps/spkac.pod
++++ b/doc/apps/spkac.pod
+@@ -135,4 +135,13 @@ to be used in a "replay attack".
+
+ L<ca(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/ts.pod b/doc/apps/ts.pod
+index e64e5fc..02b2ada 100644
+--- a/doc/apps/ts.pod
++++ b/doc/apps/ts.pod
+@@ -522,13 +522,13 @@ To create a time stamp request for design1.txt with SHA-1
+ without nonce and policy and no certificate is required in the response:
+
+ openssl ts -query -data design1.txt -no_nonce \
+- -out design1.tsq
++ -out design1.tsq
+
+ To create a similar time stamp request with specifying the message imprint
+ explicitly:
+
+ openssl ts -query -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
+- -no_nonce -out design1.tsq
++ -no_nonce -out design1.tsq
+
+ To print the content of the previous request in human readable format:
+
+@@ -540,7 +540,7 @@ specifies a policy id (assuming the tsa_policy1 name is defined in the
+ OID section of the config file):
+
+ openssl ts -query -data design2.txt -md5 \
+- -tspolicy tsa_policy1 -cert -out design2.tsq
++ -tspolicy tsa_policy1 -cert -out design2.tsq
+
+ =head2 Time Stamp Response
+
+@@ -557,7 +557,7 @@ tsakey.pem is the private key of the TSA.
+ To create a time stamp response for a request:
+
+ openssl ts -reply -queryfile design1.tsq -inkey tsakey.pem \
+- -signer tsacert.pem -out design1.tsr
++ -signer tsacert.pem -out design1.tsr
+
+ If you want to use the settings in the config file you could just write:
+
+@@ -589,20 +589,20 @@ valid response:
+ To verify a time stamp reply against a request:
+
+ openssl ts -verify -queryfile design1.tsq -in design1.tsr \
+- -CAfile cacert.pem -untrusted tsacert.pem
++ -CAfile cacert.pem -untrusted tsacert.pem
+
+ To verify a time stamp reply that includes the certificate chain:
+
+ openssl ts -verify -queryfile design2.tsq -in design2.tsr \
+- -CAfile cacert.pem
++ -CAfile cacert.pem
+
+ To verify a time stamp token against the original data file:
+ openssl ts -verify -data design2.txt -in design2.tsr \
+- -CAfile cacert.pem
++ -CAfile cacert.pem
+
+ To verify a time stamp token against a message imprint:
+ openssl ts -verify -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
+- -in design2.tsr -CAfile cacert.pem
++ -in design2.tsr -CAfile cacert.pem
+
+ You could also look at the 'test' directory for more examples.
+
+@@ -634,12 +634,19 @@ test/testtsa).
+
+ =back
+
+-=cut
+-
+ =head1 SEE ALSO
+
+ L<tsget(1)>, L<openssl(1)>, L<req(1)>,
+ L<x509(1)>, L<ca(1)>, L<genrsa(1)>,
+ L<config(5)>
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/tsget.pod b/doc/apps/tsget.pod
+index 34187eb..cf7817a 100644
+--- a/doc/apps/tsget.pod
++++ b/doc/apps/tsget.pod
+@@ -33,15 +33,15 @@ line.
+
+ The tool sends the following HTTP request for each time stamp request:
+
+- POST url HTTP/1.1
+- User-Agent: OpenTSA tsget.pl/<version>
+- Host: <host>:<port>
+- Pragma: no-cache
+- Content-Type: application/timestamp-query
+- Accept: application/timestamp-reply
+- Content-Length: length of body
++ POST url HTTP/1.1
++ User-Agent: OpenTSA tsget.pl/<version>
++ Host: <host>:<port>
++ Pragma: no-cache
++ Content-Type: application/timestamp-query
++ Accept: application/timestamp-reply
++ Content-Length: length of body
+
+- ...binary request specified by the user...
++ ...binary request specified by the user...
+
+ B<tsget> expects a response of type application/timestamp-reply, which is
+ written to a file without any interpretation.
+@@ -142,7 +142,7 @@ time stamp requests, tsa.opentsa.org listens at port 8080 for HTTP requests
+ and at port 8443 for HTTPS requests, the TSA service is available at the /tsa
+ absolute path.
+
+-Get a time stamp response for file1.tsq over HTTP, output is written to
++Get a time stamp response for file1.tsq over HTTP, output is written to
+ file1.tsr:
+
+ tsget -h http://tsa.opentsa.org:8080/tsa file1.tsq
+@@ -151,40 +151,49 @@ Get a time stamp response for file1.tsq and file2.tsq over HTTP showing
+ progress, output is written to file1.reply and file2.reply respectively:
+
+ tsget -h http://tsa.opentsa.org:8080/tsa -v -e .reply \
+- file1.tsq file2.tsq
++ file1.tsq file2.tsq
+
+ Create a time stamp request, write it to file3.tsq, send it to the server and
+ write the response to file3.tsr:
+
+ openssl ts -query -data file3.txt -cert | tee file3.tsq \
+- | tsget -h http://tsa.opentsa.org:8080/tsa \
+- -o file3.tsr
++ | tsget -h http://tsa.opentsa.org:8080/tsa \
++ -o file3.tsr
+
+ Get a time stamp response for file1.tsq over HTTPS without client
+ authentication:
+
+ tsget -h https://tsa.opentsa.org:8443/tsa \
+- -C cacerts.pem file1.tsq
++ -C cacerts.pem file1.tsq
+
+ Get a time stamp response for file1.tsq over HTTPS with certificate-based
+ client authentication (it will ask for the passphrase if client_key.pem is
+ protected):
+
+ tsget -h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+- -k client_key.pem -c client_cert.pem file1.tsq
++ -k client_key.pem -c client_cert.pem file1.tsq
+
+ You can shorten the previous command line if you make use of the B<TSGET>
+ environment variable. The following commands do the same as the previous
+ example:
+
+ TSGET='-h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+- -k client_key.pem -c client_cert.pem'
++ -k client_key.pem -c client_cert.pem'
+ export TSGET
+ tsget file1.tsq
+
+ =head1 SEE ALSO
+
+-L<openssl(1)>, L<ts(1)>, L<curl(1)>,
++L<openssl(1)>, L<ts(1)>, L<curl(1)>,
+ B<RFC 3161>
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod
+index 96d6be4..5d3467e 100644
+--- a/doc/apps/verify.pod
++++ b/doc/apps/verify.pod
+@@ -24,6 +24,7 @@ B<openssl> B<verify>
+ [B<-ignore_critical>]
+ [B<-inhibit_any>]
+ [B<-inhibit_map>]
++[B<-no_check_time>]
+ [B<-partial_chain>]
+ [B<-policy arg>]
+ [B<-policy_check>]
+@@ -145,6 +146,12 @@ Set policy variable inhibit-any-policy (see RFC5280).
+
+ Set policy variable inhibit-policy-mapping (see RFC5280).
+
++=item B<-no_check_time>
++
++This option suppresses checking the validity period of certificates and CRLs
++against the current time. If option B<-attime timestamp> is used to specify
++a verification time, the check is not suppressed.
++
+ =item B<-partial_chain>
+
+ Allow verification to succeed even if a I<complete> chain cannot be built to a
+@@ -533,135 +540,135 @@ B<-issuer_checks> option.
+ Not used as of OpenSSL 1.1.0 as a result of the deprecation of the
+ B<-issuer_checks> option.
+
+-=item B<33 X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: unable to get CRL issuer certificate>
++=item B<X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER>
+
+-TBA
++Unable to get CRL issuer certificate.
+
+-=item B<34 X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: unhandled critical extension>
++=item B<X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION>
+
+-TBA
++Unhandled critical extension.
+
+-=item B<35 X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: key usage does not include CRL signing>
++=item B<X509_V_ERR_KEYUSAGE_NO_CRL_SIGN>
+
+-TBA
++Key usage does not include CRL signing.
+
+-=item B<36 X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: unhandled critical CRL extension>
++=item B<X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION>
+
+-TBA
++Unhandled critical CRL extension.
+
+-=item B<37 X509_V_ERR_INVALID_NON_CA: invalid non-CA certificate has CA markings>
++=item B<X509_V_ERR_INVALID_NON_CA>
+
+-TBA
++Invalid non-CA certificate has CA markings.
+
+-=item B<38 X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: proxy path length constraint exceeded>
++=item B<X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED>
+
+-TBA
++Proxy path length constraint exceeded.
+
+-=item B<39 X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: key usage does not include digital signature>
++=item B<X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE>
+
+-TBA
++Key usage does not include digital signature.
+
+-=item B<40 X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: proxy certificates not allowed, please set the appropriate flag>
++=item B<X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED>
+
+-TBA
++Proxy certificates not allowed, please set the appropriate flag.
+
+-=item B<41 X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension>
++=item B<X509_V_ERR_INVALID_EXTENSION>
+
+-TBA
++Invalid or inconsistent certificate extension.
+
+-=item B<42 X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension>
++=item B<X509_V_ERR_INVALID_POLICY_EXTENSION>
+
+-TBA
++Invalid or inconsistent certificate policy extension.
+
+-=item B<43 X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy>
++=item B<X509_V_ERR_NO_EXPLICIT_POLICY>
+
+-TBA
++No explicit policy.
+
+-=item B<44 X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope>
++=item B<X509_V_ERR_DIFFERENT_CRL_SCOPE>
+
+-TBA
++Different CRL scope.
+
+-=item B<45 X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature>
++=item B<X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE>
+
+-TBA
++Unsupported extension feature.
+
+-=item B<46 X509_V_ERR_UNNESTED_RESOURCE: RFC 3779 resource not subset of parent's resources>
++=item B<X509_V_ERR_UNNESTED_RESOURCE>
+
+-TBA
++RFC 3779 resource not subset of parent's resources.
+
+-=item B<47 X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation>
++=item B<X509_V_ERR_PERMITTED_VIOLATION>
+
+-TBA
++Permitted subtree violation.
+
+-=item B<48 X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation>
++=item B<X509_V_ERR_EXCLUDED_VIOLATION>
+
+-TBA
++Excluded subtree violation.
+
+-=item B<49 X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported>
++=item B<X509_V_ERR_SUBTREE_MINMAX>
+
+-TBA
++Name constraints minimum and maximum not supported.
+
+-=item B<50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
++=item B<X509_V_ERR_APPLICATION_VERIFICATION>
+
+-an application specific error. Unused.
++Application verification failure. Unused.
+
+-=item B<51 X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type>
++=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE>
+
+-TBA
++Unsupported name constraint type.
+
+-=item B<52 X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax>
++=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX>
+
+-TBA
++Unsupported or invalid name constraint syntax.
+
+-=item B<53 X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: unsupported or invalid name syntax>
++=item B<X509_V_ERR_UNSUPPORTED_NAME_SYNTAX>
+
+-TBA
++Unsupported or invalid name syntax.
+
+-=item B<54 X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error>
++=item B<X509_V_ERR_CRL_PATH_VALIDATION_ERROR>
+
+-TBA
++CRL path validation error.
+
+-=item B<55 X509_V_ERR_PATH_LOOP: Path Loop>
++=item B<X509_V_ERR_PATH_LOOP>
+
+-TBA
++Path loop.
+
+-=item B<56 X509_V_ERR_SUITE_B_INVALID_VERSION: Suite B: certificate version invalid>
++=item B<X509_V_ERR_SUITE_B_INVALID_VERSION>
+
+-TBA
++Suite B: certificate version invalid.
+
+-=item B<57 X509_V_ERR_SUITE_B_INVALID_ALGORITHM: Suite B: invalid public key algorithm>
++=item B<X509_V_ERR_SUITE_B_INVALID_ALGORITHM>
+
+-TBA
++Suite B: invalid public key algorithm.
+
+-=item B<58 X509_V_ERR_SUITE_B_INVALID_CURVE: Suite B: invalid ECC curve>
++=item B<X509_V_ERR_SUITE_B_INVALID_CURVE>
+
+-TBA
++Suite B: invalid ECC curve.
+
+-=item B<59 X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: Suite B: invalid signature algorithm>
++=item B<X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM>
+
+-TBA
++Suite B: invalid signature algorithm.
+
+-=item B<60 X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED: Suite B: curve not allowed for this LOS>
++=item B<X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED>
+
+-TBA
++Suite B: curve not allowed for this LOS.
+
+-=item B<61 X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: Suite B: cannot sign P-384 with P-256>
++=item B<X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256>
+
+-TBA
++Suite B: cannot sign P-384 with P-256.
+
+-=item B<62 X509_V_ERR_HOSTNAME_MISMATCH: Hostname mismatch>
++=item B<X509_V_ERR_HOSTNAME_MISMATCH>
+
+-TBA
++Hostname mismatch.
+
+-=item B<63 X509_V_ERR_EMAIL_MISMATCH: Email address mismatch>
++=item B<X509_V_ERR_EMAIL_MISMATCH>
+
+-TBA
++Email address mismatch.
+
+-=item B<64 X509_V_ERR_IP_ADDRESS_MISMATCH: IP address mismatch>
++=item B<X509_V_ERR_IP_ADDRESS_MISMATCH>
+
+-TBA
++IP address mismatch.
+
+-=item B<65 X509_V_ERR_DANE_NO_MATCH: No matching DANE TLSA records>
++=item B<X509_V_ERR_DANE_NO_MATCH>
+
+ DANE TLSA authentication is enabled, but no TLSA records matched the
+ certificate chain.
+@@ -695,5 +702,13 @@ The B<-show_chain> option was first added to OpenSSL 1.1.0.
+ The B<-issuer_checks> option is deprecated as of OpenSSL 1.1.0 and
+ is silently ignored.
+
+-=cut
++=head1 COPYRIGHT
+
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/apps/version.pod b/doc/apps/version.pod
+index 01f6d2a..a97ed20 100644
+--- a/doc/apps/version.pod
++++ b/doc/apps/version.pod
+@@ -68,4 +68,13 @@ ENGINESDIR setting.
+ The output of B<openssl version -a> would typically be used when sending
+ in a bug report.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/apps/x509.pod b/doc/apps/x509.pod
+index 2dc225b..72ed6cf 100644
+--- a/doc/apps/x509.pod
++++ b/doc/apps/x509.pod
+@@ -1,4 +1,3 @@
+-
+ =pod
+
+ =head1 NAME
+@@ -74,7 +73,7 @@ various sections.
+
+ =head1 OPTIONS
+
+-=head2 INPUT, OUTPUT AND GENERAL PURPOSE OPTIONS
++=head2 Input, Output, and General Purpose Options
+
+ =over 4
+
+@@ -93,7 +92,7 @@ obsolete.
+
+ =item B<-outform DER|PEM|NET>
+
+-This specifies the output format, the options have the same meaning as the
++This specifies the output format, the options have the same meaning as the
+ B<-inform> option.
+
+ =item B<-in filename>
+@@ -112,9 +111,8 @@ the digest to use.
+ This affects any signing or display option that uses a message
+ digest, such as the B<-fingerprint>, B<-signkey> and B<-CA> options.
+ Any digest supported by the OpenSSL B<dgst> command can be used.
+-If not specified then SHA1 is used.
+-Note that if a DSA key is used for signing, then this flag is ignored
+-and SHA1 is used.
++If not specified then SHA1 is used with B<-fingerprint> or
++the default digest for the signing algorithm is used, typically SHA256.
+
+ =item B<-engine id>
+
+@@ -125,7 +123,7 @@ for all available algorithms.
+
+ =back
+
+-=head2 DISPLAY OPTIONS
++=head2 Display Options
+
+ Note: the B<-alias> and B<-purpose> options are also display options
+ but are described in the B<TRUST SETTINGS> section.
+@@ -241,7 +239,7 @@ this outputs the certificate in the form of a C source file.
+
+ =back
+
+-=head2 TRUST SETTINGS
++=head2 Trust Settings
+
+ A B<trusted certificate> is an ordinary certificate which has several
+ additional pieces of information attached to it such as the permitted
+@@ -313,7 +311,7 @@ EXTENSIONS> section.
+
+ =back
+
+-=head2 SIGNING OPTIONS
++=head2 Signing Options
+
+ The B<x509> utility can be used to sign certificates and requests: it
+ can thus behave like a "mini CA".
+@@ -323,7 +321,7 @@ can thus behave like a "mini CA".
+ =item B<-signkey filename>
+
+ this option causes the input file to be self signed using the supplied
+-private key.
++private key.
+
+ If the input file is a certificate it sets the issuer name to the
+ subject name (i.e. makes it self signed) changes the public key to the
+@@ -404,7 +402,7 @@ an even number of hex digits with the serial number to use. After each
+ use the serial number is incremented and written out to the file again.
+
+ The default filename consists of the CA certificate file base name with
+-".srl" appended. For example if the CA certificate file is called
++".srl" appended. For example if the CA certificate file is called
+ "mycacert.pem" it expects to find a serial number file called "mycacert.srl".
+
+ =item B<-CAcreateserial>
+@@ -440,7 +438,7 @@ The format or B<key> can be specified using the B<-keyform> option.
+
+ =back
+
+-=head2 NAME OPTIONS
++=head2 Name Options
+
+ The B<nameopt> command line switch determines how the subject and issuer
+ names are displayed. If no B<nameopt> switch is present the default "oneline"
+@@ -474,10 +472,15 @@ B<space_eq>, B<lname> and B<align>.
+
+ =item B<esc_2253>
+
+-escape the "special" characters required by RFC2253 in a field That is
++escape the "special" characters required by RFC2253 in a field. That is
+ B<,+"E<lt>E<gt>;>. Additionally B<#> is escaped at the beginning of a string
+ and a space character at the beginning or end of a string.
+
++=item B<esc_2254>
++
++escape the "special" characters required by RFC2254 in a field. That is
++the B<NUL> character as well as and B<()*>.
++
+ =item B<esc_ctrl>
+
+ escape control characters. That is those with ASCII values less than
+@@ -578,7 +581,7 @@ name.
+
+ =back
+
+-=head2 TEXT OPTIONS
++=head2 Text Options
+
+ As well as customising the name output format, it is also possible to
+ customise the actual fields printed using the B<certopt> options when
+@@ -703,20 +706,20 @@ Convert a certificate request into a self signed certificate using
+ extensions for a CA:
+
+ openssl x509 -req -in careq.pem -extfile openssl.cnf -extensions v3_ca \
+- -signkey key.pem -out cacert.pem
++ -signkey key.pem -out cacert.pem
+
+ Sign a certificate request using the CA certificate above and add user
+ certificate extensions:
+
+ openssl x509 -req -in req.pem -extfile openssl.cnf -extensions v3_usr \
+- -CA cacert.pem -CAkey key.pem -CAcreateserial
++ -CA cacert.pem -CAkey key.pem -CAcreateserial
+
+
+ Set a certificate to be trusted for SSL client use and change set its alias to
+ "Steve's Class 1 CA"
+
+ openssl x509 -in cert.pem -addtrust clientAuth \
+- -setalias "Steve's Class 1 CA" -out trust.pem
++ -setalias "Steve's Class 1 CA" -out trust.pem
+
+ =head1 NOTES
+
+@@ -850,7 +853,7 @@ if the keyUsage extension is present.
+ The extended key usage extension must be absent or include the "email
+ protection" OID. Netscape certificate type must be absent or must have the
+ S/MIME CA bit set: this is used as a work around if the basicConstraints
+-extension is absent.
++extension is absent.
+
+ =item B<CRL Signing>
+
+@@ -880,7 +883,7 @@ dates rather than an offset from the current time.
+
+ L<req(1)>, L<ca(1)>, L<genrsa(1)>,
+ L<gendsa(1)>, L<verify(1)>,
+-L<x509v3_config(5)>
++L<x509v3_config(5)>
+
+ =head1 HISTORY
+
+@@ -888,6 +891,15 @@ The hash algorithm used in the B<-subject_hash> and B<-issuer_hash> options
+ before OpenSSL 1.0.0 was based on the deprecated MD5 algorithm and the encoding
+ of the distinguished name. In OpenSSL 1.0.0 and later it is based on a
+ canonical version of the DN using SHA1. This means that any directories using
+-the old form must have their links rebuilt using B<c_rehash> or similar.
++the old form must have their links rebuilt using B<c_rehash> or similar.
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod
+index 72eec51..6e90b35 100644
+--- a/doc/apps/x509v3_config.pod
++++ b/doc/apps/x509v3_config.pod
+@@ -104,23 +104,23 @@ Examples:
+ This extensions consists of a list of usages indicating purposes for which
+ the certificate public key can be used for,
+
+-These can either be object short names of the dotted numerical form of OIDs.
++These can either be object short names or the dotted numerical form of OIDs.
+ While any OID can be used only certain values make sense. In particular the
+ following PKIX, NS and MS values are meaningful:
+
+- Value Meaning
+- ----- -------
+- serverAuth SSL/TLS Web Server Authentication.
+- clientAuth SSL/TLS Web Client Authentication.
+- codeSigning Code signing.
+- emailProtection E-mail Protection (S/MIME).
+- timeStamping Trusted Timestamping
+- OCSPSigning OCSP Signing
+- ipsecIKE ipsec Internet Key Exchnage
+- msCodeInd Microsoft Individual Code Signing (authenticode)
+- msCodeCom Microsoft Commercial Code Signing (authenticode)
+- msCTLSign Microsoft Trust List Signing
+- msEFS Microsoft Encrypted File System
++ Value Meaning
++ ----- -------
++ serverAuth SSL/TLS Web Server Authentication.
++ clientAuth SSL/TLS Web Client Authentication.
++ codeSigning Code signing.
++ emailProtection E-mail Protection (S/MIME).
++ timeStamping Trusted Timestamping
++ OCSPSigning OCSP Signing
++ ipsecIKE ipsec Internet Key Exchnage
++ msCodeInd Microsoft Individual Code Signing (authenticode)
++ msCodeCom Microsoft Commercial Code Signing (authenticode)
++ msCTLSign Microsoft Trust List Signing
++ msEFS Microsoft Encrypted File System
+
+ Examples:
+
+@@ -224,7 +224,7 @@ Example:
+ authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
+
+
+-=head2 CRL distribution points.
++=head2 CRL distribution points
+
+ This is a multi-valued extension whose options can be either in name:value pair
+ using the same form as subject alternative name or a single value representing
+@@ -529,5 +529,13 @@ will only recognize the last value. This can be worked around by using the form:
+ L<req(1)>, L<ca(1)>, L<x509(1)>,
+ L<ASN1_generate_nconf(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/ASN1_INTEGER_get_int64.pod b/doc/crypto/ASN1_INTEGER_get_int64.pod
+index fb10766..9299a51 100644
+--- a/doc/crypto/ASN1_INTEGER_get_int64.pod
++++ b/doc/crypto/ASN1_INTEGER_get_int64.pod
+@@ -119,4 +119,13 @@ ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(),
+ ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64()
+ were added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ASN1_OBJECT_new.pod b/doc/crypto/ASN1_OBJECT_new.pod
+index cc9cf43..4c018ef 100644
+--- a/doc/crypto/ASN1_OBJECT_new.pod
++++ b/doc/crypto/ASN1_OBJECT_new.pod
+@@ -39,4 +39,13 @@ ASN1_OBJECT_free() returns no value.
+
+ L<ERR_get_error(3)>, L<d2i_ASN1_OBJECT(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ASN1_STRING_length.pod b/doc/crypto/ASN1_STRING_length.pod
+index 4c9ad0a..1675169 100644
+--- a/doc/crypto/ASN1_STRING_length.pod
++++ b/doc/crypto/ASN1_STRING_length.pod
+@@ -72,12 +72,17 @@ character in big endian format, UTF8String will be in UTF8 format.
+ Similar care should be take to ensure the data is in the correct format
+ when calling ASN1_STRING_set().
+
+-=head1 RETURN VALUES
+-
+ =head1 SEE ALSO
+
+ L<ERR_get_error(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/ASN1_STRING_new.pod b/doc/crypto/ASN1_STRING_new.pod
+index 76e983a..7bd2fc1 100644
+--- a/doc/crypto/ASN1_STRING_new.pod
++++ b/doc/crypto/ASN1_STRING_new.pod
+@@ -40,8 +40,13 @@ ASN1_STRING_free() does not return a value.
+
+ L<ERR_get_error(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/ASN1_STRING_print_ex.pod b/doc/crypto/ASN1_STRING_print_ex.pod
+index 2be7f7c..9e555e8 100644
+--- a/doc/crypto/ASN1_STRING_print_ex.pod
++++ b/doc/crypto/ASN1_STRING_print_ex.pod
+@@ -30,7 +30,7 @@ with '.'.
+
+ ASN1_STRING_print() is a legacy function which should be avoided in new applications.
+
+-Although there are a large number of options frequently B<ASN1_STRFLGS_RFC2253> is
++Although there are a large number of options frequently B<ASN1_STRFLGS_RFC2253> is
+ suitable, or on UTF8 terminals B<ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB>.
+
+ The complete set of supported options for B<flags> is listed below.
+@@ -75,7 +75,7 @@ Normally non character string types (such as OCTET STRING) are assumed to be
+ one byte per character, if B<ASN1_STRFLGS_DUMP_UNKNOWN> is set then they will
+ be dumped instead.
+
+-When a type is dumped normally just the content octets are printed, if
++When a type is dumped normally just the content octets are printed, if
+ B<ASN1_STRFLGS_DUMP_DER> is set then the complete encoding is dumped
+ instead (including tag and length octets).
+
+@@ -89,8 +89,13 @@ equivalent to:
+ L<X509_NAME_print_ex(3)>,
+ L<ASN1_tag2str(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/ASN1_TIME_set.pod b/doc/crypto/ASN1_TIME_set.pod
+index d633265..0671615 100644
+--- a/doc/crypto/ASN1_TIME_set.pod
++++ b/doc/crypto/ASN1_TIME_set.pod
+@@ -100,7 +100,7 @@ Determine if one time is later or sooner than the current time:
+ int day, sec;
+
+ if (!ASN1_TIME_diff(&day, &sec, NULL, to))
+- /* Invalid time format */
++ /* Invalid time format */
+
+ if (day > 0 || sec > 0)
+ printf("Later\n");
+@@ -126,4 +126,13 @@ an error occurred (I/O error or invalid time format).
+ ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the
+ pass ASN1_TIME structure has invalid syntax for example.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ASN1_TYPE_get.pod b/doc/crypto/ASN1_TYPE_get.pod
+index 3fc9d2a..d423303 100644
+--- a/doc/crypto/ASN1_TYPE_get.pod
++++ b/doc/crypto/ASN1_TYPE_get.pod
+@@ -88,4 +88,13 @@ NULL on failure.
+ ASN1_TYPE_pack_sequence() return an ASN1_TYPE structure if it succeeds or
+ NULL on failure.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ASN1_generate_nconf.pod b/doc/crypto/ASN1_generate_nconf.pod
+index a95b2c8..d2e8a17 100644
+--- a/doc/crypto/ASN1_generate_nconf.pod
++++ b/doc/crypto/ASN1_generate_nconf.pod
+@@ -40,7 +40,7 @@ That is zero or more comma separated modifiers followed by a type
+ followed by an optional colon and a value. The formats of B<type>,
+ B<value> and B<modifier> are explained below.
+
+-=head2 SUPPORTED TYPES
++=head2 Supported Types
+
+ The supported types are listed below. Unless otherwise specified
+ only the B<ASCII> format is permissible.
+@@ -52,7 +52,7 @@ only the B<ASCII> format is permissible.
+ This encodes a boolean type. The B<value> string is mandatory and
+ should be B<TRUE> or B<FALSE>. Additionally B<TRUE>, B<true>, B<Y>,
+ B<y>, B<YES>, B<yes>, B<FALSE>, B<false>, B<N>, B<n>, B<NO> and B<no>
+-are acceptable.
++are acceptable.
+
+ =item B<NULL>
+
+@@ -78,12 +78,12 @@ a short name, a long name or numerical format.
+ =item B<UTCTIME>, B<UTC>
+
+ Encodes an ASN1 B<UTCTime> structure, the value should be in
+-the format B<YYMMDDHHMMSSZ>.
++the format B<YYMMDDHHMMSSZ>.
+
+ =item B<GENERALIZEDTIME>, B<GENTIME>
+
+ Encodes an ASN1 B<GeneralizedTime> structure, the value should be in
+-the format B<YYYYMMDDHHMMSSZ>.
++the format B<YYYYMMDDHHMMSSZ>.
+
+ =item B<OCTETSTRING>, B<OCT>
+
+@@ -119,7 +119,7 @@ will be encoded.
+
+ =back
+
+-=head2 MODIFIERS
++=head2 Modifiers
+
+ Modifiers affect the following structure, they can be used to
+ add EXPLICIT or IMPLICIT tagging, add wrappers or to change
+@@ -258,4 +258,13 @@ The error codes that can be obtained by L<ERR_get_error(3)>.
+
+ L<ERR_get_error(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ASYNC_WAIT_CTX_new.pod b/doc/crypto/ASYNC_WAIT_CTX_new.pod
+index c4e4d0e..364cbb4 100644
+--- a/doc/crypto/ASYNC_WAIT_CTX_new.pod
++++ b/doc/crypto/ASYNC_WAIT_CTX_new.pod
+@@ -53,7 +53,7 @@ ASYNC_WAIT_CTX_get_all_fds() with a NULL B<fd> value will return no file
+ descriptors but will still populate B<*numfds>. Therefore application code is
+ typically expected to call this function twice: once to get the number of fds,
+ and then again when sufficient memory has been allocated. If only one
+-asynchronous engine is being used then noramlly this call will only ever return
++asynchronous engine is being used then normally this call will only ever return
+ one fd. If multiple asynchronous engines are being used then more could be
+ returned.
+
+@@ -123,4 +123,13 @@ ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds,
+ ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd were first added to
+ OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ASYNC_start_job.pod b/doc/crypto/ASYNC_start_job.pod
+index 0e6507b..b5139a3 100644
+--- a/doc/crypto/ASYNC_start_job.pod
++++ b/doc/crypto/ASYNC_start_job.pod
+@@ -111,7 +111,7 @@ for the B<job>. ASYNC_WAIT_CTXs can have a "wait" file descriptor associated
+ with them. Applications can wait for the file descriptor to be ready for "read"
+ using a system function call such as select or poll (being ready for "read"
+ indicates that the job should be resumed). If no file descriptor is made
+-available then an application will have to priodically "poll" the job by
++available then an application will have to periodically "poll" the job by
+ attempting to restart it to see if it is ready to continue.
+
+ An example of typical usage might be an async capable engine. User code would
+@@ -267,7 +267,7 @@ The following example demonstrates how to use most of the core async APIs:
+
+ /* Wait for the job to be woken */
+ printf("Waiting for the job to be woken up\n");
+-
++
+ if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &numfds)
+ || numfds > 1) {
+ printf("Unexpected number of fds\n");
+@@ -308,4 +308,13 @@ ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(),
+ ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first
+ added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BIO_ADDR.pod b/doc/crypto/BIO_ADDR.pod
+index a3c9b5c..4b169e8 100644
+--- a/doc/crypto/BIO_ADDR.pod
++++ b/doc/crypto/BIO_ADDR.pod
+@@ -112,3 +112,14 @@ information they should return isn't available.
+ =head1 SEE ALSO
+
+ L<BIO_connect(3)>, L<BIO_s_connect(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_ADDRINFO.pod b/doc/crypto/BIO_ADDRINFO.pod
+index 42a26e1..1a3dd08 100644
+--- a/doc/crypto/BIO_ADDRINFO.pod
++++ b/doc/crypto/BIO_ADDRINFO.pod
+@@ -72,7 +72,7 @@ with the given one.
+ =head1 RETURN VALUES
+
+ BIO_lookup() returns 1 on success and 0 when an error occurred, and
+-will leave an error indicaton on the OpenSSL error stack in that case.
++will leave an error indication on the OpenSSL error stack in that case.
+
+ All other functions described here return 0 or B<NULL> when the
+ information they should return isn't available.
+@@ -80,3 +80,14 @@ information they should return isn't available.
+ =head1 SEE ALSO
+
+ L<BIO_lookup(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_connect.pod b/doc/crypto/BIO_connect.pod
+index 4c908fb..5194033 100644
+--- a/doc/crypto/BIO_connect.pod
++++ b/doc/crypto/BIO_connect.pod
+@@ -99,3 +99,14 @@ BIO_get_accept_socket() and BIO_accept() are deprecated since OpenSSL
+ =head1 SEE ALSO
+
+ L<BIO_ADDR(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_ctrl.pod b/doc/crypto/BIO_ctrl.pod
+index 722e8b8..d6d0df1 100644
+--- a/doc/crypto/BIO_ctrl.pod
++++ b/doc/crypto/BIO_ctrl.pod
+@@ -13,7 +13,7 @@ BIO_get_info_callback, BIO_set_info_callback - BIO control operations
+
+ long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
+- char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
++ char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
+ long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
+
+ int BIO_reset(BIO *b);
+@@ -94,7 +94,7 @@ return the amount of pending data.
+ =head1 NOTES
+
+ BIO_flush(), because it can write data may return 0 or -1 indicating
+-that the call should be retried later in a similar manner to BIO_write().
++that the call should be retried later in a similar manner to BIO_write().
+ The BIO_should_retry() call should be used and appropriate action taken
+ is the call fails.
+
+@@ -121,8 +121,15 @@ operation.
+ Some of the return values are ambiguous and care should be taken. In
+ particular a return value of 0 can be returned if an operation is not
+ supported, if an error occurred, if EOF has not been reached and in
+-the case of BIO_seek() on a file BIO for a successful operation.
++the case of BIO_seek() on a file BIO for a successful operation.
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_f_base64.pod b/doc/crypto/BIO_f_base64.pod
+index c25ac51..6c78f7e 100644
+--- a/doc/crypto/BIO_f_base64.pod
++++ b/doc/crypto/BIO_f_base64.pod
+@@ -9,7 +9,7 @@ BIO_f_base64 - base64 BIO filter
+ #include <openssl/bio.h>
+ #include <openssl/evp.h>
+
+- const BIO_METHOD * BIO_f_base64(void);
++ const BIO_METHOD * BIO_f_base64(void);
+
+ =head1 DESCRIPTION
+
+@@ -17,7 +17,7 @@ BIO_f_base64() returns the base64 BIO method. This is a filter
+ BIO that base64 encodes any data written through it and decodes
+ any data read through it.
+
+-Base64 BIOs do not support BIO_gets() or BIO_puts().
++Base64 BIOs do not support BIO_gets() or BIO_puts().
+
+ BIO_flush() on a base64 BIO that is being written through is
+ used to signal that no more data is to be encoded: this is used
+@@ -63,8 +63,8 @@ data to standard output:
+ bio = BIO_new_fp(stdin, BIO_NOCLOSE);
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_push(b64, bio);
+- while((inlen = BIO_read(b64, inbuf, 512)) > 0)
+- BIO_write(bio_out, inbuf, inlen);
++ while((inlen = BIO_read(b64, inbuf, 512)) > 0)
++ BIO_write(bio_out, inbuf, inlen);
+
+ BIO_flush(bio_out);
+ BIO_free_all(b64);
+@@ -77,6 +77,13 @@ data following the base64 encoded block to be misinterpreted.
+ There should be some way of specifying a test that the BIO can perform
+ to reliably determine EOF (for example a MIME boundary).
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_f_buffer.pod b/doc/crypto/BIO_f_buffer.pod
+index edaa351..68811c3 100644
+--- a/doc/crypto/BIO_f_buffer.pod
++++ b/doc/crypto/BIO_f_buffer.pod
+@@ -71,3 +71,14 @@ L<BIO_reset(3)>,
+ L<BIO_flush(3)>,
+ L<BIO_pop(3)>,
+ L<BIO_ctrl(3)>.
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_f_cipher.pod b/doc/crypto/BIO_f_cipher.pod
+index 947d152..8b8e200 100644
+--- a/doc/crypto/BIO_f_cipher.pod
++++ b/doc/crypto/BIO_f_cipher.pod
+@@ -9,9 +9,9 @@ BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher
+ #include <openssl/bio.h>
+ #include <openssl/evp.h>
+
+- const BIO_METHOD * BIO_f_cipher(void);
++ const BIO_METHOD *BIO_f_cipher(void);
+ void BIO_set_cipher(BIO *b,const EVP_CIPHER *cipher,
+- unsigned char *key, unsigned char *iv, int enc);
++ unsigned char *key, unsigned char *iv, int enc);
+ int BIO_get_cipher_status(BIO *b)
+ int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx)
+
+@@ -22,7 +22,7 @@ BIO that encrypts any data written through it, and decrypts any data
+ read from it. It is a BIO wrapper for the cipher routines
+ EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().
+
+-Cipher BIOs do not support BIO_gets() or BIO_puts().
++Cipher BIOs do not support BIO_gets() or BIO_puts().
+
+ BIO_flush() on an encryption BIO that is being written through is
+ used to signal that no more data is to be encrypted: this is used
+@@ -67,10 +67,13 @@ for failure.
+
+ BIO_get_cipher_ctx() currently always returns 1.
+
+-=head1 EXAMPLES
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+-=head1 SEE ALSO
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+-TBA
++=cut
+diff --git a/doc/crypto/BIO_f_md.pod b/doc/crypto/BIO_f_md.pod
+index b0fe014..001f350 100644
+--- a/doc/crypto/BIO_f_md.pod
++++ b/doc/crypto/BIO_f_md.pod
+@@ -9,7 +9,7 @@ BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx - message digest BIO filter
+ #include <openssl/bio.h>
+ #include <openssl/evp.h>
+
+- const BIO_METHOD * BIO_f_md(void);
++ const BIO_METHOD * BIO_f_md(void);
+ int BIO_set_md(BIO *b,EVP_MD *md);
+ int BIO_get_md(BIO *b,EVP_MD **mdp);
+ int BIO_get_md_ctx(BIO *b,EVP_MD_CTX **mdcp);
+@@ -103,7 +103,7 @@ The next example digests data by reading through a chain instead:
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ do {
+- rdlen = BIO_read(bio, buf, sizeof(buf));
++ rdlen = BIO_read(bio, buf, sizeof(buf));
+ /* Might want to do something with the data here */
+ } while(rdlen > 0);
+
+@@ -114,17 +114,17 @@ outputs them. This could be used with the examples above.
+ unsigned char mdbuf[EVP_MAX_MD_SIZE];
+ int mdlen;
+ int i;
+- mdtmp = bio; /* Assume bio has previously been set up */
++ mdtmp = bio; /* Assume bio has previously been set up */
+ do {
+- EVP_MD *md;
+- mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
++ EVP_MD *md;
++ mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
+ if(!mdtmp) break;
+- BIO_get_md(mdtmp, &md);
++ BIO_get_md(mdtmp, &md);
+ printf("%s digest", OBJ_nid2sn(EVP_MD_type(md)));
+- mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
+- for(i = 0; i < mdlen; i++) printf(":%02X", mdbuf[i]);
+- printf("\n");
+- mdtmp = BIO_next(mdtmp);
++ mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
++ for(i = 0; i < mdlen; i++) printf(":%02X", mdbuf[i]);
++ printf("\n");
++ mdtmp = BIO_next(mdtmp);
+ } while(mdtmp);
+
+ BIO_free_all(bio);
+@@ -142,8 +142,13 @@ separate BIO_ctrl() call.
+ Before OpenSSL 1.0.0., the call to BIO_get_md_ctx() would only work if the
+ BIO was initialized first.
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/BIO_f_null.pod b/doc/crypto/BIO_f_null.pod
+index 6ee8491..c4e4c66 100644
+--- a/doc/crypto/BIO_f_null.pod
++++ b/doc/crypto/BIO_f_null.pod
+@@ -8,7 +8,7 @@ BIO_f_null - null filter
+
+ #include <openssl/bio.h>
+
+- const BIO_METHOD * BIO_f_null(void);
++ const BIO_METHOD * BIO_f_null(void);
+
+ =head1 DESCRIPTION
+
+@@ -27,6 +27,13 @@ As may be apparent a null filter BIO is not particularly useful.
+
+ BIO_f_null() returns the null filter BIO method.
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_f_ssl.pod b/doc/crypto/BIO_f_ssl.pod
+index 46eecd1..9ebd4d1 100644
+--- a/doc/crypto/BIO_f_ssl.pod
++++ b/doc/crypto/BIO_f_ssl.pod
+@@ -14,15 +14,15 @@ BIO_ssl_shutdown - SSL BIO
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+- #define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
+- #define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
+- #define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
++ #define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
++ #define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
++ #define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+ #define BIO_set_ssl_renegotiate_bytes(b,num) \
+- BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
++ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
+ #define BIO_set_ssl_renegotiate_timeout(b,seconds) \
+- BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
++ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
+ #define BIO_get_num_renegotiates(b) \
+- BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL);
++ BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+@@ -30,13 +30,13 @@ BIO_ssl_shutdown - SSL BIO
+ int BIO_ssl_copy_session_id(BIO *to,BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+- #define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
++ #define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+
+ =head1 DESCRIPTION
+
+ BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which
+ is a wrapper round the OpenSSL SSL routines adding a BIO "flavour" to
+-SSL I/O.
++SSL I/O.
+
+ I/O performed on an SSL BIO communicates using the SSL protocol with
+ the SSLs read and write BIOs. If an SSL connection is not established
+@@ -63,7 +63,7 @@ BIO_set_ssl_mode() sets the SSL BIO mode to B<client>. If B<client>
+ is 1 client mode is set. If B<client> is 0 server mode is set.
+
+ BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count
+-to B<num>. When set after every B<num> bytes of I/O (read and write)
++to B<num>. When set after every B<num> bytes of I/O (read and write)
+ the SSL session is automatically renegotiated. B<num> must be at
+ least 512 bytes.
+
+@@ -84,7 +84,7 @@ BIO_new_buffer_ssl_connect() creates a new BIO chain consisting
+ of a buffering BIO, an SSL BIO (using B<ctx>) and a connect
+ BIO.
+
+-BIO_ssl_copy_session_id() copies an SSL session id between
++BIO_ssl_copy_session_id() copies an SSL session id between
+ BIO chains B<from> and B<to>. It does this by locating the
+ SSL BIOs in each chain and calling SSL_copy_session_id() on
+ the internal SSL pointer.
+@@ -124,10 +124,6 @@ Applications do not have to call BIO_do_handshake() but may wish
+ to do so to separate the handshake process from other I/O
+ processing.
+
+-=head1 RETURN VALUES
+-
+-TBA
+-
+ =head1 EXAMPLE
+
+ This SSL/TLS client example, attempts to retrieve a page from an
+@@ -140,54 +136,48 @@ unencrypted example in L<BIO_s_connect(3)>.
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+- /* We would seed the PRNG here if the platform didn't
+- * do it automatically
+- */
++ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+- /* We'd normally set some stuff like the verify paths and
+- * mode here because as things stand this will connect to
+- * any server whose certificate is signed by any CA.
+- */
++ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+-
+ BIO_get_ssl(sbio, &ssl);
+-
+- if(!ssl) {
+- fprintf(stderr, "Can't locate SSL pointer\n");
+- /* whatever ... */
++ if (ssl == NULL) {
++ fprintf(stderr, "Can't locate SSL pointer\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+
+ /* Don't want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+- /* We might want to do other things with ssl here */
++ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, ":https");
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+- if(BIO_do_connect(sbio) <= 0) {
+- fprintf(stderr, "Error connecting to server\n");
+- ERR_print_errors_fp(stderr);
+- /* whatever ... */
++ if (BIO_do_connect(sbio) <= 0) {
++ fprintf(stderr, "Error connecting to server\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+-
+- if(BIO_do_handshake(sbio) <= 0) {
+- fprintf(stderr, "Error establishing SSL connection\n");
+- ERR_print_errors_fp(stderr);
+- /* whatever ... */
++ if (BIO_do_handshake(sbio) <= 0) {
++ fprintf(stderr, "Error establishing SSL connection\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+
+- /* Could examine ssl here to get connection info */
++ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, "GET / HTTP/1.0\n\n");
+- for(;;) {
+- len = BIO_read(sbio, tmpbuf, 1024);
+- if(len <= 0) break;
+- BIO_write(out, tmpbuf, len);
++ for ( ; ; ) {
++ len = BIO_read(sbio, tmpbuf, 1024);
++ if(len <= 0)
++ break;
++ BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);
+@@ -203,102 +193,83 @@ a client and also echoes the request to standard output.
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+- /* Might seed PRNG here */
++ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+-
+- if (!SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM)
+- || !SSL_CTX_use_PrivateKey_file(ctx,"server.pem",SSL_FILETYPE_PEM)
+- || !SSL_CTX_check_private_key(ctx)) {
+-
+- fprintf(stderr, "Error setting up SSL_CTX\n");
+- ERR_print_errors_fp(stderr);
+- return 0;
++ if (!SSL_CTX_use_certificate_file(ctx, "server.pem", SSL_FILETYPE_PEM)
++ || !SSL_CTX_use_PrivateKey_file(ctx, "server.pem", SSL_FILETYPE_PEM)
++ || !SSL_CTX_check_private_key(ctx)) {
++ fprintf(stderr, "Error setting up SSL_CTX\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+
+- /* Might do other things here like setting verify locations and
+- * DH and/or RSA temporary key callbacks
+- */
++ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+- sbio=BIO_new_ssl(ctx,0);
+-
++ sbio = BIO_new_ssl(ctx,0);
+ BIO_get_ssl(sbio, &ssl);
+-
+- if(!ssl) {
+- fprintf(stderr, "Can't locate SSL pointer\n");
+- /* whatever ... */
++ if (ssl == NULL) {
++ fprintf(stderr, "Can't locate SSL pointer\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+
+- /* Don't want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+-
+- /* Create the buffering BIO */
+-
+ bbio = BIO_new(BIO_f_buffer());
+-
+- /* Add to chain */
+ sbio = BIO_push(bbio, sbio);
++ acpt = BIO_new_accept("4433");
+
+- acpt=BIO_new_accept("4433");
+-
+- /* By doing this when a new connection is established
++ /*
++ * By doing this when a new connection is established
+ * we automatically have sbio inserted into it. The
+ * BIO chain is now 'swallowed' by the accept BIO and
+- * will be freed when the accept BIO is freed.
++ * will be freed when the accept BIO is freed.
+ */
+-
+- BIO_set_accept_bios(acpt,sbio);
+-
++ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+- if(BIO_do_accept(acpt) <= 0) {
+- fprintf(stderr, "Error setting up accept BIO\n");
+- ERR_print_errors_fp(stderr);
+- return 0;
++ if (BIO_do_accept(acpt) <= 0) {
++ fprintf(stderr, "Error setting up accept BIO\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+
+- /* Now wait for incoming connection */
+- if(BIO_do_accept(acpt) <= 0) {
+- fprintf(stderr, "Error in connection\n");
+- ERR_print_errors_fp(stderr);
+- return 0;
++ if (BIO_do_accept(acpt) <= 0) {
++ fprintf(stderr, "Error in connection\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+
+- /* We only want one connection so remove and free
+- * accept BIO
+- */
+-
++ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+-
+ BIO_free_all(acpt);
+
+- if(BIO_do_handshake(sbio) <= 0) {
+- fprintf(stderr, "Error in SSL handshake\n");
+- ERR_print_errors_fp(stderr);
+- return 0;
++ if (BIO_do_handshake(sbio) <= 0) {
++ fprintf(stderr, "Error in SSL handshake\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+
+ BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n");
+ BIO_puts(sbio, "\r\nConnection Established\r\nRequest headers:\r\n");
+ BIO_puts(sbio, "--------------------------------------------------\r\n");
+
+- for(;;) {
+- len = BIO_gets(sbio, tmpbuf, 1024);
+- if(len <= 0) break;
+- BIO_write(sbio, tmpbuf, len);
+- BIO_write(out, tmpbuf, len);
+- /* Look for blank line signifying end of headers*/
+- if((tmpbuf[0] == '\r') || (tmpbuf[0] == '\n')) break;
++ for ( ; ; ) {
++ len = BIO_gets(sbio, tmpbuf, 1024);
++ if (len <= 0)
++ break;
++ BIO_write(sbio, tmpbuf, len);
++ BIO_write(out, tmpbuf, len);
++ /* Look for blank line signifying end of headers*/
++ if (tmpbuf[0] == '\r' || tmpbuf[0] == '\n')
++ break;
+ }
+
+ BIO_puts(sbio, "--------------------------------------------------\r\n");
+ BIO_puts(sbio, "\r\n");
+-
+- /* Since there is a buffering BIO present we had better flush it */
+ BIO_flush(sbio);
+-
+ BIO_free_all(sbio);
+
+ =head1 BUGS
+@@ -310,6 +281,13 @@ explicitly being popped (e.g. a pop higher up the chain). Applications which
+ included workarounds for this bug (e.g. freeing BIOs more than once) should
+ be modified to handle this fix or they may free up an already freed BIO.
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+-TBA
++=cut
+diff --git a/doc/crypto/BIO_find_type.pod b/doc/crypto/BIO_find_type.pod
+index 6e65668..c502983 100644
+--- a/doc/crypto/BIO_find_type.pod
++++ b/doc/crypto/BIO_find_type.pod
+@@ -8,35 +8,35 @@ BIO_find_type, BIO_next, BIO_method_type - BIO chain traversal
+
+ #include <openssl/bio.h>
+
+- BIO * BIO_find_type(BIO *b,int bio_type);
+- BIO * BIO_next(BIO *b);
+-
+- #define BIO_method_type(b) ((b)->method->type)
+-
+- #define BIO_TYPE_NONE 0
+- #define BIO_TYPE_MEM (1|0x0400)
+- #define BIO_TYPE_FILE (2|0x0400)
+-
+- #define BIO_TYPE_FD (4|0x0400|0x0100)
+- #define BIO_TYPE_SOCKET (5|0x0400|0x0100)
+- #define BIO_TYPE_NULL (6|0x0400)
+- #define BIO_TYPE_SSL (7|0x0200)
+- #define BIO_TYPE_MD (8|0x0200)
+- #define BIO_TYPE_BUFFER (9|0x0200)
+- #define BIO_TYPE_CIPHER (10|0x0200)
+- #define BIO_TYPE_BASE64 (11|0x0200)
+- #define BIO_TYPE_CONNECT (12|0x0400|0x0100)
+- #define BIO_TYPE_ACCEPT (13|0x0400|0x0100)
+- #define BIO_TYPE_PROXY_CLIENT (14|0x0200)
+- #define BIO_TYPE_PROXY_SERVER (15|0x0200)
+- #define BIO_TYPE_NBIO_TEST (16|0x0200)
+- #define BIO_TYPE_NULL_FILTER (17|0x0200)
+- #define BIO_TYPE_BER (18|0x0200)
+- #define BIO_TYPE_BIO (19|0x0400)
+-
+- #define BIO_TYPE_DESCRIPTOR 0x0100
+- #define BIO_TYPE_FILTER 0x0200
+- #define BIO_TYPE_SOURCE_SINK 0x0400
++ BIO * BIO_find_type(BIO *b,int bio_type);
++ BIO * BIO_next(BIO *b);
++
++ #define BIO_method_type(b) ((b)->method->type)
++
++ #define BIO_TYPE_NONE 0
++ #define BIO_TYPE_MEM (1|0x0400)
++ #define BIO_TYPE_FILE (2|0x0400)
++
++ #define BIO_TYPE_FD (4|0x0400|0x0100)
++ #define BIO_TYPE_SOCKET (5|0x0400|0x0100)
++ #define BIO_TYPE_NULL (6|0x0400)
++ #define BIO_TYPE_SSL (7|0x0200)
++ #define BIO_TYPE_MD (8|0x0200)
++ #define BIO_TYPE_BUFFER (9|0x0200)
++ #define BIO_TYPE_CIPHER (10|0x0200)
++ #define BIO_TYPE_BASE64 (11|0x0200)
++ #define BIO_TYPE_CONNECT (12|0x0400|0x0100)
++ #define BIO_TYPE_ACCEPT (13|0x0400|0x0100)
++ #define BIO_TYPE_PROXY_CLIENT (14|0x0200)
++ #define BIO_TYPE_PROXY_SERVER (15|0x0200)
++ #define BIO_TYPE_NBIO_TEST (16|0x0200)
++ #define BIO_TYPE_NULL_FILTER (17|0x0200)
++ #define BIO_TYPE_BER (18|0x0200)
++ #define BIO_TYPE_BIO (19|0x0400)
++
++ #define BIO_TYPE_DESCRIPTOR 0x0100
++ #define BIO_TYPE_FILTER 0x0200
++ #define BIO_TYPE_SOURCE_SINK 0x0400
+
+ =head1 DESCRIPTION
+
+@@ -68,18 +68,25 @@ BIO_method_type() returns the type of the BIO B<b>.
+ Traverse a chain looking for digest BIOs:
+
+ BIO *btmp;
+- btmp = in_bio; /* in_bio is chain to search through */
++ btmp = in_bio; /* in_bio is chain to search through */
+
+ do {
+- btmp = BIO_find_type(btmp, BIO_TYPE_MD);
+- if(btmp == NULL) break; /* Not found */
+- /* btmp is a digest BIO, do something with it ...*/
+- ...
++ btmp = BIO_find_type(btmp, BIO_TYPE_MD);
++ if(btmp == NULL) break; /* Not found */
++ /* btmp is a digest BIO, do something with it ...*/
++ ...
+
+- btmp = BIO_next(btmp);
++ btmp = BIO_next(btmp);
+ } while(btmp);
+
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_get_data.pod b/doc/crypto/BIO_get_data.pod
+index 73f8ea5..14f21fa 100644
+--- a/doc/crypto/BIO_get_data.pod
++++ b/doc/crypto/BIO_get_data.pod
+@@ -53,4 +53,13 @@ L<bio>, L<BIO_meth_new>
+
+ The functions described here were added in OpenSSL version 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BIO_get_ex_new_index.pod b/doc/crypto/BIO_get_ex_new_index.pod
+index 4824b5d..21e5bb7 100644
+--- a/doc/crypto/BIO_get_ex_new_index.pod
++++ b/doc/crypto/BIO_get_ex_new_index.pod
+@@ -23,9 +23,9 @@ crypto structures:
+ #include <openssl/x509.h>
+
+ int X509_get_ex_new_index(long argl, void *argp,
+- CRYPTO_EX_new *new_func,
+- CRYPTO_EX_dup *dup_func,
+- CRYPTO_EX_free *free_func);
++ CRYPTO_EX_new *new_func,
++ CRYPTO_EX_dup *dup_func,
++ CRYPTO_EX_free *free_func);
+
+ int X509_set_ex_data(X509 *d, int idx, void *arg);
+
+@@ -42,4 +42,13 @@ For details, see L<CRYPTO_get_ex_new_index(3)>.
+
+ L<CRYPTO_get_ex_new_index(3)>.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BIO_meth_new.pod b/doc/crypto/BIO_meth_new.pod
+index de6ce66..2c2db6f 100644
+--- a/doc/crypto/BIO_meth_new.pod
++++ b/doc/crypto/BIO_meth_new.pod
+@@ -75,7 +75,7 @@ called in response to the application calling BIO_puts(). The parameters for
+ the function have the same meaning as for BIO_puts().
+
+ BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically
+-used for reading a line of data from the BIO respectively (see the L<BIO_gets>
++used for reading a line of data from the BIO respectively (see the L<BIO_gets(3)>
+ page for more information). This function will be called in response to the
+ application calling BIO_gets(). The parameters for the function have the same
+ meaning as for BIO_gets().
+@@ -102,7 +102,7 @@ this function.
+
+ BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the
+ function used for processing callback ctrl messages in the BIO respectively. See
+-the L<BIO_callback_ctrl> page for more information. This function will be called
++the L<BIO_callback_ctrl(3)> page for more information. This function will be called
+ in response to the application calling BIO_callback_ctrl(). The parameters for
+ the function have the same meaning as for BIO_callback_ctrl().
+
+@@ -114,4 +114,13 @@ L<bio>, L<BIO_find_type>, L<BIO_ctrl>, L<BIO_read>, L<BIO_new>
+
+ The functions described here were added in OpenSSL version 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BIO_new.pod b/doc/crypto/BIO_new.pod
+index 4c9299b..ca8bb7e 100644
+--- a/doc/crypto/BIO_new.pod
++++ b/doc/crypto/BIO_new.pod
+@@ -8,12 +8,12 @@ BIO_new, BIO_set, BIO_up_ref, BIO_free, BIO_vfree, BIO_free_all - BIO allocation
+
+ #include <openssl/bio.h>
+
+- BIO * BIO_new(const BIO_METHOD *type);
+- int BIO_set(BIO *a,const BIO_METHOD *type);
+- int BIO_up_ref(BIO *a);
+- int BIO_free(BIO *a);
+- void BIO_vfree(BIO *a);
+- void BIO_free_all(BIO *a);
++ BIO * BIO_new(const BIO_METHOD *type);
++ int BIO_set(BIO *a,const BIO_METHOD *type);
++ int BIO_up_ref(BIO *a);
++ int BIO_free(BIO *a);
++ void BIO_vfree(BIO *a);
++ void BIO_free_all(BIO *a);
+
+ =head1 DESCRIPTION
+
+@@ -66,6 +66,13 @@ Create a memory BIO:
+
+ BIO *mem = BIO_new(BIO_s_mem());
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_new_CMS.pod b/doc/crypto/BIO_new_CMS.pod
+index 0069b8d..b06c224 100644
+--- a/doc/crypto/BIO_new_CMS.pod
++++ b/doc/crypto/BIO_new_CMS.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- BIO_new_CMS - CMS streaming filter BIO
++BIO_new_CMS - CMS streaming filter BIO
+
+ =head1 SYNOPSIS
+
+@@ -63,4 +63,13 @@ L<CMS_encrypt(3)>
+
+ BIO_new_CMS() was added to OpenSSL 1.0.0
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BIO_parse_hostserv.pod b/doc/crypto/BIO_parse_hostserv.pod
+index df73ea7..4ee4f46 100644
+--- a/doc/crypto/BIO_parse_hostserv.pod
++++ b/doc/crypto/BIO_parse_hostserv.pod
+@@ -42,26 +42,32 @@ The service part can be a service name or its port number.
+ The returned values will depend on the given B<hostserv> string
+ and B<hostserv_prio>, as follows:
+
+-=for comment
+-The following is ONE verbatim block. To make sure it's rendered as
+-one block and not several, the blank lines in between have one space.
+-They should be left as is.
+-
+ host + ':' + service => *host = "host", *service = "service"
+ host + ':' + '*' => *host = "host", *service = NULL
+ host + ':' => *host = "host", *service = NULL
+ ':' + service => *host = NULL, *service = "service"
+ '*' + ':' + service => *host = NULL, *service = "service"
+-
++
+ in case no ':' is present in the string, the result depends on
+ hostserv_prio, as follows:
+-
++
+ when hostserv_prio == BIO_PARSE_PRIO_HOST
+ host => *host = "host", *service untouched
+-
++
+ when hostserv_prio == BIO_PARSE_PRIO_SERV
+ service => *host untouched, *service = "service"
+
+ =head1 SEE ALSO
+
+ L<BIO_ADDRINFO(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_push.pod b/doc/crypto/BIO_push.pod
+index 1523e5b..86e2e11 100644
+--- a/doc/crypto/BIO_push.pod
++++ b/doc/crypto/BIO_push.pod
+@@ -77,4 +77,13 @@ L<bio>
+
+ The BIO_set_next() function was added in OpenSSL version 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BIO_read.pod b/doc/crypto/BIO_read.pod
+index 90b1c75..45871c1 100644
+--- a/doc/crypto/BIO_read.pod
++++ b/doc/crypto/BIO_read.pod
+@@ -8,10 +8,10 @@ BIO_read, BIO_write, BIO_gets, BIO_puts - BIO I/O functions
+
+ #include <openssl/bio.h>
+
+- int BIO_read(BIO *b, void *buf, int len);
+- int BIO_gets(BIO *b, char *buf, int size);
+- int BIO_write(BIO *b, const void *buf, int len);
+- int BIO_puts(BIO *b, const char *buf);
++ int BIO_read(BIO *b, void *buf, int len);
++ int BIO_gets(BIO *b, char *buf, int size);
++ int BIO_write(BIO *b, const void *buf, int len);
++ int BIO_puts(BIO *b, const char *buf);
+
+ =head1 DESCRIPTION
+
+@@ -65,4 +65,13 @@ to the chain.
+
+ L<BIO_should_retry(3)>
+
+-TBA
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_s_accept.pod b/doc/crypto/BIO_s_accept.pod
+index 88877e4..ad7bfaa 100644
+--- a/doc/crypto/BIO_s_accept.pod
++++ b/doc/crypto/BIO_s_accept.pod
+@@ -23,9 +23,9 @@ BIO_get_bind_mode, BIO_do_accept - accept BIO
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+- #define BIO_BIND_NORMAL 0
+- #define BIO_BIND_REUSEADDR_IF_UNUSED 1
+- #define BIO_BIND_REUSEADDR 2
++ #define BIO_BIND_NORMAL 0
++ #define BIO_BIND_REUSEADDR_IF_UNUSED 1
++ #define BIO_BIND_REUSEADDR 2
+
+ int BIO_do_accept(BIO *b);
+
+@@ -75,7 +75,7 @@ BIO_set_nbio_accept() sets the accept socket to blocking mode
+
+ BIO_set_accept_bios() can be used to set a chain of BIOs which
+ will be duplicated and prepended to the chain when an incoming
+-connection is received. This is useful if, for example, a
++connection is received. This is useful if, for example, a
+ buffering or SSL BIO is required for each connection. The
+ chain of BIOs must not be freed after this call, they will
+ be automatically freed when the accept BIO is freed.
+@@ -161,33 +161,35 @@ down each and finally closes both down.
+
+ BIO *abio, *cbio, *cbio2;
+
+- abio = BIO_new_accept("4444");
+-
+ /* First call to BIO_accept() sets up accept BIO */
+- if(BIO_do_accept(abio) <= 0) {
+- fprintf(stderr, "Error setting up accept\n");
+- ERR_print_errors_fp(stderr);
+- exit(0);
++ abio = BIO_new_accept("4444");
++ if (BIO_do_accept(abio) <= 0) {
++ fprintf(stderr, "Error setting up accept\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+
+ /* Wait for incoming connection */
+- if(BIO_do_accept(abio) <= 0) {
+- fprintf(stderr, "Error accepting connection\n");
+- ERR_print_errors_fp(stderr);
+- exit(0);
++ if (BIO_do_accept(abio) <= 0) {
++ fprintf(stderr, "Error accepting connection\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+ fprintf(stderr, "Connection 1 established\n");
++
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, "Connection 1: Sending out Data on initial connection\n");
+ fprintf(stderr, "Sent out data on connection 1\n");
++
+ /* Wait for another connection */
+- if(BIO_do_accept(abio) <= 0) {
+- fprintf(stderr, "Error accepting connection\n");
+- ERR_print_errors_fp(stderr);
+- exit(0);
++ if (BIO_do_accept(abio) <= 0) {
++ fprintf(stderr, "Error accepting connection\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
+ }
+ fprintf(stderr, "Connection 2 established\n");
++
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+@@ -195,10 +197,18 @@ down each and finally closes both down.
+ fprintf(stderr, "Sent out data on connection 2\n");
+
+ BIO_puts(cbio, "Connection 1: Second connection established\n");
++
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+-TBA
++=cut
+diff --git a/doc/crypto/BIO_s_bio.pod b/doc/crypto/BIO_s_bio.pod
+index 438b5dd..fb66197 100644
+--- a/doc/crypto/BIO_s_bio.pod
++++ b/doc/crypto/BIO_s_bio.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+-BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr,
++BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr,
+ BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair,
+ BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request,
+ BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO
+@@ -65,7 +65,7 @@ up any half of the pair will automatically destroy the association.
+ BIO_shutdown_wr() is used to close down a BIO B<b>. After this call no further
+ writes on BIO B<b> are allowed (they will return an error). Reads on the other
+ half of the pair will return any pending data or EOF when all pending data has
+-been read.
++been read.
+
+ BIO_set_write_buf_size() sets the write buffer size of BIO B<b> to B<size>.
+ If the size is not initialized a default value is used. This is currently
+@@ -120,6 +120,9 @@ the application then waits for data to be available on the underlying transport
+ before flushing the write buffer it will never succeed because the request was
+ never sent!
+
++BIO_eof() is true if no data is in the peer BIO and the peer BIO has been
++shutdown.
++
+ =head1 RETURN VALUES
+
+ BIO_new_bio_pair() returns 1 on success, with the new BIOs available in
+@@ -156,7 +159,7 @@ without having to go through the SSL-interface.
+ socket
+
+ ...
+- SSL_free(ssl); /* implicitly frees internal_bio */
++ SSL_free(ssl); /* implicitly frees internal_bio */
+ BIO_free(network_bio);
+ ...
+
+@@ -183,4 +186,13 @@ the peer might be waiting for the data before being able to continue.
+ L<SSL_set_bio(3)>, L<ssl(3)>, L<bio(3)>,
+ L<BIO_should_retry(3)>, L<BIO_read(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BIO_s_connect.pod b/doc/crypto/BIO_s_connect.pod
+index 4c246e0..d97d589 100644
+--- a/doc/crypto/BIO_s_connect.pod
++++ b/doc/crypto/BIO_s_connect.pod
+@@ -81,7 +81,7 @@ This return value is an internal pointer which should not be modified.
+ BIO_set_nbio() sets the non blocking I/O flag to B<n>. If B<n> is
+ zero then blocking I/O is set. If B<n> is 1 then non blocking I/O
+ is set. Blocking I/O is the default. The call to BIO_set_nbio()
+-should be made before the connection is established because
++should be made before the connection is established because
+ non blocking I/O is set during the connect process.
+
+ BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into
+@@ -167,16 +167,17 @@ to retrieve a page and copy the result to standard output.
+
+ cbio = BIO_new_connect("localhost:http");
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+- if(BIO_do_connect(cbio) <= 0) {
+- fprintf(stderr, "Error connecting to server\n");
+- ERR_print_errors_fp(stderr);
+- /* whatever ... */
+- }
++ if (BIO_do_connect(cbio) <= 0) {
++ fprintf(stderr, "Error connecting to server\n");
++ ERR_print_errors_fp(stderr);
++ exit(1);
++ }
+ BIO_puts(cbio, "GET / HTTP/1.0\n\n");
+- for(;;) {
+- len = BIO_read(cbio, tmpbuf, 1024);
+- if(len <= 0) break;
+- BIO_write(out, tmpbuf, len);
++ for ( ; ; ) {
++ len = BIO_read(cbio, tmpbuf, 1024);
++ if(len <= 0)
++ break;
++ BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);
+@@ -185,3 +186,14 @@ to retrieve a page and copy the result to standard output.
+ =head1 SEE ALSO
+
+ L<BIO_ADDR(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_s_fd.pod b/doc/crypto/BIO_s_fd.pod
+index e9ebdbf..8002ad7 100644
+--- a/doc/crypto/BIO_s_fd.pod
++++ b/doc/crypto/BIO_s_fd.pod
+@@ -8,10 +8,10 @@ BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd - file descriptor BIO
+
+ #include <openssl/bio.h>
+
+- const BIO_METHOD * BIO_s_fd(void);
++ const BIO_METHOD * BIO_s_fd(void);
+
+- #define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
+- #define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
++ #define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
++ #define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
+
+ BIO *BIO_new_fd(int fd, int close_flag);
+
+@@ -46,7 +46,7 @@ BIO_new_fd() returns a file descriptor BIO using B<fd> and B<close_flag>.
+ =head1 NOTES
+
+ The behaviour of BIO_read() and BIO_write() depends on the behavior of the
+-platforms read() and write() calls on the descriptor. If the underlying
++platforms read() and write() calls on the descriptor. If the underlying
+ file descriptor is in a non blocking mode then the BIO will behave in the
+ manner described in the L<BIO_read(3)> and L<BIO_should_retry(3)>
+ manual pages.
+@@ -87,3 +87,14 @@ L<BIO_reset(3)>, L<BIO_read(3)>,
+ L<BIO_write(3)>, L<BIO_puts(3)>,
+ L<BIO_gets(3)>, L<BIO_printf(3)>,
+ L<BIO_set_close(3)>, L<BIO_get_close(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_s_file.pod b/doc/crypto/BIO_s_file.pod
+index 5ba0d34..5eb564d 100644
+--- a/doc/crypto/BIO_s_file.pod
++++ b/doc/crypto/BIO_s_file.pod
+@@ -10,7 +10,7 @@ BIO_rw_filename - FILE bio
+
+ #include <openssl/bio.h>
+
+- const BIO_METHOD * BIO_s_file(void);
++ const BIO_METHOD * BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+@@ -146,3 +146,14 @@ L<BIO_read(3)>,
+ L<BIO_write(3)>, L<BIO_puts(3)>,
+ L<BIO_gets(3)>, L<BIO_printf(3)>,
+ L<BIO_set_close(3)>, L<BIO_get_close(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_s_mem.pod b/doc/crypto/BIO_s_mem.pod
+index 84abb29..56d10bd 100644
+--- a/doc/crypto/BIO_s_mem.pod
++++ b/doc/crypto/BIO_s_mem.pod
+@@ -9,8 +9,8 @@ BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO
+
+ #include <openssl/bio.h>
+
+- const BIO_METHOD * BIO_s_mem(void);
+- const BIO_METHOD * BIO_s_secmem(void);
++ const BIO_METHOD * BIO_s_mem(void);
++ const BIO_METHOD * BIO_s_secmem(void);
+
+ BIO_set_mem_eof_return(BIO *b,int v)
+ long BIO_get_mem_data(BIO *b, char **pp)
+@@ -21,7 +21,7 @@ BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO
+
+ =head1 DESCRIPTION
+
+-BIO_s_mem() return the memory BIO method function.
++BIO_s_mem() return the memory BIO method function.
+
+ A memory BIO is a source/sink BIO which uses memory for its I/O. Data
+ written to a memory BIO is stored in a BUF_MEM structure which is extended
+@@ -41,7 +41,7 @@ BUF_MEM structure is also freed.
+
+ Calling BIO_reset() on a read write memory BIO clears any data in it if the
+ flag BIO_FLAGS_NONCLEAR_RST is not set. On a read only BIO or if the flag
+-BIO_FLAGS_NONCLEAR_RST is set it restores the BIO to its original state and
++BIO_FLAGS_NONCLEAR_RST is set it restores the BIO to its original state and
+ the data can be read again.
+
+ BIO_eof() is true if no data is in the BIO.
+@@ -96,7 +96,7 @@ There should be an option to set the maximum size of a memory BIO.
+ Create a memory BIO and write some data to it:
+
+ BIO *mem = BIO_new(BIO_s_mem());
+- BIO_puts(mem, "Hello World\n");
++ BIO_puts(mem, "Hello World\n");
+
+ Create a read only memory BIO:
+
+@@ -110,8 +110,14 @@ Extract the BUF_MEM structure from a memory BIO and then free up the BIO:
+ BIO_get_mem_ptr(mem, &bptr);
+ BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
+ BIO_free(mem);
+-
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_s_null.pod b/doc/crypto/BIO_s_null.pod
+index 00905ec..5a1d84d 100644
+--- a/doc/crypto/BIO_s_null.pod
++++ b/doc/crypto/BIO_s_null.pod
+@@ -8,7 +8,7 @@ BIO_s_null - null data sink
+
+ #include <openssl/bio.h>
+
+- const BIO_METHOD * BIO_s_null(void);
++ const BIO_METHOD * BIO_s_null(void);
+
+ =head1 DESCRIPTION
+
+@@ -32,6 +32,13 @@ by adding a null sink BIO to the end of the chain
+
+ BIO_s_null() returns the null sink BIO method.
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_s_socket.pod b/doc/crypto/BIO_s_socket.pod
+index 13efb50..88aaa88 100644
+--- a/doc/crypto/BIO_s_socket.pod
++++ b/doc/crypto/BIO_s_socket.pod
+@@ -58,6 +58,13 @@ initialized.
+ BIO_new_socket() returns the newly allocated BIO or NULL is an error
+ occurred.
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_set_callback.pod b/doc/crypto/BIO_set_callback.pod
+index 4759556..219a6dd 100644
+--- a/doc/crypto/BIO_set_callback.pod
++++ b/doc/crypto/BIO_set_callback.pod
+@@ -9,16 +9,16 @@ BIO_debug_callback - BIO callback functions
+
+ #include <openssl/bio.h>
+
+- #define BIO_set_callback(b,cb) ((b)->callback=(cb))
+- #define BIO_get_callback(b) ((b)->callback)
+- #define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg))
+- #define BIO_get_callback_arg(b) ((b)->cb_arg)
++ #define BIO_set_callback(b,cb) ((b)->callback=(cb))
++ #define BIO_get_callback(b) ((b)->callback)
++ #define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg))
++ #define BIO_get_callback_arg(b) ((b)->cb_arg)
+
+ long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
+- long argl,long ret);
++ long argl,long ret);
+
+ typedef long (*callback)(BIO *b, int oper, const char *argp,
+- int argi, long argl, long retvalue);
++ int argi, long argl, long retvalue);
+
+ =head1 DESCRIPTION
+
+@@ -103,6 +103,13 @@ callback(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd, larg,ret) after.
+ The BIO_debug_callback() function is a good example, its source is
+ in crypto/bio/bio_cb.c
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/BIO_should_retry.pod b/doc/crypto/BIO_should_retry.pod
+index f5b47b3..162e768 100644
+--- a/doc/crypto/BIO_should_retry.pod
++++ b/doc/crypto/BIO_should_retry.pod
+@@ -11,17 +11,17 @@ functions
+
+ #include <openssl/bio.h>
+
+- #define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ)
+- #define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE)
+- #define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL)
+- #define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS)
+- #define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY)
+-
+- #define BIO_FLAGS_READ 0x01
+- #define BIO_FLAGS_WRITE 0x02
+- #define BIO_FLAGS_IO_SPECIAL 0x04
++ #define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ)
++ #define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE)
++ #define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL)
++ #define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS)
++ #define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY)
++
++ #define BIO_FLAGS_READ 0x01
++ #define BIO_FLAGS_WRITE 0x02
++ #define BIO_FLAGS_IO_SPECIAL 0x04
+ #define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
+- #define BIO_FLAGS_SHOULD_RETRY 0x08
++ #define BIO_FLAGS_SHOULD_RETRY 0x08
+
+ BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+ int BIO_get_retry_reason(BIO *bio);
+@@ -53,7 +53,7 @@ B<BIO_FLAGS_IO_SPECIAL> though current BIO types will only set one of
+ these.
+
+ BIO_get_retry_BIO() determines the precise reason for the special
+-condition, it returns the BIO that caused this condition and if
++condition, it returns the BIO that caused this condition and if
+ B<reason> is not NULL it contains the reason code. The meaning of
+ the reason code and the action that should be taken depends on
+ the type of BIO that resulted in this condition.
+@@ -99,7 +99,7 @@ available and then retry the BIO operation. By combining the retry
+ conditions of several non blocking BIOs in a single select() call
+ it is possible to service several BIOs in a single thread, though
+ the performance may be poor if SSL BIOs are present because long delays
+-can occur during the initial handshake process.
++can occur during the initial handshake process.
+
+ It is possible for a BIO to block indefinitely if the underlying I/O
+ structure cannot process or return any data. This depends on the behaviour of
+@@ -123,4 +123,13 @@ L<bio>
+ The BIO_get_retry_reason() and BIO_set_retry_reason() functions were added in
+ OpenSSL version 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_BLINDING_new.pod b/doc/crypto/BN_BLINDING_new.pod
+index f539ae6..3162f18 100644
+--- a/doc/crypto/BN_BLINDING_new.pod
++++ b/doc/crypto/BN_BLINDING_new.pod
+@@ -2,8 +2,8 @@
+
+ =head1 NAME
+
+-BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert,
+-BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex,
++BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert,
++BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex,
+ BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread,
+ BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags,
+ BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions.
+@@ -13,15 +13,15 @@ BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functi
+ #include <openssl/bn.h>
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+- BIGNUM *mod);
++ BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+- BN_CTX *ctx);
++ BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+- BN_CTX *ctx);
++ BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+@@ -29,10 +29,10 @@ BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functi
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+- const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+- int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
+- BN_MONT_CTX *m_ctx);
++ const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
++ int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
++ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
++ BN_MONT_CTX *m_ctx);
+
+ =head1 DESCRIPTION
+
+@@ -102,7 +102,7 @@ succeeded or 0 on error.
+ BN_BLINDING_get_flags() returns the currently set B<BN_BLINDING> flags
+ (a B<unsigned long> value).
+
+-BN_BLINDING_create_param() returns the newly created B<BN_BLINDING>
++BN_BLINDING_create_param() returns the newly created B<BN_BLINDING>
+ parameters or NULL on error.
+
+ =head1 SEE ALSO
+@@ -114,4 +114,13 @@ L<bn(3)>
+ BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it
+ deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().
+
++=head1 COPYRIGHT
++
++Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_CTX_new.pod b/doc/crypto/BN_CTX_new.pod
+index df432c7..f2edd49 100644
+--- a/doc/crypto/BN_CTX_new.pod
++++ b/doc/crypto/BN_CTX_new.pod
+@@ -64,4 +64,13 @@ L<BN_CTX_start(3)>
+
+ BN_CTX_init() was removed in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_CTX_start.pod b/doc/crypto/BN_CTX_start.pod
+index 2e23be2..372da50 100644
+--- a/doc/crypto/BN_CTX_start.pod
++++ b/doc/crypto/BN_CTX_start.pod
+@@ -45,4 +45,13 @@ can be obtained by L<ERR_get_error(3)>.
+
+ L<BN_CTX_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_add.pod b/doc/crypto/BN_add.pod
+index 3ad2274..72cc09f 100644
+--- a/doc/crypto/BN_add.pod
++++ b/doc/crypto/BN_add.pod
+@@ -115,4 +115,13 @@ The error codes can be obtained by L<ERR_get_error(3)>.
+ L<bn(3)>, L<ERR_get_error(3)>, L<BN_CTX_new(3)>,
+ L<BN_add_word(3)>, L<BN_set_bit(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_add_word.pod b/doc/crypto/BN_add_word.pod
+index 1bbe31b..35bdcf4 100644
+--- a/doc/crypto/BN_add_word.pod
++++ b/doc/crypto/BN_add_word.pod
+@@ -49,4 +49,13 @@ B<(BN_ULONG)-1> if an error occurred.
+
+ L<bn(3)>, L<ERR_get_error(3)>, L<BN_add(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_bn2bin.pod b/doc/crypto/BN_bn2bin.pod
+index cbd5d34..8098fd9 100644
+--- a/doc/crypto/BN_bn2bin.pod
++++ b/doc/crypto/BN_bn2bin.pod
+@@ -51,11 +51,12 @@ hexadecimal and decimal encoding of B<a> respectively. For negative
+ numbers, the string is prefaced with a leading '-'. The string must be
+ freed later using OPENSSL_free().
+
+-BN_hex2bn() converts the string B<str> containing a hexadecimal number
+-to a B<BIGNUM> and stores it in **B<bn>. If *B<bn> is NULL, a new
+-B<BIGNUM> is created. If B<bn> is NULL, it only computes the number's
+-length in hexadecimal digits. If the string starts with '-', the
+-number is negative. BN_dec2bn() is the same using the decimal system.
++BN_hex2bn()takes as many characters as possible from the string B<str>,
++including the leading character '-' which means negative, to form a valid
++hexadecimal number representation and converts them to a B<BIGNUM> and
++stores it in **B<bn>. If *B<bn> is NULL, a new B<BIGNUM> is created. If
++B<bn> is NULL, it only computes the length of valid representation.
++BN_dec2bn() is the same using the decimal system.
+
+ BN_print() and BN_print_fp() write the hexadecimal encoding of B<a>,
+ with a leading '-' for negative numbers, to the B<BIO> or B<FILE>
+@@ -84,8 +85,9 @@ BN_bn2binpad() returns the number of bytes written or -1 if the supplied
+ buffer is too small.
+
+ BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL
+-on error. BN_hex2bn() and BN_dec2bn() return the number's length in
+-hexadecimal or decimal digits, and 0 on error.
++on error. BN_hex2bn() and BN_dec2bn() return the the length of valid
++representation in hexadecimal or decimal digits, and 0 on error, in which
++case no new B<BIGNUM> will be created.
+
+ BN_print_fp() and BN_print() return 1 on success, 0 on write errors.
+
+@@ -100,4 +102,13 @@ L<bn(3)>, L<ERR_get_error(3)>, L<BN_zero(3)>,
+ L<ASN1_INTEGER_to_BN(3)>,
+ L<BN_num_bytes(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_cmp.pod b/doc/crypto/BN_cmp.pod
+index 6c33314..ec00571 100644
+--- a/doc/crypto/BN_cmp.pod
++++ b/doc/crypto/BN_cmp.pod
+@@ -39,4 +39,13 @@ the condition is true, 0 otherwise.
+
+ L<bn(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_copy.pod b/doc/crypto/BN_copy.pod
+index 0a00884..b044b98 100644
+--- a/doc/crypto/BN_copy.pod
++++ b/doc/crypto/BN_copy.pod
+@@ -57,4 +57,13 @@ by L<ERR_get_error(3)>.
+
+ L<bn(3)>, L<ERR_get_error(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_generate_prime.pod b/doc/crypto/BN_generate_prime.pod
+index 8ea3d0b..2757448 100644
+--- a/doc/crypto/BN_generate_prime.pod
++++ b/doc/crypto/BN_generate_prime.pod
+@@ -39,7 +39,7 @@ Deprecated:
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+ BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
+
+- int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int,
++ int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int,
+ void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+@@ -182,4 +182,13 @@ L<bn(3)>, L<ERR_get_error(3)>, L<rand(3)>
+ BN_GENCB_new(), BN_GENCB_free(),
+ and BN_GENCB_get_arg() were added in OpenSSL 1.1.0
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_mod_inverse.pod b/doc/crypto/BN_mod_inverse.pod
+index e54bccf..b4792ad 100644
+--- a/doc/crypto/BN_mod_inverse.pod
++++ b/doc/crypto/BN_mod_inverse.pod
+@@ -29,4 +29,13 @@ NULL on error. The error codes can be obtained by L<ERR_get_error(3)>.
+
+ L<bn(3)>, L<ERR_get_error(3)>, L<BN_add(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_mod_mul_montgomery.pod b/doc/crypto/BN_mod_mul_montgomery.pod
+index b4a09a2..152185f 100644
+--- a/doc/crypto/BN_mod_mul_montgomery.pod
++++ b/doc/crypto/BN_mod_mul_montgomery.pod
+@@ -98,4 +98,13 @@ L<BN_CTX_new(3)>
+
+ BN_MONT_CTX_init() was removed in OpenSSL 1.1.0
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_mod_mul_reciprocal.pod b/doc/crypto/BN_mod_mul_reciprocal.pod
+index f03feb2..86fb486 100644
+--- a/doc/crypto/BN_mod_mul_reciprocal.pod
++++ b/doc/crypto/BN_mod_mul_reciprocal.pod
+@@ -85,4 +85,13 @@ L<BN_CTX_new(3)>
+
+ BN_RECP_CTX_init was removed in OpenSSL 1.1.0
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_new.pod b/doc/crypto/BN_new.pod
+index 22596dc..ab7c4e5 100644
+--- a/doc/crypto/BN_new.pod
++++ b/doc/crypto/BN_new.pod
+@@ -45,4 +45,13 @@ L<bn(3)>, L<ERR_get_error(3)>
+
+ BN_init() was removed in OpenSSL 1.1.0; use BN_new() instead.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_num_bytes.pod b/doc/crypto/BN_num_bytes.pod
+index 30ee3e5..4680cf7 100644
+--- a/doc/crypto/BN_num_bytes.pod
++++ b/doc/crypto/BN_num_bytes.pod
+@@ -49,4 +49,13 @@ more probability).
+ L<bn(3)>, L<DH_size(3)>, L<DSA_size(3)>,
+ L<RSA_size(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_rand.pod b/doc/crypto/BN_rand.pod
+index c4f98b6..c612c50 100644
+--- a/doc/crypto/BN_rand.pod
++++ b/doc/crypto/BN_rand.pod
+@@ -49,4 +49,13 @@ The error codes can be obtained by L<ERR_get_error(3)>.
+ L<bn(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+ L<RAND_add(3)>, L<RAND_bytes(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_set_bit.pod b/doc/crypto/BN_set_bit.pod
+index 13bf231..363227a 100644
+--- a/doc/crypto/BN_set_bit.pod
++++ b/doc/crypto/BN_set_bit.pod
+@@ -57,4 +57,13 @@ can be obtained by L<ERR_get_error(3)>.
+
+ L<bn(3)>, L<BN_num_bytes(3)>, L<BN_add(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_swap.pod b/doc/crypto/BN_swap.pod
+index 04582e9..fe7cc84 100644
+--- a/doc/crypto/BN_swap.pod
++++ b/doc/crypto/BN_swap.pod
+@@ -16,4 +16,13 @@ BN_swap() exchanges the values of I<a> and I<b>.
+
+ L<bn(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/BN_zero.pod b/doc/crypto/BN_zero.pod
+index 5334aaa..17e63cf 100644
+--- a/doc/crypto/BN_zero.pod
++++ b/doc/crypto/BN_zero.pod
+@@ -55,4 +55,13 @@ unsigned long but this value is also returned on error.
+
+ L<bn(3)>, L<BN_bn2bin(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_add0_cert.pod b/doc/crypto/CMS_add0_cert.pod
+index dc2cf46..5b0cc2a 100644
+--- a/doc/crypto/CMS_add0_cert.pod
++++ b/doc/crypto/CMS_add0_cert.pod
+@@ -20,7 +20,7 @@ CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_ge
+ =head1 DESCRIPTION
+
+ CMS_add0_cert() and CMS_add1_cert() add certificate B<cert> to B<cms>.
+-must be of type signed data or enveloped data.
++must be of type signed data or enveloped data.
+
+ CMS_get1_certs() returns all certificates in B<cms>.
+
+@@ -46,7 +46,7 @@ than once.
+ =head1 RETURN VALUES
+
+ CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return
+-1 for success and 0 for failure.
++1 for success and 0 for failure.
+
+ CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
+ or NULL if there are none or an error occurs. The only error which will occur
+@@ -58,4 +58,13 @@ L<ERR_get_error(3)>,
+ L<CMS_sign(3)>,
+ L<CMS_encrypt(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_add1_recipient_cert.pod b/doc/crypto/CMS_add1_recipient_cert.pod
+index 4efe086..0dae5cf 100644
+--- a/doc/crypto/CMS_add1_recipient_cert.pod
++++ b/doc/crypto/CMS_add1_recipient_cert.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipients to a CMS enveloped data structure
++CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipients to a CMS enveloped data structure
+
+ =head1 SYNOPSIS
+
+@@ -54,4 +54,13 @@ occurs.
+ L<ERR_get_error(3)>, L<CMS_decrypt(3)>,
+ L<CMS_final(3)>,
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_add1_signer.pod b/doc/crypto/CMS_add1_signer.pod
+index 0f43ea7..458e5e2 100644
+--- a/doc/crypto/CMS_add1_signer.pod
++++ b/doc/crypto/CMS_add1_signer.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure.
++CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure.
+
+ =head1 SYNOPSIS
+
+@@ -52,7 +52,7 @@ structure. An error occurs if a matching digest value cannot be found to copy.
+ The returned CMS_ContentInfo structure will be valid and finalized when this
+ flag is set.
+
+-If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the
++If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the
+ CMS_SignerInfo structure will not be finalized so additional attributes
+ can be added. In this case an explicit call to CMS_SignerInfo_sign() is
+ needed to finalize it.
+@@ -81,7 +81,7 @@ If any of these algorithms is not available then it will not be included: for ex
+ not loaded.
+
+ CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo
+-structure just added, this can be used to set additional attributes
++structure just added, this can be used to set additional attributes
+ before it is finalized.
+
+ =head1 RETURN VALUES
+@@ -94,4 +94,13 @@ structure just added or NULL if an error occurs.
+ L<ERR_get_error(3)>, L<CMS_sign(3)>,
+ L<CMS_final(3)>,
+
++=head1 COPYRIGHT
++
++Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_compress.pod b/doc/crypto/CMS_compress.pod
+index e2ead0e..e405108 100644
+--- a/doc/crypto/CMS_compress.pod
++++ b/doc/crypto/CMS_compress.pod
+@@ -69,4 +69,13 @@ L<ERR_get_error(3)>, L<CMS_uncompress(3)>
+
+ The B<CMS_STREAM> flag was added in OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_decrypt.pod b/doc/crypto/CMS_decrypt.pod
+index 4b1e97e..b3b196c 100644
+--- a/doc/crypto/CMS_decrypt.pod
++++ b/doc/crypto/CMS_decrypt.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_decrypt - decrypt content from a CMS envelopedData structure
++CMS_decrypt - decrypt content from a CMS envelopedData structure
+
+ =head1 SYNOPSIS
+
+@@ -69,4 +69,13 @@ mentioned in CMS_verify() also applies to CMS_decrypt().
+
+ L<ERR_get_error(3)>, L<CMS_encrypt(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_encrypt.pod b/doc/crypto/CMS_encrypt.pod
+index b58b0fc..0ed4262 100644
+--- a/doc/crypto/CMS_encrypt.pod
++++ b/doc/crypto/CMS_encrypt.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_encrypt - create a CMS envelopedData structure
++CMS_encrypt - create a CMS envelopedData structure
+
+ =head1 SYNOPSIS
+
+@@ -26,7 +26,7 @@ EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use
+ because most clients will support it.
+
+ The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
+-its parameters.
++its parameters.
+
+ Many browsers implement a "sign and encrypt" option which is simply an S/MIME
+ envelopedData containing an S/MIME signed message. This can be readily produced
+@@ -92,4 +92,13 @@ L<ERR_get_error(3)>, L<CMS_decrypt(3)>
+
+ The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_final.pod b/doc/crypto/CMS_final.pod
+index c0f4ef9..264fe7b 100644
+--- a/doc/crypto/CMS_final.pod
++++ b/doc/crypto/CMS_final.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_final - finalise a CMS_ContentInfo structure
++CMS_final - finalise a CMS_ContentInfo structure
+
+ =head1 SYNOPSIS
+
+@@ -14,7 +14,7 @@
+
+ CMS_final() finalises the structure B<cms>. It's purpose is to perform any
+ operations necessary on B<cms> (digest computation for example) and set the
+-appropriate fields. The parameter B<data> contains the content to be
++appropriate fields. The parameter B<data> contains the content to be
+ processed. The B<dcont> parameter contains a BIO to write content to after
+ processing: this is only used with detached data and will usually be set to
+ NULL.
+@@ -34,4 +34,13 @@ CMS_final() returns 1 for success or 0 for failure.
+ L<ERR_get_error(3)>, L<CMS_sign(3)>,
+ L<CMS_encrypt(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_get0_RecipientInfos.pod b/doc/crypto/CMS_get0_RecipientInfos.pod
+index 93bebb7..9f0b4eb 100644
+--- a/doc/crypto/CMS_get0_RecipientInfos.pod
++++ b/doc/crypto/CMS_get0_RecipientInfos.pod
+@@ -34,7 +34,7 @@ CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.
+ CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient
+ identifier associated with a specific CMS_RecipientInfo structure B<ri>, which
+ must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in
+-B<keyid> or B<both> issuer name and serial number in B<issuer> and B<sno>.
++B<keyid> or B<both> issuer name and serial number in B<issuer> and B<sno>.
+
+ CMS_RecipientInfo_ktri_cert_cmp() compares the certificate B<cert> against the
+ CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_TRANS.
+@@ -113,4 +113,13 @@ Any error can be obtained from L<ERR_get_error(3)>.
+
+ L<ERR_get_error(3)>, L<CMS_decrypt(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_get0_SignerInfos.pod b/doc/crypto/CMS_get0_SignerInfos.pod
+index e636532..5792386 100644
+--- a/doc/crypto/CMS_get0_SignerInfos.pod
++++ b/doc/crypto/CMS_get0_SignerInfos.pod
+@@ -25,7 +25,7 @@ associated with a specific CMS_SignerInfo structure B<si>. Either the
+ keyidentifier will be set in B<keyid> or B<both> issuer name and serial number
+ in B<issuer> and B<sno>.
+
+-CMS_SignerInfo_get0_signature() retrieves the signature associated with
++CMS_SignerInfo_get0_signature() retrieves the signature associated with
+ B<si> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned
+ corresponds to the internal signature value if B<si> so it may be read or
+ modified.
+@@ -74,4 +74,13 @@ Any error can be obtained from L<ERR_get_error(3)>
+
+ L<ERR_get_error(3)>, L<CMS_verify(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_get0_type.pod b/doc/crypto/CMS_get0_type.pod
+index 80fc303..06b0655 100644
+--- a/doc/crypto/CMS_get0_type.pod
++++ b/doc/crypto/CMS_get0_type.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_get0_type, CMS_set1_eContentType, CMS_get0_eContentType, CMS_get0_content - get and set CMS content types and content
++CMS_get0_type, CMS_set1_eContentType, CMS_get0_eContentType, CMS_get0_content - get and set CMS content types and content
+
+ =head1 SYNOPSIS
+
+@@ -69,4 +69,13 @@ error can be obtained from ERR_get_error(3).
+
+ L<ERR_get_error(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_get1_ReceiptRequest.pod b/doc/crypto/CMS_get1_ReceiptRequest.pod
+index 81206eb..f27f1a4 100644
+--- a/doc/crypto/CMS_get1_ReceiptRequest.pod
++++ b/doc/crypto/CMS_get1_ReceiptRequest.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions.
++CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions.
+
+ =head1 SYNOPSIS
+
+@@ -45,7 +45,7 @@ CMS_verify().
+
+ =head1 RETURN VALUES
+
+-CMS_ReceiptRequest_create0() returns a signed receipt request structure or
++CMS_ReceiptRequest_create0() returns a signed receipt request structure or
+ NULL if an error occurred.
+
+ CMS_add1_ReceiptRequest() returns 1 for success or 0 is an error occurred.
+@@ -60,4 +60,13 @@ L<ERR_get_error(3)>, L<CMS_sign(3)>,
+ L<CMS_sign_receipt(3)>, L<CMS_verify(3)>
+ L<CMS_verify_receipt(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_sign.pod b/doc/crypto/CMS_sign.pod
+index 39229fd..396deef 100644
+--- a/doc/crypto/CMS_sign.pod
++++ b/doc/crypto/CMS_sign.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_sign - create a CMS SignedData structure
++CMS_sign - create a CMS SignedData structure
+
+ =head1 SYNOPSIS
+
+@@ -96,7 +96,7 @@ B<certs>, B<signcert> and B<pkey> parameters can all be B<NULL> and the
+ B<CMS_PARTIAL> flag set. Then one or more signers can be added using the
+ function CMS_sign_add1_signer(), non default digests can be used and custom
+ attributes added. CMS_final() must then be called to finalize the
+-structure if streaming is not enabled.
++structure if streaming is not enabled.
+
+ =head1 BUGS
+
+@@ -116,4 +116,13 @@ L<ERR_get_error(3)>, L<CMS_verify(3)>
+ The B<CMS_STREAM> flag is only supported for detached data in OpenSSL 0.9.8,
+ it is supported for embedded data in OpenSSL 1.0.0 and later.
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_sign_receipt.pod b/doc/crypto/CMS_sign_receipt.pod
+index 99a0b14..8ea6df1 100644
+--- a/doc/crypto/CMS_sign_receipt.pod
++++ b/doc/crypto/CMS_sign_receipt.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_sign_receipt - create a CMS signed receipt
++CMS_sign_receipt - create a CMS signed receipt
+
+ =head1 SYNOPSIS
+
+@@ -38,4 +38,13 @@ L<ERR_get_error(3)>,
+ L<CMS_verify_receipt(3)>,
+ L<CMS_sign(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_uncompress.pod b/doc/crypto/CMS_uncompress.pod
+index 44512a4..80f9c0d 100644
+--- a/doc/crypto/CMS_uncompress.pod
++++ b/doc/crypto/CMS_uncompress.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_uncompress - uncompress a CMS CompressedData structure
++CMS_uncompress - uncompress a CMS CompressedData structure
+
+ =head1 SYNOPSIS
+
+@@ -47,4 +47,13 @@ mentioned in CMS_verify() also applies to CMS_decompress().
+
+ L<ERR_get_error(3)>, L<CMS_compress(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_verify.pod b/doc/crypto/CMS_verify.pod
+index d4baffe..c2ff57b 100644
+--- a/doc/crypto/CMS_verify.pod
++++ b/doc/crypto/CMS_verify.pod
+@@ -67,7 +67,7 @@ returned.
+ If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not
+ verified.
+
+-If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not
++If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not
+ verified.
+
+ If B<CMS_NO_CONTENT_VERIFY> is set then the content digest is not checked.
+@@ -81,13 +81,13 @@ certificates supplied in B<certs> then the verify will fail because the
+ signer cannot be found.
+
+ In some cases the standard techniques for looking up and validating
+-certificates are not appropriate: for example an application may wish to
++certificates are not appropriate: for example an application may wish to
+ lookup certificates in a database or perform customised verification. This
+-can be achieved by setting and verifying the signers certificates manually
++can be achieved by setting and verifying the signers certificates manually
+ using the signed data utility functions.
+
+ Care should be taken when modifying the default verify behaviour, for example
+-setting B<CMS_NO_CONTENT_VERIFY> will totally disable all content verification
++setting B<CMS_NO_CONTENT_VERIFY> will totally disable all content verification
+ and any modified content will be considered valid. This combination is however
+ useful if one merely wishes to write the content to B<out> and its validity
+ is not considered important.
+@@ -119,4 +119,13 @@ be held in memory if it is not detached.
+
+ L<ERR_get_error(3)>, L<CMS_sign(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CMS_verify_receipt.pod b/doc/crypto/CMS_verify_receipt.pod
+index 15ec54c..193241c 100644
+--- a/doc/crypto/CMS_verify_receipt.pod
++++ b/doc/crypto/CMS_verify_receipt.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- CMS_verify_receipt - verify a CMS signed receipt
++CMS_verify_receipt - verify a CMS signed receipt
+
+ =head1 SYNOPSIS
+
+@@ -16,7 +16,7 @@ CMS_verify_receipt() verifies a CMS signed receipt. B<rcms> is the signed
+ receipt to verify. B<ocms> is the original SignedData structure containing the
+ receipt request. B<certs> is a set of certificates in which to search for the
+ signing certificate. B<store> is a trusted certificate store (used for chain
+-verification).
++verification).
+
+ B<flags> is an optional set of flags, which can be used to modify the verify
+ operation.
+@@ -40,4 +40,13 @@ L<ERR_get_error(3)>,
+ L<CMS_sign_receipt(3)>,
+ L<CMS_verify(3)>,
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CONF_modules_free.pod b/doc/crypto/CONF_modules_free.pod
+index 4a8580c..ac59f37 100644
+--- a/doc/crypto/CONF_modules_free.pod
++++ b/doc/crypto/CONF_modules_free.pod
+@@ -2,8 +2,8 @@
+
+ =head1 NAME
+
+- CONF_modules_free, CONF_modules_finish, CONF_modules_unload -
+- OpenSSL configuration cleanup functions
++CONF_modules_free, CONF_modules_finish, CONF_modules_unload -
++OpenSSL configuration cleanup functions
+
+ =head1 SYNOPSIS
+
+@@ -50,4 +50,13 @@ L<CONF_modules_load_file(3)>
+
+ CONF_modules_free() was deprecated in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CONF_modules_load_file.pod b/doc/crypto/CONF_modules_load_file.pod
+index 84f7184..9e4071f 100644
+--- a/doc/crypto/CONF_modules_load_file.pod
++++ b/doc/crypto/CONF_modules_load_file.pod
+@@ -2,16 +2,16 @@
+
+ =head1 NAME
+
+- CONF_modules_load_file, CONF_modules_load - OpenSSL configuration functions
++CONF_modules_load_file, CONF_modules_load - OpenSSL configuration functions
+
+ =head1 SYNOPSIS
+
+ #include <openssl/conf.h>
+
+ int CONF_modules_load_file(const char *filename, const char *appname,
+- unsigned long flags);
++ unsigned long flags);
+ int CONF_modules_load(const CONF *cnf, const char *appname,
+- unsigned long flags);
++ unsigned long flags);
+
+ =head1 DESCRIPTION
+
+@@ -124,4 +124,13 @@ return value of the failing module (this will always be zero or negative).
+ L<conf(5)>, L<OPENSSL_config(3)>,
+ L<CONF_free(3)>, L<err(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/CRYPTO_get_ex_new_index.pod b/doc/crypto/CRYPTO_get_ex_new_index.pod
+index e87d1a3..f0e19b1 100644
+--- a/doc/crypto/CRYPTO_get_ex_new_index.pod
++++ b/doc/crypto/CRYPTO_get_ex_new_index.pod
+@@ -12,9 +12,9 @@ CRYPTO_get_ex_data, CRYPTO_free_ex_data
+
+ int CRYPTO_get_ex_new_index(int class_index,
+ long argl, void *argp,
+- CRYPTO_EX_new *new_func,
+- CRYPTO_EX_dup *dup_func,
+- CRYPTO_EX_free *free_func);
++ CRYPTO_EX_new *new_func,
++ CRYPTO_EX_dup *dup_func,
++ CRYPTO_EX_free *free_func);
+
+ typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+ int idx, long argl, void *argp);
+@@ -142,4 +142,13 @@ note that NULL may be a valid value.
+
+ dup_func() should return 0 for failure and 1 for success.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DH_generate_key.pod b/doc/crypto/DH_generate_key.pod
+index b37decc..de0847a 100644
+--- a/doc/crypto/DH_generate_key.pod
++++ b/doc/crypto/DH_generate_key.pod
+@@ -42,4 +42,13 @@ The error codes can be obtained by L<ERR_get_error(3)>.
+
+ L<dh(3)>, L<ERR_get_error(3)>, L<rand(3)>, L<DH_size(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DH_generate_parameters.pod b/doc/crypto/DH_generate_parameters.pod
+index 93d7b9c..71fa436 100644
+--- a/doc/crypto/DH_generate_parameters.pod
++++ b/doc/crypto/DH_generate_parameters.pod
+@@ -2,7 +2,6 @@
+
+ =head1 NAME
+
+-
+ DH_generate_parameters_ex, DH_generate_parameters,
+ DH_check - generate and check Diffie-Hellman parameters
+
+@@ -29,7 +28,7 @@ structure. The pseudo-random number generator must be
+ seeded prior to calling DH_generate_parameters().
+
+ B<prime_len> is the length in bits of the safe prime to be generated.
+-B<generator> is a small number E<gt> 1, typically 2 or 5.
++B<generator> is a small number E<gt> 1, typically 2 or 5.
+
+ A callback function may be used to provide feedback about the progress
+ of the key generation. If B<cb> is not B<NULL>, it will be
+@@ -73,4 +72,13 @@ a usable generator.
+ L<dh(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+ L<DH_free(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DH_get0_pqg.pod b/doc/crypto/DH_get0_pqg.pod
+index bcbecf3..6c6b661 100644
+--- a/doc/crypto/DH_get0_pqg.pod
++++ b/doc/crypto/DH_get0_pqg.pod
+@@ -47,7 +47,9 @@ be. The values point to the internal representation of the public key and
+ private key values. This memory should not be freed directly.
+
+ The public and private key values can be set using DH_set0_key(). The public
+-key must always be non-NULL. The private key may be NULL. As for DH_set0_pqg()
++key must be non-NULL the first time this function is called on a given DH
++object. The private key may be NULL. On subsequent calls, either may be NULL,
++which means the corresponding DH field is left untouched. As for DH_set0_pqg()
+ this function transfers the memory management of the key values to the DH
+ object, and therefore they should not be freed directly after this function has
+ been called.
+@@ -68,6 +70,13 @@ length parameter associated with this DH object. If the length is non-zero then
+ it is used, otherwise it is ignored. The B<length> parameter indicates the
+ length of the secret exponent (private key) in bits.
+
++=head1 NOTES
++
++Values retrieved with DH_get0_key() are owned by the DH object used
++in the call and may therefore I<not> be passed to DH_set0_key(). If
++needed, duplicate the received value using BN_dup() and pass the
++duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().
++
+ =head1 RETURN VALUES
+
+ DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.
+@@ -89,4 +98,13 @@ L<DH_set_method(3)>, L<DH_size(3)>, L<DH_meth_new(3)>
+
+ The functions described here were added in OpenSSL version 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DH_meth_new.pod b/doc/crypto/DH_meth_new.pod
+index 73222be..33e8db5 100644
+--- a/doc/crypto/DH_meth_new.pod
++++ b/doc/crypto/DH_meth_new.pod
+@@ -145,4 +145,13 @@ L<DH_set_method(3)>, L<DH_size(3)>, L<DH_get0_pqg(3)>
+
+ The functions described here were added in OpenSSL version 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DH_new.pod b/doc/crypto/DH_new.pod
+index 450039c..959a470 100644
+--- a/doc/crypto/DH_new.pod
++++ b/doc/crypto/DH_new.pod
+@@ -34,4 +34,13 @@ L<dh(3)>, L<ERR_get_error(3)>,
+ L<DH_generate_parameters(3)>,
+ L<DH_generate_key(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DH_set_method.pod b/doc/crypto/DH_set_method.pod
+index fe26b01..b10d91f 100644
+--- a/doc/crypto/DH_set_method.pod
++++ b/doc/crypto/DH_set_method.pod
+@@ -74,4 +74,13 @@ returns a pointer to the newly allocated structure.
+
+ L<dh(3)>, L<DH_new(3)>, L<DH_meth_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DH_size.pod b/doc/crypto/DH_size.pod
+index f961eaa..8c1d151 100644
+--- a/doc/crypto/DH_size.pod
++++ b/doc/crypto/DH_size.pod
+@@ -35,4 +35,13 @@ L<BN_num_bits(3)>
+
+ DH_bits() was added in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_SIG_new.pod b/doc/crypto/DSA_SIG_new.pod
+index 82cff7d..d12b088 100644
+--- a/doc/crypto/DSA_SIG_new.pod
++++ b/doc/crypto/DSA_SIG_new.pod
+@@ -36,4 +36,13 @@ DSA_SIG_free() returns no value.
+ L<dsa(3)>, L<ERR_get_error(3)>,
+ L<DSA_do_sign(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_do_sign.pod b/doc/crypto/DSA_do_sign.pod
+index 6c7cb3c..5e56d20 100644
+--- a/doc/crypto/DSA_do_sign.pod
++++ b/doc/crypto/DSA_do_sign.pod
+@@ -11,7 +11,7 @@ DSA_do_sign, DSA_do_verify - raw DSA signature operations
+ DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+
+ int DSA_do_verify(const unsigned char *dgst, int dgst_len,
+- DSA_SIG *sig, DSA *dsa);
++ DSA_SIG *sig, DSA *dsa);
+
+ =head1 DESCRIPTION
+
+@@ -40,4 +40,13 @@ L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+ L<DSA_SIG_new(3)>,
+ L<DSA_sign(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_dup_DH.pod b/doc/crypto/DSA_dup_DH.pod
+index 350e8aa..6967ef3 100644
+--- a/doc/crypto/DSA_dup_DH.pod
++++ b/doc/crypto/DSA_dup_DH.pod
+@@ -29,4 +29,13 @@ Be careful to avoid small subgroup attacks when using this.
+
+ L<dh(3)>, L<dsa(3)>, L<ERR_get_error(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_generate_key.pod b/doc/crypto/DSA_generate_key.pod
+index bf396ed..4781abe 100644
+--- a/doc/crypto/DSA_generate_key.pod
++++ b/doc/crypto/DSA_generate_key.pod
+@@ -27,4 +27,13 @@ The error codes can be obtained by L<ERR_get_error(3)>.
+ L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+ L<DSA_generate_parameters(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_generate_parameters.pod b/doc/crypto/DSA_generate_parameters.pod
+index b639db6..87e4eff 100644
+--- a/doc/crypto/DSA_generate_parameters.pod
++++ b/doc/crypto/DSA_generate_parameters.pod
+@@ -9,15 +9,15 @@ DSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters
+ #include <openssl/dsa.h>
+
+ int DSA_generate_parameters_ex(DSA *dsa, int bits,
+- const unsigned char *seed,int seed_len,
+- int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
++ const unsigned char *seed,int seed_len,
++ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+
+ Deprecated:
+
+ #if OPENSSL_API_COMPAT < 0x00908000L
+ DSA *DSA_generate_parameters(int bits, unsigned char *seed,
+ int seed_len, int *counter_ret, unsigned long *h_ret,
+- void (*callback)(int, int, void *), void *cb_arg);
++ void (*callback)(int, int, void *), void *cb_arg);
+ #endif
+
+ =head1 DESCRIPTION
+@@ -110,4 +110,13 @@ Seed lengths E<gt> 20 are not supported.
+ L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+ L<DSA_free(3)>, L<BN_generate_prime(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_get0_pqg.pod b/doc/crypto/DSA_get0_pqg.pod
+index 1c835f0..95173bc 100644
+--- a/doc/crypto/DSA_get0_pqg.pod
++++ b/doc/crypto/DSA_get0_pqg.pod
+@@ -44,7 +44,9 @@ be. The values point to the internal representation of the public key and
+ private key values. This memory should not be freed directly.
+
+ The public and private key values can be set using DSA_set0_key(). The public
+-key must always be non-NULL. The private key may be NULL. As for DSA_set0_pqg()
++key must be non-NULL the first time this function is called on a given DSA
++object. The private key may be NULL. On subsequent calls, either may be NULL,
++which means the corresponding DSA field is left untouched. As for DSA_set0_pqg()
+ this function transfers the memory management of the key values to the DSA
+ object, and therefore they should not be freed directly after this function has
+ been called.
+@@ -60,6 +62,13 @@ within the DSA object.
+ DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA
+ object, or NULL if no such ENGINE has been set.
+
++=head1 NOTES
++
++Values retrieved with DSA_get0_key() are owned by the DSA object used
++in the call and may therefore I<not> be passed to DSA_set0_key(). If
++needed, duplicate the received value using BN_dup() and pass the
++duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().
++
+ =head1 RETURN VALUES
+
+ DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.
+@@ -79,4 +88,13 @@ L<DSA_sign(3)>, L<DSA_size(3)>, L<DSA_meth_new(3)>
+
+ The functions described here were added in OpenSSL version 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_meth_new.pod b/doc/crypto/DSA_meth_new.pod
+index 84584f1..68f744a 100644
+--- a/doc/crypto/DSA_meth_new.pod
++++ b/doc/crypto/DSA_meth_new.pod
+@@ -174,11 +174,20 @@ DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or
+ =head1 SEE ALSO
+
+ L<dsa(3)>, L<DSA_new(3)>, L<DSA_generate_parameters(3)>, L<DSA_generate_key(3)>,
+-L<DSA_dup_DH(3)>, L<DSA_do_sign(3)>, L<DSA_set_method(3)>, L<DSA_SIG_new3)>,
++L<DSA_dup_DH(3)>, L<DSA_do_sign(3)>, L<DSA_set_method(3)>, L<DSA_SIG_new(3)>,
+ L<DSA_sign(3)>, L<DSA_size(3)>, L<DSA_get0_pqg(3)>
+
+ =head1 HISTORY
+
+ The functions described here were added in OpenSSL version 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_new.pod b/doc/crypto/DSA_new.pod
+index 320839c..a967ab5 100644
+--- a/doc/crypto/DSA_new.pod
++++ b/doc/crypto/DSA_new.pod
+@@ -36,4 +36,13 @@ L<dsa(3)>, L<ERR_get_error(3)>,
+ L<DSA_generate_parameters(3)>,
+ L<DSA_generate_key(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_set_method.pod b/doc/crypto/DSA_set_method.pod
+index 1d56cca..7d1fe62 100644
+--- a/doc/crypto/DSA_set_method.pod
++++ b/doc/crypto/DSA_set_method.pod
+@@ -37,7 +37,7 @@ been set as a default for DSA, so this function is no longer recommended.
+
+ DSA_get_default_method() returns a pointer to the current default
+ DSA_METHOD. However, the meaningfulness of this result is dependent on
+-whether the ENGINE API is being used, so this function is no longer
++whether the ENGINE API is being used, so this function is no longer
+ recommended.
+
+ DSA_set_method() selects B<meth> to perform all operations using the key
+@@ -74,4 +74,13 @@ fails. Otherwise it returns a pointer to the newly allocated structure.
+
+ L<dsa(3)>, L<DSA_new(3)>, L<DSA_meth_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_sign.pod b/doc/crypto/DSA_sign.pod
+index 1071cca..ba0f6b8 100644
+--- a/doc/crypto/DSA_sign.pod
++++ b/doc/crypto/DSA_sign.pod
+@@ -8,14 +8,14 @@ DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures
+
+ #include <openssl/dsa.h>
+
+- int DSA_sign(int type, const unsigned char *dgst, int len,
+- unsigned char *sigret, unsigned int *siglen, DSA *dsa);
++ int DSA_sign(int type, const unsigned char *dgst, int len,
++ unsigned char *sigret, unsigned int *siglen, DSA *dsa);
+
+- int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
++ int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
+ BIGNUM **rp);
+
+- int DSA_verify(int type, const unsigned char *dgst, int len,
+- unsigned char *sigbuf, int siglen, DSA *dsa);
++ int DSA_verify(int type, const unsigned char *dgst, int len,
++ unsigned char *sigbuf, int siglen, DSA *dsa);
+
+ =head1 DESCRIPTION
+
+@@ -58,4 +58,13 @@ Standard, DSS), ANSI X9.30
+ L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+ L<DSA_do_sign(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/DSA_size.pod b/doc/crypto/DSA_size.pod
+index 4333d6d..7c12146 100644
+--- a/doc/crypto/DSA_size.pod
++++ b/doc/crypto/DSA_size.pod
+@@ -26,4 +26,13 @@ The size in bytes.
+
+ L<dsa(3)>, L<DSA_sign(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EC_GFp_simple_method.pod b/doc/crypto/EC_GFp_simple_method.pod
+index 2a21c93..1a02d5d 100644
+--- a/doc/crypto/EC_GFp_simple_method.pod
++++ b/doc/crypto/EC_GFp_simple_method.pod
+@@ -57,4 +57,13 @@ L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+ L<d2i_ECPKParameters(3)>,
+ L<BN_mod_mul_montgomery(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EC_GROUP_copy.pod b/doc/crypto/EC_GROUP_copy.pod
+index 3af5bbf..69909bd 100644
+--- a/doc/crypto/EC_GROUP_copy.pod
++++ b/doc/crypto/EC_GROUP_copy.pod
+@@ -46,8 +46,8 @@ EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROU
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+- int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+- unsigned int *k2, unsigned int *k3);
++ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
++ unsigned int *k2, unsigned int *k3);
+
+ =head1 DESCRIPTION
+
+@@ -86,26 +86,25 @@ applications would have to explicitly set the named curve form) in OpenSSL
+ 1.1.0 and later the named curve form is the default.
+
+ The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA).
+-point_conversion_form_t is an enum defined as follows:
++point_conversion_form_t is an enum defined as follows:
+
+ typedef enum {
+- /** the point is encoded as z||x, where the octet z specifies
+- * which solution of the quadratic equation y is */
+- POINT_CONVERSION_COMPRESSED = 2,
+- /** the point is encoded as z||x||y, where z is the octet 0x02 */
+- POINT_CONVERSION_UNCOMPRESSED = 4,
+- /** the point is encoded as z||x||y, where the octet z specifies
++ /** the point is encoded as z||x, where the octet z specifies
++ * which solution of the quadratic equation y is */
++ POINT_CONVERSION_COMPRESSED = 2,
++ /** the point is encoded as z||x||y, where z is the octet 0x02 */
++ POINT_CONVERSION_UNCOMPRESSED = 4,
++ /** the point is encoded as z||x||y, where the octet z specifies
+ * which solution of the quadratic equation y is */
+- POINT_CONVERSION_HYBRID = 6
++ POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;
+
+-
+ For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by
+ the octets for x, followed by the octets for y.
+
+ For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For
+ POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of
+-the two possible solutions for y has been used, followed by the octets for x.
++the two possible solutions for y has been used, followed by the octets for x.
+
+ For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two
+ possible solutions for y has been used, followed by the octets for x, followed by the octets for y.
+@@ -186,4 +185,13 @@ L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>,
+ L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+ L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EC_GROUP_new.pod b/doc/crypto/EC_GROUP_new.pod
+index bbd3dfb..822ff83 100644
+--- a/doc/crypto/EC_GROUP_new.pod
++++ b/doc/crypto/EC_GROUP_new.pod
+@@ -78,10 +78,10 @@ provided. The return value is the total number of curves available (whether that
+ not). Passing a NULL B<r>, or setting B<nitems> to 0 will do nothing other than return the total number of curves available.
+ The EC_builtin_curve structure is defined as follows:
+
+- typedef struct {
+- int nid;
+- const char *comment;
+- } EC_builtin_curve;
++ typedef struct {
++ int nid;
++ const char *comment;
++ } EC_builtin_curve;
+
+ Each EC_builtin_curve item has a unique integer id (B<nid>), and a human readable comment string describing the curve.
+
+@@ -108,4 +108,13 @@ L<crypto(3)>, L<ec(3)>, L<EC_GROUP_copy(3)>,
+ L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+ L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EC_KEY_new.pod b/doc/crypto/EC_KEY_new.pod
+index 6bfd180..5b3fe05 100644
+--- a/doc/crypto/EC_KEY_new.pod
++++ b/doc/crypto/EC_KEY_new.pod
+@@ -171,4 +171,13 @@ L<EC_POINT_add(3)>,
+ L<EC_GFp_simple_method(3)>,
+ L<d2i_ECPKParameters(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EC_POINT_add.pod b/doc/crypto/EC_POINT_add.pod
+index eaa7f52..5b44cbd 100644
+--- a/doc/crypto/EC_POINT_add.pod
++++ b/doc/crypto/EC_POINT_add.pod
+@@ -69,4 +69,13 @@ L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>, L<EC_GROUP_copy(3)>,
+ L<EC_POINT_new(3)>, L<EC_KEY_new(3)>,
+ L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EC_POINT_new.pod b/doc/crypto/EC_POINT_new.pod
+index 8e11f0b..89b0c0a 100644
+--- a/doc/crypto/EC_POINT_new.pod
++++ b/doc/crypto/EC_POINT_new.pod
+@@ -182,4 +182,13 @@ L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>, L<EC_GROUP_copy(3)>,
+ L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+ L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ERR_GET_LIB.pod b/doc/crypto/ERR_GET_LIB.pod
+index 3f0e36a..10e250f 100644
+--- a/doc/crypto/ERR_GET_LIB.pod
++++ b/doc/crypto/ERR_GET_LIB.pod
+@@ -48,4 +48,13 @@ L<err(3)>, L<ERR_get_error(3)>
+ ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in
+ all versions of OpenSSL.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ERR_clear_error.pod b/doc/crypto/ERR_clear_error.pod
+index e54e34c..892c67f 100644
+--- a/doc/crypto/ERR_clear_error.pod
++++ b/doc/crypto/ERR_clear_error.pod
+@@ -22,4 +22,13 @@ ERR_clear_error() has no return value.
+
+ L<err(3)>, L<ERR_get_error(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ERR_error_string.pod b/doc/crypto/ERR_error_string.pod
+index 81ca61c..12f4f72 100644
+--- a/doc/crypto/ERR_error_string.pod
++++ b/doc/crypto/ERR_error_string.pod
+@@ -62,4 +62,13 @@ none is registered for the error code.
+ L<err(3)>, L<ERR_get_error(3)>,
+ L<ERR_print_errors(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ERR_get_error.pod b/doc/crypto/ERR_get_error.pod
+index aa5047e..a7efc74 100644
+--- a/doc/crypto/ERR_get_error.pod
++++ b/doc/crypto/ERR_get_error.pod
+@@ -67,4 +67,13 @@ The error code, or 0 if there is no error in the queue.
+ L<err(3)>, L<ERR_error_string(3)>,
+ L<ERR_GET_LIB(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ERR_load_crypto_strings.pod b/doc/crypto/ERR_load_crypto_strings.pod
+index 68c006f..15f8000 100644
+--- a/doc/crypto/ERR_load_crypto_strings.pod
++++ b/doc/crypto/ERR_load_crypto_strings.pod
+@@ -21,7 +21,7 @@ Deprecated:
+ #if OPENSSL_API_COMPAT < 0x10100000L
+ void SSL_load_error_strings(void);
+ #endif
+-
++
+ =head1 DESCRIPTION
+
+ All of the following functions are deprecated from OpenSSL 1.1.0. No explicit
+@@ -50,4 +50,13 @@ The ERR_load_crypto_strings(), SSL_load_error_strings(), and
+ ERR_free_strings() functions were deprecated in OpenSSL 1.1.0 by
+ OPENSSL_init_crypto() and OPENSSL_init_ssl().
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ERR_load_strings.pod b/doc/crypto/ERR_load_strings.pod
+index 0e212a0..8071d96 100644
+--- a/doc/crypto/ERR_load_strings.pod
++++ b/doc/crypto/ERR_load_strings.pod
+@@ -45,4 +45,13 @@ ERR_get_next_error_library() returns a new library number.
+
+ L<err(3)>, L<ERR_load_strings(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ERR_print_errors.pod b/doc/crypto/ERR_print_errors.pod
+index aec8a10..4a19a59 100644
+--- a/doc/crypto/ERR_print_errors.pod
++++ b/doc/crypto/ERR_print_errors.pod
+@@ -41,4 +41,13 @@ ERR_print_errors() and ERR_print_errors_fp() return no values.
+ L<err(3)>, L<ERR_error_string(3)>,
+ L<ERR_get_error(3)>.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ERR_put_error.pod b/doc/crypto/ERR_put_error.pod
+index f0a82f6..9b02976 100644
+--- a/doc/crypto/ERR_put_error.pod
++++ b/doc/crypto/ERR_put_error.pod
+@@ -36,4 +36,13 @@ no values.
+
+ L<err(3)>, L<ERR_load_strings(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ERR_remove_state.pod b/doc/crypto/ERR_remove_state.pod
+index b011182..f985104 100644
+--- a/doc/crypto/ERR_remove_state.pod
++++ b/doc/crypto/ERR_remove_state.pod
+@@ -2,44 +2,52 @@
+
+ =head1 NAME
+
+-ERR_remove_thread_state, ERR_remove_state - free a thread's error queue
++ERR_remove_thread_state, ERR_remove_state - DEPRECATED
+
+ =head1 SYNOPSIS
+
+- #include <openssl/err.h>
+-
+- void ERR_remove_thread_state(void);
+-
+ Deprecated:
+
+ #if OPENSSL_API_COMPAT < 0x10000000L
+ void ERR_remove_state(unsigned long pid);
+ #endif
+
+-=head1 DESCRIPTION
++ #if OPENSSL_API_COMPAT < 0x10100000L
++ void ERR_remove_thread_state(void *);
++ #endif
+
+-ERR_remove_thread_state() frees the error queue associated with the current
+-thread.
++=head1 DESCRIPTION
+
+-Since error queue data structures are allocated automatically for new
+-threads, they must be freed when threads are terminated in order to
+-avoid memory leaks.
++The functions described here were used to free the error queue
++associated with the current or specificed thread.
+
+-ERR_remove_state is deprecated and has been replaced by
+-ERR_remove_thread_state. Any argument to this function is ignored and
+-calling ERR_remove_state is equivalent to B<ERR_remove_thread_state()>.
++They are now deprecated and do nothing, as the OpenSSL libraries now
++normally do all thread initialisation and deinitialisation
++automatically (see L<OPENSSL_init_crypto(3)>).
+
+ =head1 RETURN VALUE
+
+-ERR_remove_thread_state and ERR_remove_state() return no value.
++The functions described here return no value.
+
+ =head1 SEE ALSO
+
+-L<err(3)>
++L<err(3)>, L<OPENSSL_init_crypto(3)>
+
+ =head1 HISTORY
+
+-ERR_remove_state()
+-was deprecated in OpenSSL 1.0.0 when ERR_remove_thread_state() was introduced.
++ERR_remove_state() was deprecated in OpenSSL 1.0.0 when
++ERR_remove_thread_state() was introduced.
++
++ERR_remove_thread_state() was deprecated in OpenSSL 1.1.0 when the
++thread handling functionality was entirely rewritten.
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/ERR_set_mark.pod b/doc/crypto/ERR_set_mark.pod
+index d30f1c0..9c55f5a 100644
+--- a/doc/crypto/ERR_set_mark.pod
++++ b/doc/crypto/ERR_set_mark.pod
+@@ -31,4 +31,13 @@ implies that the stack became empty, otherwise 1.
+
+ L<err(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_BytesToKey.pod b/doc/crypto/EVP_BytesToKey.pod
+index c2470df..003afb2 100644
+--- a/doc/crypto/EVP_BytesToKey.pod
++++ b/doc/crypto/EVP_BytesToKey.pod
+@@ -44,7 +44,7 @@ defined in PKCS#5v2.1 and provided by PKCS5_PBKDF2_HMAC.
+ The key and IV is derived by concatenating D_1, D_2, etc until
+ enough data is available for the key and IV. D_i is defined as:
+
+- D_i = HASH^count(D_(i-1) || data || salt)
++ D_i = HASH^count(D_(i-1) || data || salt)
+
+ where || denotes concatenation, D_0 is empty, HASH is the digest
+ algorithm in use, HASH^1(data) is simply HASH(data), HASH^2(data)
+@@ -66,6 +66,13 @@ L<evp(3)>, L<rand(3)>,
+ L<PKCS5_PBKDF2_HMAC(3)>,
+ L<EVP_EncryptInit(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/EVP_CIPHER_CTX_get_cipher_data.pod b/doc/crypto/EVP_CIPHER_CTX_get_cipher_data.pod
+index fc1d914..3a57fcd 100644
+--- a/doc/crypto/EVP_CIPHER_CTX_get_cipher_data.pod
++++ b/doc/crypto/EVP_CIPHER_CTX_get_cipher_data.pod
+@@ -39,4 +39,13 @@ cipher data for the EVP_CIPHER_CTX.
+ The EVP_CIPHER_CTX_get_cipher_data() and EVP_CIPHER_CTX_set_cipher_data()
+ functions were added in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_CIPHER_meth_new.pod b/doc/crypto/EVP_CIPHER_meth_new.pod
+index 499133f..f9b1f6e 100644
+--- a/doc/crypto/EVP_CIPHER_meth_new.pod
++++ b/doc/crypto/EVP_CIPHER_meth_new.pod
+@@ -19,7 +19,7 @@ EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+-
++
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+@@ -44,7 +44,7 @@ EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+ int (*ctrl) (EVP_CIPHER_CTX *, int type,
+ int arg, void *ptr));
+-
++
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv,
+@@ -82,37 +82,14 @@ With the exception of cipher modes, of which only one may be present,
+ several flags can be or'd together.
+ The available flags are:
+
+-=over 4
+-
+-=over 4
+-
+-=item The cipher modes:
+-
+-=over 4
+-
+-=item EVP_CIPH_STREAM_CIPHER
+-
+-=item EVP_CIPH_ECB_MODE
+-
+-=item EVP_CIPH_CBC_MODE
+-
+-=item EVP_CIPH_CFB_MODE
+-
+-=item EVP_CIPH_OFB_MODE
+-
+-=item EVP_CIPH_CTR_MODE
+-
+-=item EVP_CIPH_GCM_MODE
+-
+-=item EVP_CIPH_CCM_MODE
++=over
+
+-=item EVP_CIPH_XTS_MODE
++=item EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE,
++EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE,
++EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE,
++EVP_CIPH_OCB_MODE
+
+-=item EVP_CIPH_WRAP_MODE
+-
+-=item EVP_CIPH_OCB_MODE
+-
+-=back
++The cipher mode.
+
+ =item EVP_CIPH_VARIABLE_LENGTH
+
+@@ -197,13 +174,8 @@ This indicates that this is an AEAD cipher implementation.
+
+ =item EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+
+-=begin comment
+-
+-I could use some help explaining this one!
+-
+-=end comment
+-
+-=back
++Allow interleaving of crypto blocks, a particular optimization only applicable
++to certain TLS ciphers.
+
+ =back
+
+@@ -234,6 +206,7 @@ EVP_CIPHER_CTX_free().
+
+ EVP_CIPHER_meth_set_ctrl() sets the control function for B<cipher>.
+
++=head1 RETURN VALUES
+
+ EVP_CIPHER_meth_get_input_blocksize(), EVP_CIPHER_meth_get_result_size(),
+ EVP_CIPHER_meth_get_app_datasize(), EVP_CIPHER_meth_get_flags(),
+@@ -253,4 +226,13 @@ The B<EVP_CIPHER> structure was openly available in OpenSSL before version
+ 1.1.
+ The functions described here were added in OpenSSL version 1.1.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod
+index 7ce5695..750a51e 100644
+--- a/doc/crypto/EVP_DigestInit.pod
++++ b/doc/crypto/EVP_DigestInit.pod
+@@ -32,10 +32,10 @@ EVP_get_digestbynid, EVP_get_digestbyobj - EVP digest routines
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
+
+- #define EVP_MAX_MD_SIZE 64 /* SHA512 */
++ #define EVP_MAX_MD_SIZE 64 /* SHA512 */
+
+ int EVP_MD_type(const EVP_MD *md);
+- int EVP_MD_pkey_type(const EVP_MD *md);
++ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+@@ -213,15 +213,15 @@ digest name passed on the command line.
+ int md_len, i;
+
+ if(!argv[1]) {
+- printf("Usage: mdtest digestname\n");
+- exit(1);
++ printf("Usage: mdtest digestname\n");
++ exit(1);
+ }
+
+ md = EVP_get_digestbyname(argv[1]);
+
+ if(!md) {
+- printf("Unknown message digest %s\n", argv[1]);
+- exit(1);
++ printf("Unknown message digest %s\n", argv[1]);
++ exit(1);
+ }
+
+ mdctx = EVP_MD_CTX_new();
+@@ -233,7 +233,7 @@ digest name passed on the command line.
+
+ printf("Digest is: ");
+ for(i = 0; i < md_len; i++)
+- printf("%02x", md_value[i]);
++ printf("%02x", md_value[i]);
+ printf("\n");
+
+ exit(0);
+@@ -256,4 +256,13 @@ The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
+ later, so now EVP_sha1() can be used with RSA and DSA. The legacy EVP_dss1()
+ was removed in OpenSSL 1.1.0
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_DigestSignInit.pod b/doc/crypto/EVP_DigestSignInit.pod
+index 4b9eb21..c97a732 100644
+--- a/doc/crypto/EVP_DigestSignInit.pod
++++ b/doc/crypto/EVP_DigestSignInit.pod
+@@ -9,7 +9,7 @@ EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal - EVP signing func
+ #include <openssl/evp.h>
+
+ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+- const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
++ const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
+
+@@ -56,7 +56,7 @@ needed to be used to sign using SHA1 and DSA. This is no longer necessary and
+ the use of clone digest is now discouraged.
+
+ For some key types and parameters the random number generator must be seeded
+-or the operation will fail.
++or the operation will fail.
+
+ The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
+ context. This means that calls to EVP_DigestSignUpdate() and
+@@ -81,7 +81,16 @@ L<sha(3)>, L<dgst(1)>
+
+ =head1 HISTORY
+
+-EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
++EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
+ were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_DigestVerifyInit.pod b/doc/crypto/EVP_DigestVerifyInit.pod
+index cc740b7..15db70e 100644
+--- a/doc/crypto/EVP_DigestVerifyInit.pod
++++ b/doc/crypto/EVP_DigestVerifyInit.pod
+@@ -9,7 +9,7 @@ EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal - EVP signat
+ #include <openssl/evp.h>
+
+ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+- const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
++ const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen);
+
+@@ -56,7 +56,7 @@ needed to be used to sign using SHA1 and DSA. This is no longer necessary and
+ the use of clone digest is now discouraged.
+
+ For some key types and parameters the random number generator must be seeded
+-or the operation will fail.
++or the operation will fail.
+
+ The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
+ context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can
+@@ -76,7 +76,16 @@ L<sha(3)>, L<dgst(1)>
+
+ =head1 HISTORY
+
+-EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
++EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
+ were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_EncodeInit.pod b/doc/crypto/EVP_EncodeInit.pod
+new file mode 100644
+index 0000000..f653226
+--- /dev/null
++++ b/doc/crypto/EVP_EncodeInit.pod
+@@ -0,0 +1,155 @@
++=pod
++
++=head1 NAME
++
++EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_num, EVP_EncodeInit,
++EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit,
++EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode
++routines
++
++=head1 SYNOPSIS
++
++ #include <openssl/evp.h>
++
++ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
++ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
++ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
++ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
++ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
++ const unsigned char *in, int inl);
++ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
++ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
++
++ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
++ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
++ const unsigned char *in, int inl);
++ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
++ char *out, int *outl);
++ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
++
++=head1 DESCRIPTION
++
++The EVP encode routines provide a high level interface to base 64 encoding and
++decoding. Base 64 encoding converts binary data into a printable form that uses
++the characters A-Z, a-z, 0-9, "+" and "/" to represent the data. For every 3
++bytes of binary data provided 4 bytes of base 64 encoded data will be produced
++plus some occasional newlines (see below). If the input data length is not a
++multiple of 3 then the output data will be padded at the end using the "="
++character.
++
++EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for
++the encode/decode functions.
++
++EVP_ENCODE_CTX_free() cleans up an encode/decode context B<ctx> and frees up the
++space allocated to it.
++
++Encoding of binary data is performed in blocks of 48 input bytes (or less for
++the final block). For each 48 byte input block encoded 64 bytes of base 64 data
++is output plus an additional newline character (i.e. 65 bytes in total). The
++final block (which may be less than 48 bytes) will output 4 bytes for every 3
++bytes of input. If the data length is not divisible by 3 then a full 4 bytes is
++still output for the final 1 or 2 bytes of input. Similarly a newline character
++will also be output.
++
++EVP_EncodeInit() initialises B<ctx> for the start of a new encoding operation.
++
++EVP_EncodeUpdate() encode B<inl> bytes of data found in the buffer pointed to by
++B<in>. The output is stored in the buffer B<out> and the number of bytes output
++is stored in B<*outl>. It is the caller's responsibility to ensure that the
++buffer at B<out> is sufficiently large to accommodate the output data. Only full
++blocks of data (48 bytes) will be immediately processed and output by this
++function. Any remainder is held in the B<ctx> object and will be processed by a
++subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the
++required size of the output buffer add together the value of B<inl> with the
++amount of unprocessed data held in B<ctx> and divide the result by 48 (ignore
++any remainder). This gives the number of blocks of data that will be processed.
++Ensure the output buffer contains 65 bytes of storage for each block, plus an
++additional byte for a NUL terminator. EVP_EncodeUpdate() may be called
++repeatedly to process large amounts of input data. In the event of an error
++EVP_EncodeUpdate() will set B<*outl> to 0.
++
++EVP_EncodeFinal() must be called at the end of an encoding operation. It will
++process any partial block of data remaining in the B<ctx> object. The output
++data will be stored in B<out> and the length of the data written will be stored
++in B<*outl>. It is the caller's responsibility to ensure that B<out> is
++sufficiently large to accommodate the output data which will never be more than
++65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).
++
++EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to
++be encoded or decoded that are pending in the B<ctx> object.
++
++EVP_EncodeBlock() encodes a full block of input data in B<f> and of length
++B<dlen> and stores it in B<t>. For every 3 bytes of input provided 4 bytes of
++output data will be produced. If B<dlen> is not divisible by 3 then the block is
++encoded as a final block of data and the output is padded such that it is always
++divisible by 4. Additionally a NUL terminator character will be added. For
++example if 16 bytes of input data is provided then 24 bytes of encoded data is
++created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of
++the data generated I<without> the NUL terminator is returned from the function.
++
++EVP_DecodeInit() initialises B<ctx> for the start of a new decoding operation.
++
++EVP_DecodeUpdate() decodes B<inl> characters of data found in the buffer pointed
++to by B<in>. The output is stored in the buffer B<out> and the number of bytes
++output is stored in B<*outl>. It is the caller's responsibility to ensure that
++the buffer at B<out> is sufficiently large to accommodate the output data. This
++function will attempt to decode as much data as possible in 4 byte chunks. Any
++whitespace, newline or carriage return characters are ignored. Any partial chunk
++of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in
++the B<ctx> object and processed by a subsequent call to EVP_DecodeUpdate(). If
++any illegal base 64 characters are encountered or if the base 64 padding
++character "=" is encountered in the middle of the data then the function returns
++-1 to indicate an error. A return value of 0 or 1 indicates successful
++processing of the data. A return value of 0 additionally indicates that the last
++input data characters processed included the base 64 padding character "=" and
++therefore no more non-padding character data is expected to be processed. For
++every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and
++line feeds), 3 bytes of binary output data will be produced (or less at the end
++of the data where the padding character "=" has been used).
++
++EVP_DecodeFinal() must be called at the end of a decoding operation. If there
++is any unprocessed data still in B<ctx> then the input data must not have been
++a multiple of 4 and therefore an error has occurred. The function will return -1
++in this case. Otherwise the function returns 1 on success.
++
++EVP_DecodeBlock() will decode the block of B<n> characters of base 64 data
++contained in B<f> and store the result in B<t>. Any leading whitespace will be
++trimmed as will any trailing whitespace, newlines, carriage returns or EOF
++characters. After such trimming the length of the data in B<f> must be divisbile
++by 4. For every 4 input bytes exactly 3 output bytes will be produced. The
++output will be padded with 0 bits if necessary to ensure that the output is
++always 3 bytes for every 4 input bytes. This function will return the length of
++the data decoded or -1 on error.
++
++=head1 RETURN VALUES
++
++EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX
++object or NULL on error.
++
++EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in
++B<ctx>.
++
++EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL
++terminator.
++
++EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned
++then no more non-padding base 64 characters are expected.
++
++EVP_DecodeFinal() returns -1 on error or 1 on success.
++
++EVP_DecodeBlock() returns the length of the data decoded or -1 on error.
++
++=head1 SEE ALSO
++
++L<evp(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod
+index b42b64c..b185ea7 100644
+--- a/doc/crypto/EVP_EncryptInit.pod
++++ b/doc/crypto/EVP_EncryptInit.pod
+@@ -40,14 +40,14 @@ EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm - EVP cipher routines
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+- ENGINE *impl, unsigned char *key, unsigned char *iv);
++ ENGINE *impl, unsigned char *key, unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+- ENGINE *impl, unsigned char *key, unsigned char *iv);
++ ENGINE *impl, unsigned char *key, unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+@@ -83,12 +83,12 @@ EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm - EVP cipher routines
+ #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
+ #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
+
+- #define EVP_CIPHER_nid(e) ((e)->nid)
+- #define EVP_CIPHER_block_size(e) ((e)->block_size)
+- #define EVP_CIPHER_key_length(e) ((e)->key_len)
+- #define EVP_CIPHER_iv_length(e) ((e)->iv_len)
+- #define EVP_CIPHER_flags(e) ((e)->flags)
+- #define EVP_CIPHER_mode(e) ((e)->flags) & EVP_CIPH_MODE)
++ #define EVP_CIPHER_nid(e) ((e)->nid)
++ #define EVP_CIPHER_block_size(e) ((e)->block_size)
++ #define EVP_CIPHER_key_length(e) ((e)->key_len)
++ #define EVP_CIPHER_iv_length(e) ((e)->iv_len)
++ #define EVP_CIPHER_flags(e) ((e)->flags)
++ #define EVP_CIPHER_mode(e) ((e)->flags) & EVP_CIPH_MODE)
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+@@ -384,13 +384,13 @@ bits and 12 rounds.
+
+ AES Galois Counter Mode (GCM) for 128, 192 and 256 bit keys respectively.
+ These ciphers require additional control operations to function correctly: see
+-the L</GCM and OCB modes> section below for details.
++the L</GCM and OCB Modes> section below for details.
+
+ =item EVP_aes_128_ocb(void), EVP_aes_192_ocb(void), EVP_aes_256_ocb(void)
+
+-Offest Codebook Mode (OCB) for 128, 192 and 256 bit keys respectively.
++Offset Codebook Mode (OCB) for 128, 192 and 256 bit keys respectively.
+ These ciphers require additional control operations to function correctly: see
+-the L</GCM and OCB modes> section below for details.
++the L</GCM and OCB Modes> section below for details.
+
+ =item EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm()
+
+@@ -526,46 +526,46 @@ for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.
+ Encrypt a string using IDEA:
+
+ int do_crypt(char *outfile)
+- {
+- unsigned char outbuf[1024];
+- int outlen, tmplen;
+- /* Bogus key and IV: we'd normally set these from
+- * another source.
+- */
+- unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+- unsigned char iv[] = {1,2,3,4,5,6,7,8};
+- char intext[] = "Some Crypto Text";
+- EVP_CIPHER_CTX ctx;
+- FILE *out;
+-
+- ctx = EVP_CIPHER_CTX_new();
+- EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+-
+- if(!EVP_EncryptUpdate(ctx, outbuf, &outlen, intext, strlen(intext)))
+- {
+- /* Error */
+- return 0;
+- }
+- /* Buffer passed to EVP_EncryptFinal() must be after data just
+- * encrypted to avoid overwriting it.
+- */
+- if(!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen))
+- {
+- /* Error */
+- return 0;
+- }
+- outlen += tmplen;
+- EVP_CIPHER_CTX_free(ctx);
+- /* Need binary mode for fopen because encrypted data is
+- * binary data. Also cannot use strlen() on it because
++ {
++ unsigned char outbuf[1024];
++ int outlen, tmplen;
++ /* Bogus key and IV: we'd normally set these from
++ * another source.
++ */
++ unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
++ unsigned char iv[] = {1,2,3,4,5,6,7,8};
++ char intext[] = "Some Crypto Text";
++ EVP_CIPHER_CTX ctx;
++ FILE *out;
++
++ ctx = EVP_CIPHER_CTX_new();
++ EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
++
++ if(!EVP_EncryptUpdate(ctx, outbuf, &outlen, intext, strlen(intext)))
++ {
++ /* Error */
++ return 0;
++ }
++ /* Buffer passed to EVP_EncryptFinal() must be after data just
++ * encrypted to avoid overwriting it.
++ */
++ if(!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen))
++ {
++ /* Error */
++ return 0;
++ }
++ outlen += tmplen;
++ EVP_CIPHER_CTX_free(ctx);
++ /* Need binary mode for fopen because encrypted data is
++ * binary data. Also cannot use strlen() on it because
+ * it wont be null terminated and may contain embedded
+- * nulls.
+- */
+- out = fopen(outfile, "wb");
+- fwrite(outbuf, 1, outlen, out);
+- fclose(out);
+- return 1;
+- }
++ * nulls.
++ */
++ out = fopen(outfile, "wb");
++ fwrite(outbuf, 1, outlen, out);
++ fclose(out);
++ return 1;
++ }
+
+ The ciphertext from the above example can be decrypted using the B<openssl>
+ utility with the command line (shown on two lines for clarity):
+@@ -577,50 +577,50 @@ General encryption and decryption function example using FILE I/O and AES128
+ with a 128-bit key:
+
+ int do_crypt(FILE *in, FILE *out, int do_encrypt)
+- {
+- /* Allow enough space in output buffer for additional block */
+- unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+- int inlen, outlen;
+- EVP_CIPHER_CTX *ctx;
+- /* Bogus key and IV: we'd normally set these from
+- * another source.
+- */
+- unsigned char key[] = "0123456789abcdeF";
+- unsigned char iv[] = "1234567887654321";
+-
+- /* Don't set key or IV right away; we want to check lengths */
+- ctx = EVP_CIPHER_CTX_new();
+- EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+- do_encrypt);
+- OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+- OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+-
+- /* Now we can set key and IV */
+- EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+-
+- for(;;)
+- {
+- inlen = fread(inbuf, 1, 1024, in);
+- if(inlen <= 0) break;
+- if(!EVP_CipherUpdate(ctx, outbuf, &outlen, inbuf, inlen))
+- {
+- /* Error */
+- EVP_CIPHER_CTX_free(ctx);
+- return 0;
+- }
+- fwrite(outbuf, 1, outlen, out);
+- }
+- if(!EVP_CipherFinal_ex(ctx, outbuf, &outlen))
+- {
+- /* Error */
+- EVP_CIPHER_CTX_free(ctx);
+- return 0;
+- }
+- fwrite(outbuf, 1, outlen, out);
+-
+- EVP_CIPHER_CTX_free(ctx);
+- return 1;
+- }
++ {
++ /* Allow enough space in output buffer for additional block */
++ unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
++ int inlen, outlen;
++ EVP_CIPHER_CTX *ctx;
++ /* Bogus key and IV: we'd normally set these from
++ * another source.
++ */
++ unsigned char key[] = "0123456789abcdeF";
++ unsigned char iv[] = "1234567887654321";
++
++ /* Don't set key or IV right away; we want to check lengths */
++ ctx = EVP_CIPHER_CTX_new();
++ EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
++ do_encrypt);
++ OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
++ OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
++
++ /* Now we can set key and IV */
++ EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
++
++ for(;;)
++ {
++ inlen = fread(inbuf, 1, 1024, in);
++ if(inlen <= 0) break;
++ if(!EVP_CipherUpdate(ctx, outbuf, &outlen, inbuf, inlen))
++ {
++ /* Error */
++ EVP_CIPHER_CTX_free(ctx);
++ return 0;
++ }
++ fwrite(outbuf, 1, outlen, out);
++ }
++ if(!EVP_CipherFinal_ex(ctx, outbuf, &outlen))
++ {
++ /* Error */
++ EVP_CIPHER_CTX_free(ctx);
++ return 0;
++ }
++ fwrite(outbuf, 1, outlen, out);
++
++ EVP_CIPHER_CTX_free(ctx);
++ return 1;
++ }
+
+
+ =head1 SEE ALSO
+@@ -636,4 +636,13 @@ EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup()
+ disappeared. EVP_CIPHER_CTX_init() remains as an alias for
+ EVP_CIPHER_CTX_reset().
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_MD_meth_new.pod b/doc/crypto/EVP_MD_meth_new.pod
+index 0bab127..c222e37 100644
+--- a/doc/crypto/EVP_MD_meth_new.pod
++++ b/doc/crypto/EVP_MD_meth_new.pod
+@@ -157,4 +157,13 @@ L<EVP_DigestInit(3)>, L<EVP_SignInit(3)>, L<EVP_VerifyInit(3)>
+ The B<EVP_MD> structure was openly available in OpenSSL before version
+ 1.1. The functions described here were added in OpenSSL version 1.1.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_OpenInit.pod b/doc/crypto/EVP_OpenInit.pod
+index e207b01..293b4eb 100644
+--- a/doc/crypto/EVP_OpenInit.pod
++++ b/doc/crypto/EVP_OpenInit.pod
+@@ -9,7 +9,7 @@ EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption
+ #include <openssl/evp.h>
+
+ int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
+- int ekl,unsigned char *iv,EVP_PKEY *priv);
++ int ekl,unsigned char *iv,EVP_PKEY *priv);
+ int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, unsigned char *in, int inl);
+ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
+@@ -27,7 +27,7 @@ B<ekl> bytes passed in the B<ek> parameter using the private key B<priv>.
+ The IV is supplied in the B<iv> parameter.
+
+ EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
+-as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
++as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
+ documented on the L<EVP_EncryptInit(3)> manual
+ page.
+
+@@ -58,6 +58,13 @@ L<evp(3)>, L<rand(3)>,
+ L<EVP_EncryptInit(3)>,
+ L<EVP_SealInit(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_CTX_ctrl.pod b/doc/crypto/EVP_PKEY_CTX_ctrl.pod
+index cc27e54..c9b7fdd 100644
+--- a/doc/crypto/EVP_PKEY_CTX_ctrl.pod
++++ b/doc/crypto/EVP_PKEY_CTX_ctrl.pod
+@@ -16,9 +16,9 @@ EVP_PKEY_CTX_set_ec_param_enc - algorithm specific control operations
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+- int cmd, int p1, void *p2);
++ int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+- const char *value);
++ const char *value);
+
+ #include <openssl/rsa.h>
+
+@@ -141,4 +141,13 @@ L<EVP_PKEY_keygen(3)>
+
+ These functions were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_CTX_new.pod b/doc/crypto/EVP_PKEY_CTX_new.pod
+index 5fb5d58..30b5794 100644
+--- a/doc/crypto/EVP_PKEY_CTX_new.pod
++++ b/doc/crypto/EVP_PKEY_CTX_new.pod
+@@ -50,4 +50,13 @@ L<EVP_PKEY_new(3)>
+
+ These functions were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_HKDF.pod b/doc/crypto/EVP_PKEY_HKDF.pod
+index 8a5ef98..8ce79c3 100644
+--- a/doc/crypto/EVP_PKEY_HKDF.pod
++++ b/doc/crypto/EVP_PKEY_HKDF.pod
+@@ -116,4 +116,13 @@ L<EVP_PKEY_CTX_new(3)>,
+ L<EVP_PKEY_CTX_ctrl_str(3)>,
+ L<EVP_PKEY_derive(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_TLS1_PRF.pod b/doc/crypto/EVP_PKEY_TLS1_PRF.pod
+index e2264fc..5c8dd9d 100644
+--- a/doc/crypto/EVP_PKEY_TLS1_PRF.pod
++++ b/doc/crypto/EVP_PKEY_TLS1_PRF.pod
+@@ -96,4 +96,13 @@ L<EVP_PKEY_CTX_new(3)>,
+ L<EVP_PKEY_CTX_ctrl_str(3)>,
+ L<EVP_PKEY_derive(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_cmp.pod b/doc/crypto/EVP_PKEY_cmp.pod
+index 9e0107f..4e1f78b 100644
+--- a/doc/crypto/EVP_PKEY_cmp.pod
++++ b/doc/crypto/EVP_PKEY_cmp.pod
+@@ -56,6 +56,15 @@ keys match, 0 if they don't match, -1 if the key types are different and
+ =head1 SEE ALSO
+
+ L<EVP_PKEY_CTX_new(3)>,
+-L<EVP_PKEY_keygen(3)>
++L<EVP_PKEY_keygen(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_decrypt.pod b/doc/crypto/EVP_PKEY_decrypt.pod
+index e94f3a8..ca732ed 100644
+--- a/doc/crypto/EVP_PKEY_decrypt.pod
++++ b/doc/crypto/EVP_PKEY_decrypt.pod
+@@ -10,8 +10,8 @@ EVP_PKEY_decrypt_init, EVP_PKEY_decrypt - decrypt using a public key algorithm
+
+ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+- unsigned char *out, size_t *outlen,
+- const unsigned char *in, size_t inlen);
++ unsigned char *out, size_t *outlen,
++ const unsigned char *in, size_t inlen);
+
+ =head1 DESCRIPTION
+
+@@ -50,30 +50,30 @@ Decrypt data using OAEP (for RSA keys):
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *out, *in;
+- size_t outlen, inlen;
++ size_t outlen, inlen;
+ EVP_PKEY *key;
+ /* NB: assumes key in, inlen are already set up
+ * and that key is an RSA private key
+ */
+ ctx = EVP_PKEY_CTX_new(key);
+ if (!ctx)
+- /* Error occurred */
++ /* Error occurred */
+ if (EVP_PKEY_decrypt_init(ctx) <= 0)
+- /* Error */
++ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+- /* Error */
++ /* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+- /* malloc failure */
+-
++ /* malloc failure */
++
+ if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Decrypted data is outlen bytes written to buffer out */
+
+@@ -84,10 +84,19 @@ L<EVP_PKEY_encrypt(3)>,
+ L<EVP_PKEY_sign(3)>,
+ L<EVP_PKEY_verify(3)>,
+ L<EVP_PKEY_verify_recover(3)>,
+-L<EVP_PKEY_derive(3)>
++L<EVP_PKEY_derive(3)>
+
+ =head1 HISTORY
+
+ These functions were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_derive.pod b/doc/crypto/EVP_PKEY_derive.pod
+index f6f3ac7..8c57735 100644
+--- a/doc/crypto/EVP_PKEY_derive.pod
++++ b/doc/crypto/EVP_PKEY_derive.pod
+@@ -57,23 +57,23 @@ Derive shared secret (for example DH or EC keys):
+
+ ctx = EVP_PKEY_CTX_new(pkey);
+ if (!ctx)
+- /* Error occurred */
++ /* Error occurred */
+ if (EVP_PKEY_derive_init(ctx) <= 0)
+- /* Error */
++ /* Error */
+ if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0)
+- /* Error */
++ /* Error */
+
+ skey = OPENSSL_malloc(skeylen);
+
+ if (!skey)
+- /* malloc failure */
+-
++ /* malloc failure */
++
+ if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Shared secret is skey bytes written to buffer skey */
+
+@@ -90,4 +90,13 @@ L<EVP_PKEY_verify_recover(3)>,
+
+ These functions were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_encrypt.pod b/doc/crypto/EVP_PKEY_encrypt.pod
+index 819d864..9dc8499 100644
+--- a/doc/crypto/EVP_PKEY_encrypt.pod
++++ b/doc/crypto/EVP_PKEY_encrypt.pod
+@@ -10,8 +10,8 @@ EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm
+
+ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+- unsigned char *out, size_t *outlen,
+- const unsigned char *in, size_t inlen);
++ unsigned char *out, size_t *outlen,
++ const unsigned char *in, size_t inlen);
+
+ =head1 DESCRIPTION
+
+@@ -54,30 +54,30 @@ set 'eng = NULL;' to start with the default OpenSSL RSA implementation:
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ unsigned char *out, *in;
+- size_t outlen, inlen;
++ size_t outlen, inlen;
+ EVP_PKEY *key;
+ /* NB: assumes eng, key, in, inlen are already set up,
+ * and that key is an RSA public key
+ */
+ ctx = EVP_PKEY_CTX_new(key,eng);
+ if (!ctx)
+- /* Error occurred */
++ /* Error occurred */
+ if (EVP_PKEY_encrypt_init(ctx) <= 0)
+- /* Error */
++ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+- /* Error */
++ /* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+- /* malloc failure */
+-
++ /* malloc failure */
++
+ if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Encrypted data is outlen bytes written to buffer out */
+
+@@ -90,10 +90,19 @@ L<EVP_PKEY_decrypt(3)>,
+ L<EVP_PKEY_sign(3)>,
+ L<EVP_PKEY_verify(3)>,
+ L<EVP_PKEY_verify_recover(3)>,
+-L<EVP_PKEY_derive(3)>
++L<EVP_PKEY_derive(3)>
+
+ =head1 HISTORY
+
+ These functions were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_get_default_digest.pod b/doc/crypto/EVP_PKEY_get_default_digest.pod
+index 8ac104e..3dce5c5 100644
+--- a/doc/crypto/EVP_PKEY_get_default_digest.pod
++++ b/doc/crypto/EVP_PKEY_get_default_digest.pod
+@@ -38,4 +38,13 @@ L<EVP_PKEY_verify_recover(3)>,
+
+ This function was first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_keygen.pod b/doc/crypto/EVP_PKEY_keygen.pod
+index c86e013..ec803c9 100644
+--- a/doc/crypto/EVP_PKEY_keygen.pod
++++ b/doc/crypto/EVP_PKEY_keygen.pod
+@@ -28,7 +28,7 @@ EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen
+ The EVP_PKEY_keygen_init() function initializes a public key algorithm
+ context using key B<pkey> for a key generation operation.
+
+-The EVP_PKEY_keygen() function performs a key generation operation, the
++The EVP_PKEY_keygen() function performs a key generation operation, the
+ generated key is written to B<ppkey>.
+
+ The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar
+@@ -95,15 +95,15 @@ Generate a 2048 bit RSA key:
+ EVP_PKEY *pkey = NULL;
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+- /* Error occurred */
++ /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+- /* Error */
++ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+- /* Error */
++ /* Error */
+
+ Generate a key from a set of parameters:
+
+@@ -115,13 +115,13 @@ Generate a key from a set of parameters:
+ /* Assumed param is set up already */
+ ctx = EVP_PKEY_CTX_new(param);
+ if (!ctx)
+- /* Error occurred */
++ /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+- /* Error */
++ /* Error */
+
+ Example of generation callback for OpenSSL public key implementations:
+
+@@ -130,19 +130,19 @@ Example of generation callback for OpenSSL public key implementations:
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+- {
+- char c='*';
+- BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+- int p;
+- p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+- if (p == 0) c='.';
+- if (p == 1) c='+';
+- if (p == 2) c='*';
+- if (p == 3) c='\n';
+- BIO_write(b,&c,1);
+- (void)BIO_flush(b);
+- return 1;
+- }
++ {
++ char c='*';
++ BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
++ int p;
++ p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
++ if (p == 0) c='.';
++ if (p == 1) c='+';
++ if (p == 2) c='*';
++ if (p == 3) c='\n';
++ BIO_write(b,&c,1);
++ (void)BIO_flush(b);
++ return 1;
++ }
+
+ =head1 SEE ALSO
+
+@@ -152,10 +152,19 @@ L<EVP_PKEY_decrypt(3)>,
+ L<EVP_PKEY_sign(3)>,
+ L<EVP_PKEY_verify(3)>,
+ L<EVP_PKEY_verify_recover(3)>,
+-L<EVP_PKEY_derive(3)>
++L<EVP_PKEY_derive(3)>
+
+ =head1 HISTORY
+
+ These functions were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_new.pod b/doc/crypto/EVP_PKEY_new.pod
+index 05ac087..2d9f121 100644
+--- a/doc/crypto/EVP_PKEY_new.pod
++++ b/doc/crypto/EVP_PKEY_new.pod
+@@ -9,7 +9,7 @@ EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free - private key allocation functions.
+ #include <openssl/evp.h>
+
+ EVP_PKEY *EVP_PKEY_new(void);
+- void EVP_PKEY_up_ref(EVP_PKEY *key);
++ int EVP_PKEY_up_ref(EVP_PKEY *key);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+
+@@ -37,7 +37,7 @@ used.
+ EVP_PKEY_new() returns either the newly allocated B<EVP_PKEY> structure or
+ B<NULL> if an error occurred.
+
+-EVP_PKEY_up_ref() and EVP_PKEY_free() do not return a value.
++EVP_PKEY_up_ref() returns 1 for success and 0 for failure.
+
+ =head1 SEE ALSO
+
+@@ -49,4 +49,13 @@ EVP_PKEY_new() and EVP_PKEY_free() exist in all versions of OpenSSL.
+
+ EVP_PKEY_up_ref() was first added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_print_private.pod b/doc/crypto/EVP_PKEY_print_private.pod
+index 8664c49..f122c03 100644
+--- a/doc/crypto/EVP_PKEY_print_private.pod
++++ b/doc/crypto/EVP_PKEY_print_private.pod
+@@ -9,11 +9,11 @@ EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public ke
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+- int indent, ASN1_PCTX *pctx);
++ int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+- int indent, ASN1_PCTX *pctx);
++ int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+- int indent, ASN1_PCTX *pctx);
++ int indent, ASN1_PCTX *pctx);
+
+ =head1 DESCRIPTION
+
+@@ -28,7 +28,7 @@ be used.
+
+ =head1 NOTES
+
+-Currently no public key algorithms include any options in the B<pctx> parameter
++Currently no public key algorithms include any options in the B<pctx> parameter
+ parameter.
+
+ If the key does not include all the components indicated by the function then
+@@ -44,10 +44,19 @@ the public key algorithm.
+ =head1 SEE ALSO
+
+ L<EVP_PKEY_CTX_new(3)>,
+-L<EVP_PKEY_keygen(3)>
++L<EVP_PKEY_keygen(3)>
+
+ =head1 HISTORY
+
+ These functions were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_set1_RSA.pod b/doc/crypto/EVP_PKEY_set1_RSA.pod
+index c7fd8e9..5620d6c 100644
+--- a/doc/crypto/EVP_PKEY_set1_RSA.pod
++++ b/doc/crypto/EVP_PKEY_set1_RSA.pod
+@@ -105,4 +105,13 @@ type or B<NID_undef> (equivalently B<EVP_PKEY_NONE>) on error.
+
+ L<EVP_PKEY_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_sign.pod b/doc/crypto/EVP_PKEY_sign.pod
+index f189206..9b3c8d4 100644
+--- a/doc/crypto/EVP_PKEY_sign.pod
++++ b/doc/crypto/EVP_PKEY_sign.pod
+@@ -10,8 +10,8 @@ EVP_PKEY_sign_init, EVP_PKEY_sign - sign using a public key algorithm
+
+ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+- unsigned char *sig, size_t *siglen,
+- const unsigned char *tbs, size_t tbslen);
++ unsigned char *sig, size_t *siglen,
++ const unsigned char *tbs, size_t tbslen);
+
+ =head1 DESCRIPTION
+
+@@ -66,25 +66,25 @@ Sign data using RSA with PKCS#1 padding and SHA256 digest:
+ */
+ ctx = EVP_PKEY_CTX_new(signing_key, NULL /* no engine */);
+ if (!ctx)
+- /* Error occurred */
++ /* Error occurred */
+ if (EVP_PKEY_sign_init(ctx) <= 0)
+- /* Error */
++ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+- /* Error */
++ /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_sign(ctx, NULL, &siglen, md, mdlen) <= 0)
+- /* Error */
++ /* Error */
+
+ sig = OPENSSL_malloc(siglen);
+
+ if (!sig)
+- /* malloc failure */
+-
++ /* malloc failure */
++
+ if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Signature is siglen bytes written to buffer sig */
+
+@@ -97,10 +97,19 @@ L<EVP_PKEY_encrypt(3)>,
+ L<EVP_PKEY_decrypt(3)>,
+ L<EVP_PKEY_verify(3)>,
+ L<EVP_PKEY_verify_recover(3)>,
+-L<EVP_PKEY_derive(3)>
++L<EVP_PKEY_derive(3)>
+
+ =head1 HISTORY
+
+ These functions were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_verify.pod b/doc/crypto/EVP_PKEY_verify.pod
+index 4952b7f..e84f880 100644
+--- a/doc/crypto/EVP_PKEY_verify.pod
++++ b/doc/crypto/EVP_PKEY_verify.pod
+@@ -10,8 +10,8 @@ EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public ke
+
+ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+- const unsigned char *sig, size_t siglen,
+- const unsigned char *tbs, size_t tbslen);
++ const unsigned char *sig, size_t siglen,
++ const unsigned char *tbs, size_t tbslen);
+
+ =head1 DESCRIPTION
+
+@@ -53,20 +53,20 @@ Verify signature using PKCS#1 and SHA256 digest:
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *md, *sig;
+- size_t mdlen, siglen;
++ size_t mdlen, siglen;
+ EVP_PKEY *verify_key;
+ /* NB: assumes verify_key, sig, siglen md and mdlen are already set up
+ * and that verify_key is an RSA public key
+ */
+ ctx = EVP_PKEY_CTX_new(verify_key);
+ if (!ctx)
+- /* Error occurred */
++ /* Error occurred */
+ if (EVP_PKEY_verify_init(ctx) <= 0)
+- /* Error */
++ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+- /* Error */
++ /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Perform operation */
+ ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen);
+@@ -82,10 +82,19 @@ L<EVP_PKEY_encrypt(3)>,
+ L<EVP_PKEY_decrypt(3)>,
+ L<EVP_PKEY_sign(3)>,
+ L<EVP_PKEY_verify_recover(3)>,
+-L<EVP_PKEY_derive(3)>
++L<EVP_PKEY_derive(3)>
+
+ =head1 HISTORY
+
+ These functions were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_PKEY_verify_recover.pod b/doc/crypto/EVP_PKEY_verify_recover.pod
+index 6c2287b..837bc64 100644
+--- a/doc/crypto/EVP_PKEY_verify_recover.pod
++++ b/doc/crypto/EVP_PKEY_verify_recover.pod
+@@ -10,8 +10,8 @@ EVP_PKEY_verify_recover_init, EVP_PKEY_verify_recover - recover signature using
+
+ int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+- unsigned char *rout, size_t *routlen,
+- const unsigned char *sig, size_t siglen);
++ unsigned char *rout, size_t *routlen,
++ const unsigned char *sig, size_t siglen);
+
+ =head1 DESCRIPTION
+
+@@ -29,7 +29,7 @@ B<rout> and the amount of data written to B<routlen>.
+ =head1 NOTES
+
+ Normally an application is only interested in whether a signature verification
+-operation is successful in those cases the EVP_verify() function should be
++operation is successful in those cases the EVP_verify() function should be
+ used.
+
+ Sometimes however it is useful to obtain the data originally signed using a
+@@ -58,32 +58,32 @@ Recover digest originally signed using PKCS#1 and SHA256 digest:
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *rout, *sig;
+- size_t routlen, siglen;
++ size_t routlen, siglen;
+ EVP_PKEY *verify_key;
+ /* NB: assumes verify_key, sig and siglen are already set up
+ * and that verify_key is an RSA public key
+ */
+ ctx = EVP_PKEY_CTX_new(verify_key);
+ if (!ctx)
+- /* Error occurred */
++ /* Error occurred */
+ if (EVP_PKEY_verify_recover_init(ctx) <= 0)
+- /* Error */
++ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+- /* Error */
++ /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_verify_recover(ctx, NULL, &routlen, sig, siglen) <= 0)
+- /* Error */
++ /* Error */
+
+ rout = OPENSSL_malloc(routlen);
+
+ if (!rout)
+- /* malloc failure */
+-
++ /* malloc failure */
++
+ if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0)
+- /* Error */
++ /* Error */
+
+ /* Recovered data is routlen bytes written to buffer rout */
+
+@@ -94,10 +94,19 @@ L<EVP_PKEY_encrypt(3)>,
+ L<EVP_PKEY_decrypt(3)>,
+ L<EVP_PKEY_sign(3)>,
+ L<EVP_PKEY_verify(3)>,
+-L<EVP_PKEY_derive(3)>
++L<EVP_PKEY_derive(3)>
+
+ =head1 HISTORY
+
+ These functions were first added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_SealInit.pod b/doc/crypto/EVP_SealInit.pod
+index e920e3e..30bd680 100644
+--- a/doc/crypto/EVP_SealInit.pod
++++ b/doc/crypto/EVP_SealInit.pod
+@@ -42,9 +42,9 @@ If the cipher does not require an IV then the B<iv> parameter is ignored
+ and can be B<NULL>.
+
+ EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties
+-as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as
++as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as
+ documented on the L<EVP_EncryptInit(3)> manual
+-page.
++page.
+
+ =head1 RETURN VALUES
+
+@@ -78,4 +78,13 @@ L<evp(3)>, L<rand(3)>,
+ L<EVP_EncryptInit(3)>,
+ L<EVP_OpenInit(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_SignInit.pod b/doc/crypto/EVP_SignInit.pod
+index 185b113..171dbec 100644
+--- a/doc/crypto/EVP_SignInit.pod
++++ b/doc/crypto/EVP_SignInit.pod
+@@ -60,7 +60,7 @@ transparent to the algorithm used and much more flexible.
+
+ Due to the link between message digests and public key algorithms the correct
+ digest algorithm must be used with the correct public key type. A list of
+-algorithms and associated public key algorithms appears in
++algorithms and associated public key algorithms appears in
+ L<EVP_DigestInit(3)>.
+
+ When signing with DSA private keys the random number generator must be seeded
+@@ -77,7 +77,7 @@ will occur.
+
+ =head1 BUGS
+
+-Older versions of this documentation wrongly stated that calls to
++Older versions of this documentation wrongly stated that calls to
+ EVP_SignUpdate() could not be made after calling EVP_SignFinal().
+
+ Since the private key is passed in the call to EVP_SignFinal() any error
+@@ -97,4 +97,13 @@ L<evp(3)>, L<hmac(3)>, L<md2(3)>,
+ L<md5(3)>, L<mdc2(3)>, L<ripemd(3)>,
+ L<sha(3)>, L<dgst(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/EVP_VerifyInit.pod b/doc/crypto/EVP_VerifyInit.pod
+index 7fb6e63..79bd581 100644
+--- a/doc/crypto/EVP_VerifyInit.pod
++++ b/doc/crypto/EVP_VerifyInit.pod
+@@ -51,7 +51,7 @@ transparent to the algorithm used and much more flexible.
+
+ Due to the link between message digests and public key algorithms the correct
+ digest algorithm must be used with the correct public key type. A list of
+-algorithms and associated public key algorithms appears in
++algorithms and associated public key algorithms appears in
+ L<EVP_DigestInit(3)>.
+
+ The call to EVP_VerifyFinal() internally finalizes a copy of the digest context.
+@@ -64,7 +64,7 @@ will occur.
+
+ =head1 BUGS
+
+-Older versions of this documentation wrongly stated that calls to
++Older versions of this documentation wrongly stated that calls to
+ EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().
+
+ Since the public key is passed in the call to EVP_SignFinal() any error
+@@ -85,4 +85,13 @@ L<evp(3)>, L<hmac(3)>, L<md2(3)>,
+ L<md5(3)>, L<mdc2(3)>, L<ripemd(3)>,
+ L<sha(3)>, L<dgst(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OBJ_nid2obj.pod b/doc/crypto/OBJ_nid2obj.pod
+index d777d7c..ac34a40 100644
+--- a/doc/crypto/OBJ_nid2obj.pod
++++ b/doc/crypto/OBJ_nid2obj.pod
+@@ -42,7 +42,7 @@ Deprecated:
+ The ASN1 object utility functions process ASN1_OBJECT structures which are
+ a representation of the ASN1 OBJECT IDENTIFIER (OID) type.
+
+-OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to
++OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to
+ an ASN1_OBJECT structure, its long name and its short name respectively,
+ or B<NULL> is an error occurred.
+
+@@ -70,7 +70,7 @@ OBJ_cmp() compares B<a> to B<b>. If the two are identical 0 is returned.
+
+ OBJ_dup() returns a copy of B<o>.
+
+-OBJ_create() adds a new object to the internal table. B<oid> is the
++OBJ_create() adds a new object to the internal table. B<oid> is the
+ numerical form of the object, B<sn> the short name and B<ln> the
+ long name. A new NID is returned for the created object.
+
+@@ -127,7 +127,7 @@ Create an object for B<commonName>:
+ Check if an object is B<commonName>
+
+ if (OBJ_obj2nid(obj) == NID_commonName)
+- /* Do something */
++ /* Do something */
+
+ Create a new NID and initialize an object from it:
+
+@@ -136,14 +136,14 @@ Create a new NID and initialize an object from it:
+ new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
+
+ obj = OBJ_nid2obj(new_nid);
+-
++
+ Create a new object directly:
+
+ obj = OBJ_txt2obj("1.2.3.4", 1);
+
+ =head1 BUGS
+
+-OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
++OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
+ convention of other OpenSSL functions where the buffer can be set
+ to B<NULL> to determine the amount of data that should be written.
+ Instead B<buf> must point to a valid buffer and B<buf_len> should
+@@ -169,4 +169,13 @@ L<ERR_get_error(3)>
+
+ OBJ_cleanup() was deprecated in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OCSP_REQUEST_new.pod b/doc/crypto/OCSP_REQUEST_new.pod
+index b74f56a..82de0d5 100644
+--- a/doc/crypto/OCSP_REQUEST_new.pod
++++ b/doc/crypto/OCSP_REQUEST_new.pod
+@@ -1,5 +1,7 @@
+ =pod
+
++=head1 NAME
++
+ OCSP_REQUEST_new, OCSP_REQUEST_free, OCSP_request_add0_id, OCSP_request_sign,
+ OCSP_request_add1_cert, OCSP_request_onereq_count,
+ OCSP_request_onereq_get0 - OCSP request functions.
+@@ -104,4 +106,13 @@ L<OCSP_response_find_status(3)>,
+ L<OCSP_response_status(3)>,
+ L<OCSP_sendreq_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OCSP_cert_to_id.pod b/doc/crypto/OCSP_cert_to_id.pod
+index ac11ba7..bd06417 100644
+--- a/doc/crypto/OCSP_cert_to_id.pod
++++ b/doc/crypto/OCSP_cert_to_id.pod
+@@ -1,5 +1,7 @@
+ =pod
+
++=head1 NAME
++
+ OCSP_cert_to_id, OCSP_cert_id_new, OCSP_CERTID_free, OCSP_id_issuer_cmp,
+ OCSP_id_cmp, OCSP_id_get0_info - OCSP certificate ID utility functions.
+
+@@ -75,4 +77,13 @@ L<OCSP_response_find_status(3)>,
+ L<OCSP_response_status(3)>,
+ L<OCSP_sendreq_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OCSP_request_add1_nonce.pod b/doc/crypto/OCSP_request_add1_nonce.pod
+index a95000e..4162c70 100644
+--- a/doc/crypto/OCSP_request_add1_nonce.pod
++++ b/doc/crypto/OCSP_request_add1_nonce.pod
+@@ -1,5 +1,7 @@
+ =pod
+
++=head1 NAME
++
+ OCSP_request_add1_nonce, OCSP_basic_add1_nonce, OCSP_check_nonce, OCSP_copy_nonce - OCSP nonce functions.
+
+ =head1 SYNOPSIS
+@@ -70,4 +72,13 @@ L<OCSP_response_find_status(3)>,
+ L<OCSP_response_status(3)>,
+ L<OCSP_sendreq_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OCSP_response_find_status.pod b/doc/crypto/OCSP_response_find_status.pod
+index 2a14189..8baeb2f 100644
+--- a/doc/crypto/OCSP_response_find_status.pod
++++ b/doc/crypto/OCSP_response_find_status.pod
+@@ -1,5 +1,7 @@
+ =pod
+
++=head1 NAME
++
+ OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity - OCSP response utility functions.
+
+ =head1 SYNOPSIS
+@@ -106,4 +108,13 @@ L<OCSP_REQUEST_new(3)>,
+ L<OCSP_response_status(3)>,
+ L<OCSP_sendreq_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OCSP_response_status.pod b/doc/crypto/OCSP_response_status.pod
+index 5195b2a..8cae3ae 100644
+--- a/doc/crypto/OCSP_response_status.pod
++++ b/doc/crypto/OCSP_response_status.pod
+@@ -1,5 +1,7 @@
+ =pod
+
++=head1 NAME
++
+ OCSP_response_status, OCSP_response_get1_basic, OCSP_response_create,
+ OCSP_RESPONSE_free - OCSP response functions.
+
+@@ -21,7 +23,7 @@ B<OCSP_RESPONSE_STATUS_INTERNALERROR>, B<OCSP_RESPONSE_STATUS_TRYLATER>
+ B<OCSP_RESPONSE_STATUS_SIGREQUIRED>, or B<OCSP_RESPONSE_STATUS_UNAUTHORIZED>.
+
+ OCSP_response_get1_basic() decodes and returns the B<OCSP_BASICRESP> structure
+-contained in B<resp>.
++contained in B<resp>.
+
+ OCSP_response_create() creates and returns an B<OCSP_RESPONSE> structure for
+ B<status> and optionally including basic response B<bs>.
+@@ -54,4 +56,13 @@ L<OCSP_REQUEST_new(3)>
+ L<OCSP_response_find_status(3)>
+ L<OCSP_sendreq_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OCSP_sendreq_new.pod b/doc/crypto/OCSP_sendreq_new.pod
+index 1d5599a..c7fdc9b 100644
+--- a/doc/crypto/OCSP_sendreq_new.pod
++++ b/doc/crypto/OCSP_sendreq_new.pod
+@@ -110,4 +110,13 @@ L<OCSP_REQUEST_new(3)>,
+ L<OCSP_response_find_status(3)>,
+ L<OCSP_response_status(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OPENSSL_Applink.pod b/doc/crypto/OPENSSL_Applink.pod
+index e54de12..59f46eb 100644
+--- a/doc/crypto/OPENSSL_Applink.pod
++++ b/doc/crypto/OPENSSL_Applink.pod
+@@ -18,4 +18,13 @@ expected to implement it, but to compile provided module with
+ compiler of their choice and link it into the target application.
+ The referred module is available as <openssl>/ms/applink.c.
+
++=head1 COPYRIGHT
++
++Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OPENSSL_VERSION_NUMBER.pod b/doc/crypto/OPENSSL_VERSION_NUMBER.pod
+index d87d719..9cc1ed1 100644
+--- a/doc/crypto/OPENSSL_VERSION_NUMBER.pod
++++ b/doc/crypto/OPENSSL_VERSION_NUMBER.pod
+@@ -94,4 +94,13 @@ The version number.
+
+ L<crypto(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OPENSSL_config.pod b/doc/crypto/OPENSSL_config.pod
+index 77061a0..1a8af86 100644
+--- a/doc/crypto/OPENSSL_config.pod
++++ b/doc/crypto/OPENSSL_config.pod
+@@ -61,4 +61,13 @@ L<CONF_modules_load_file(3)>
+ The OPENSSL_no_config() and OPENSSL_config() functions were
+ deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto().
+
++=head1 COPYRIGHT
++
++Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OPENSSL_ia32cap.pod b/doc/crypto/OPENSSL_ia32cap.pod
+index 90156d2..363d158 100644
+--- a/doc/crypto/OPENSSL_ia32cap.pod
++++ b/doc/crypto/OPENSSL_ia32cap.pod
+@@ -94,3 +94,14 @@ and RORX;
+ =item bit #64+19 denoting availability of ADCX and ADOX instructions;
+
+ =back
++
++=head1 COPYRIGHT
++
++Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/OPENSSL_init_crypto.pod b/doc/crypto/OPENSSL_init_crypto.pod
+index e701b1d..8caa361 100644
+--- a/doc/crypto/OPENSSL_init_crypto.pod
++++ b/doc/crypto/OPENSSL_init_crypto.pod
+@@ -16,8 +16,9 @@ initialisation and deinitialisation functions
+ void OPENSSL_thread_stop(void);
+
+ OPENSSL_INIT_SETTINGS *OPENSSL_init_new(void);
+- OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init, const char* name);
+- OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);
++ int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init,
++ const char* name);
++ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);
+
+ =head1 DESCRIPTION
+
+@@ -208,8 +209,8 @@ using static linking should also call OPENSSL_thread_stop().
+
+ =head1 RETURN VALUES
+
+-The functions OPENSSL_init_crypto and OPENSSL_atexit() returns 1 on success or
+-0 on error.
++The functions OPENSSL_init_crypto, OPENSSL_atexit() and
++OPENSSL_INIT_set_config_filename() return 1 on success or 0 on error.
+
+ =head1 SEE ALSO
+
+@@ -218,6 +219,16 @@ L<OPENSSL_init_ssl(3)>
+ =head1 HISTORY
+
+ The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(),
+-and OPENSSL_thread_stop() functions were added in OpenSSL 1.1.0.
++OPENSSL_thread_stop(), OPENSSL_init_new(), OPENSSL_INIT_set_config_filename()
++and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.
++
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/OPENSSL_instrument_bus.pod b/doc/crypto/OPENSSL_instrument_bus.pod
+index 4ed83e4..42286f1 100644
+--- a/doc/crypto/OPENSSL_instrument_bus.pod
++++ b/doc/crypto/OPENSSL_instrument_bus.pod
+@@ -40,3 +40,14 @@ not available on current platform. For reference, on x86 'flush cache
+ line' was introduced with the SSE2 extensions.
+
+ Otherwise number of recorded values is returned.
++
++=head1 COPYRIGHT
++
++Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/OPENSSL_load_builtin_modules.pod b/doc/crypto/OPENSSL_load_builtin_modules.pod
+index 20ca44c..112718a 100644
+--- a/doc/crypto/OPENSSL_load_builtin_modules.pod
++++ b/doc/crypto/OPENSSL_load_builtin_modules.pod
+@@ -24,15 +24,15 @@ ENGINE_add_conf_module() adds just the ENGINE configuration module.
+
+ =head1 NOTES
+
+-If the simple configuration function OPENSSL_config() is called then
++If the simple configuration function OPENSSL_config() is called then
+ OPENSSL_load_builtin_modules() is called automatically.
+
+ Applications which use the configuration functions directly will need to
+-call OPENSSL_load_builtin_modules() themselves I<before> any other
++call OPENSSL_load_builtin_modules() themselves I<before> any other
+ configuration code.
+
+ Applications should call OPENSSL_load_builtin_modules() to load all
+-configuration modules instead of adding modules selectively: otherwise
++configuration modules instead of adding modules selectively: otherwise
+ functionality may be missing from the application if an when new
+ modules are added.
+
+@@ -44,4 +44,13 @@ None of the functions return a value.
+
+ L<conf(3)>, L<OPENSSL_config(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OPENSSL_malloc.pod b/doc/crypto/OPENSSL_malloc.pod
+index 7ce00b2..ca21698 100644
+--- a/doc/crypto/OPENSSL_malloc.pod
++++ b/doc/crypto/OPENSSL_malloc.pod
+@@ -4,7 +4,7 @@
+
+ OPENSSL_malloc_init,
+ OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free,
+-OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse
++OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse,
+ CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free,
+ OPENSSL_strdup, OPENSSL_strndup,
+ OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat,
+@@ -94,10 +94,10 @@ before ultimately calling OPENSSL_free().
+
+ OPENSSL_cleanse() fills B<ptr> of size B<len> with a string of 0's.
+ Use OPENSSL_cleanse() with care if the memory is a mapping of a file.
+-If the storage controller uses write compression, then its possible
+-that sensitive tail bytes will survive zeroization because the block of
+-zeros will be compressed. If the storage controller uses wear leveling,
+-then the old sensitive data will not be overwritten; rather, a block of
++If the storage controller uses write compression, then its possible
++that sensitive tail bytes will survive zeroization because the block of
++zeros will be compressed. If the storage controller uses wear leveling,
++then the old sensitive data will not be overwritten; rather, a block of
+ 0's will be written at a new physical location.
+
+ OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the
+@@ -195,4 +195,13 @@ at once. I<This applies specially if OpenSSL was built with the
+ configuration option> C<crypto-mdebug> I<enabled. In case, swapping out
+ only, say, the malloc() implementation is outright dangerous.>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OPENSSL_secure_malloc.pod b/doc/crypto/OPENSSL_secure_malloc.pod
+index 2a04931..9bc05e5 100644
+--- a/doc/crypto/OPENSSL_secure_malloc.pod
++++ b/doc/crypto/OPENSSL_secure_malloc.pod
+@@ -16,13 +16,13 @@ CYRPTO_secure_malloc_used - secure heap storage
+
+ int CRYPTO_secure_malloc_initialized();
+
+- void CRYPTO_secure_malloc_done();
++ int CRYPTO_secure_malloc_done();
+
+- void *OPENSSL_secure_malloc(int num);
+- void *CRYPTO_secure_malloc(int num, const char *file, int line);
++ void *OPENSSL_secure_malloc(size_t num);
++ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+- void *OPENSSL_secure_zalloc(int num);
+- void *CRYPTO_secure_zalloc(int num, const char *file, int line);
++ void *OPENSSL_secure_zalloc(size_t num);
++ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+@@ -30,7 +30,7 @@ CYRPTO_secure_malloc_used - secure heap storage
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+ int OPENSSL_secure_allocated(const void *ptr);
+
+- size_t CYRPTO_secure_malloc_used();
++ size_t CYRPTO_secure_used();
+
+ =head1 DESCRIPTION
+
+@@ -49,14 +49,14 @@ put all intermediate values and computations there.
+ CRYPTO_secure_malloc_init() creates the secure heap, with the specified
+ C<size> in bytes. The C<minsize> parameter is the minimum size to
+ allocate from the heap. Both C<size> and C<minsize> must be a power
+-of two. It is an error to call this after any OPENSSL_secure_malloc()
+-calls have been made.
++of two.
+
+ CRYPTO_secure_malloc_initialized() indicates whether or not the secure
+ heap as been initialized and is available.
+
+ CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable
+-to the process. It can take noticeably long to complete.
++to the process if all secure memory has been freed.
++It can take noticeably long to complete.
+
+ OPENSSL_secure_malloc() allocates C<num> bytes from the heap.
+ If CRYPTO_secure_malloc_init() is not called, this is equivalent to
+@@ -83,7 +83,7 @@ OPENSSL_secure_actual_size() tells the actual size allocated to the
+ pointer; implementations may allocate more space than initially
+ requested, in order to "round up" and reduce secure heap fragmentation.
+
+-CRYPTO_secure_malloc_used() returns the number of bytes allocated in the
++CRYPTO_secure_used() returns the number of bytes allocated in the
+ secure heap.
+
+ =head1 RETURN VALUES
+@@ -94,7 +94,7 @@ mapping.
+
+ CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is
+ available (that is, if CRYPTO_secure_malloc_init() has been called,
+-but CRYPTO_secure_malloc_done() has not) or 0 if not.
++but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.
+
+ OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into
+ the secure heap of the requested size, or C<NULL> if memory could not be
+@@ -102,13 +102,9 @@ allocated.
+
+ CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.
+
+-CRYPTO_secure_malloc_done() and OPENSSL_secure_free()
+-return no values.
++CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.
+
+-=head1 BUGS
+-
+-The size parameters should be B<size_t> not B<int> and will be changed
+-in a future release.
++OPENSSL_secure_free() returns no values.
+
+ =head1 SEE ALSO
+
+@@ -116,4 +112,13 @@ L<OPENSSL_malloc(3)>,
+ L<BN_new(3)>,
+ L<bn_internal(3)>.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/OpenSSL_add_all_algorithms.pod b/doc/crypto/OpenSSL_add_all_algorithms.pod
+index 10f3b8f..aaa28dd 100644
+--- a/doc/crypto/OpenSSL_add_all_algorithms.pod
++++ b/doc/crypto/OpenSSL_add_all_algorithms.pod
+@@ -78,4 +78,13 @@ The OpenSSL_add_all_algorithms(), OpenSSL_add_all_ciphers(),
+ OpenSSL_add_all_digests(), and EVP_cleanup(), functions
+ were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto().
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/PEM_write_bio_CMS_stream.pod b/doc/crypto/PEM_write_bio_CMS_stream.pod
+index 35260c1..f6b0fed 100644
+--- a/doc/crypto/PEM_write_bio_CMS_stream.pod
++++ b/doc/crypto/PEM_write_bio_CMS_stream.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- PEM_write_bio_CMS_stream - output CMS_ContentInfo structure in PEM format.
++PEM_write_bio_CMS_stream - output CMS_ContentInfo structure in PEM format.
+
+ =head1 SYNOPSIS
+
+@@ -38,4 +38,13 @@ L<i2d_CMS_bio_stream(3)>
+
+ PEM_write_bio_CMS_stream() was added to OpenSSL 1.0.0
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/PEM_write_bio_PKCS7_stream.pod b/doc/crypto/PEM_write_bio_PKCS7_stream.pod
+index 121d418..175d724 100644
+--- a/doc/crypto/PEM_write_bio_PKCS7_stream.pod
++++ b/doc/crypto/PEM_write_bio_PKCS7_stream.pod
+@@ -38,4 +38,13 @@ L<i2d_PKCS7_bio_stream(3)>
+
+ PEM_write_bio_PKCS7_stream() was added to OpenSSL 1.0.0
+
++=head1 COPYRIGHT
++
++Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/PKCS12_create.pod b/doc/crypto/PKCS12_create.pod
+index 46b24c5..6408af1 100644
+--- a/doc/crypto/PKCS12_create.pod
++++ b/doc/crypto/PKCS12_create.pod
+@@ -9,7 +9,7 @@ PKCS12_create - create a PKCS#12 structure
+ #include <openssl/pkcs12.h>
+
+ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca,
+- int nid_key, int nid_cert, int iter, int mac_iter, int keytype);
++ int nid_key, int nid_cert, int iter, int mac_iter, int keytype);
+
+ =head1 DESCRIPTION
+
+@@ -55,7 +55,7 @@ certificate is required. In previous versions both had to be present or
+ a fatal error is returned.
+
+ B<nid_key> or B<nid_cert> can be set to -1 indicating that no encryption
+-should be used.
++should be used.
+
+ B<mac_iter> can be set to -1 and the MAC will then be omitted entirely.
+
+@@ -63,4 +63,13 @@ B<mac_iter> can be set to -1 and the MAC will then be omitted entirely.
+
+ L<d2i_PKCS12(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/PKCS12_newpass.pod b/doc/crypto/PKCS12_newpass.pod
+new file mode 100644
+index 0000000..b910511
+--- /dev/null
++++ b/doc/crypto/PKCS12_newpass.pod
+@@ -0,0 +1,103 @@
++=pod
++
++=head1 NAME
++
++PKCS12_newpass - change the password of a PKCS12 structure
++
++=head1 SYNOPSIS
++
++ #include <openssl/pkcs12.h>
++
++ int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
++
++=head1 DESCRIPTION
++
++PKCS12_newpass() changes the password of a PKCS12 structure.
++
++B<p12> is a pointer to a PKCS12 structure. B<oldpass> is the existing password
++and B<newpass> is the new password.
++
++=head1 RETURN VALUES
++
++PKCS12_newpass() returns 1 on success or 0 on failure. Applications can
++retrieve the most recent error from PKCS12_newpass() with ERR_get_error().
++
++=head1 EXAMPLE
++
++This example loads a PKCS#12 file, changes its password and writes out
++the result to a new file.
++
++ #include <stdio.h>
++ #include <stdlib.h>
++ #include <openssl/pem.h>
++ #include <openssl/err.h>
++ #include <openssl/pkcs12.h>
++
++ int main(int argc, char **argv)
++ {
++ FILE *fp;
++ PKCS12 *p12;
++ if (argc != 5) {
++ fprintf(stderr, "Usage: pkread p12file password newpass opfile\n");
++ return 1;
++ }
++ if ((fp = fopen(argv[1], "rb")) == NULL) {
++ fprintf(stderr, "Error opening file %s\n", argv[1]);
++ return 1;
++ }
++ p12 = d2i_PKCS12_fp(fp, NULL);
++ fclose(fp);
++ if (p12 == NULL) {
++ fprintf(stderr, "Error reading PKCS#12 file\n");
++ ERR_print_errors_fp(stderr);
++ return 1;
++ }
++ if (PKCS12_newpass(p12, argv[2], argv[3]) == 0) {
++ fprintf(stderr, "Error changing password\n");
++ ERR_print_errors_fp(stderr);
++ PKCS12_free(p12);
++ return 1;
++ }
++ if ((fp = fopen(argv[4], "wb")) == NULL) {
++ fprintf(stderr, "Error opening file %s\n", argv[4]);
++ PKCS12_free(p12);
++ return 1;
++ }
++ i2d_PKCS12_fp(fp, p12);
++ PKCS12_free(p12);
++ fclose(fp);
++ return 0;
++ }
++
++
++=head1 NOTES
++
++If the PKCS#12 structure does not have a password, then you must use the empty
++string "" for B<oldpass>. Using NULL for B<oldpass> will result in a
++PKCS12_newpass() failure.
++
++If the wrong password is used for B<oldpass> then the function will fail,
++with a MAC verification error. In rare cases the PKCS12 structure does not
++contain a MAC: in this case it will usually fail with a decryption padding
++error.
++
++=head1 BUGS
++
++The password format is a NULL terminated ASCII string which is converted to
++Unicode form internally. As a result some passwords cannot be supplied to
++this function.
++
++=head1 SEE ALSO
++
++L<PKCS12_create(3)>, L<ERR_get_error(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/PKCS12_parse.pod b/doc/crypto/PKCS12_parse.pod
+index f02220e..2dfa7e2 100644
+--- a/doc/crypto/PKCS12_parse.pod
++++ b/doc/crypto/PKCS12_parse.pod
+@@ -50,4 +50,13 @@ Attributes currently cannot be stored in the private key B<EVP_PKEY> structure.
+
+ L<d2i_PKCS12(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/PKCS5_PBKDF2_HMAC.pod b/doc/crypto/PKCS5_PBKDF2_HMAC.pod
+index b04e476..5cc2caa 100644
+--- a/doc/crypto/PKCS5_PBKDF2_HMAC.pod
++++ b/doc/crypto/PKCS5_PBKDF2_HMAC.pod
+@@ -14,8 +14,8 @@ PKCS5_PBKDF2_HMAC, PKCS5_PBKDF2_HMAC_SHA1 - password based derivation routines w
+ int keylen, unsigned char *out);
+
+ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
+- const unsigned char *salt, int saltlen, int iter,
+- int keylen, unsigned char *out);
++ const unsigned char *salt, int saltlen, int iter,
++ int keylen, unsigned char *out);
+
+ =head1 DESCRIPTION
+
+@@ -31,7 +31,7 @@ B<salt> is NULL, then B<saltlen> must be 0. The function will not
+ attempt to calculate the length of the B<salt> because it is not assumed to
+ be NULL terminated.
+
+-B<iter> is the iteration count and its value should be greater than or
++B<iter> is the iteration count and its value should be greater than or
+ equal to 1. RFC 2898 suggests an iteration count of at least 1000. Any
+ B<iter> less than 1 is treated as a single iteration.
+
+@@ -61,6 +61,13 @@ PKCS5_PBKDF2_HMAC() and PBKCS5_PBKDF2_HMAC_SHA1() return 1 on success or 0 on er
+ L<evp(3)>, L<rand(3)>,
+ L<EVP_BytesToKey(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
++
++Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/PKCS7_decrypt.pod b/doc/crypto/PKCS7_decrypt.pod
+index 90cf506..4ed8aa7 100644
+--- a/doc/crypto/PKCS7_decrypt.pod
++++ b/doc/crypto/PKCS7_decrypt.pod
+@@ -45,4 +45,13 @@ mentioned in PKCS7_sign() also applies to PKCS7_verify().
+
+ L<ERR_get_error(3)>, L<PKCS7_encrypt(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/PKCS7_encrypt.pod b/doc/crypto/PKCS7_encrypt.pod
+index 12475cf..4e1afc9 100644
+--- a/doc/crypto/PKCS7_encrypt.pod
++++ b/doc/crypto/PKCS7_encrypt.pod
+@@ -30,7 +30,7 @@ bit RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc()
+ respectively.
+
+ The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
+-its parameters.
++its parameters.
+
+ Many browsers implement a "sign and encrypt" option which is simply an S/MIME
+ envelopedData containing an S/MIME signed message. This can be readily produced
+@@ -55,7 +55,7 @@ suitable for streaming I/O: no data is read from the BIO B<in>.
+
+ If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
+ complete and outputting its contents via a function that does not
+-properly finalize the B<PKCS7> structure will give unpredictable
++properly finalize the B<PKCS7> structure will give unpredictable
+ results.
+
+ Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
+@@ -76,4 +76,13 @@ L<ERR_get_error(3)>, L<PKCS7_decrypt(3)>
+
+ The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/PKCS7_sign.pod b/doc/crypto/PKCS7_sign.pod
+index 2593ed1..b5a52da 100644
+--- a/doc/crypto/PKCS7_sign.pod
++++ b/doc/crypto/PKCS7_sign.pod
+@@ -15,7 +15,7 @@ PKCS7_sign - create a PKCS#7 signedData structure
+ PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
+ the certificate to sign with, B<pkey> is the corresponding private key.
+ B<certs> is an optional additional set of certificates to include in the PKCS#7
+-structure (for example any intermediate CAs in the chain).
++structure (for example any intermediate CAs in the chain).
+
+ The data to be signed is read from BIO B<data>.
+
+@@ -112,4 +112,13 @@ and B<pkey> parameters to be B<NULL> to be was added in OpenSSL 1.0.0
+
+ The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/PKCS7_sign_add_signer.pod b/doc/crypto/PKCS7_sign_add_signer.pod
+index 580a9a1..0be301e 100644
+--- a/doc/crypto/PKCS7_sign_add_signer.pod
++++ b/doc/crypto/PKCS7_sign_add_signer.pod
+@@ -44,7 +44,7 @@ digest value from the PKCS7 structure: to add a signer to an existing structure.
+ An error occurs if a matching digest value cannot be found to copy. The
+ returned PKCS7 structure will be valid and finalized when this flag is set.
+
+-If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
++If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
+ B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes
+ can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is
+ needed to finalize it.
+@@ -67,7 +67,7 @@ these algorithms is disabled then it will not be included.
+
+
+ PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
+-structure just added, this can be used to set additional attributes
++structure just added, this can be used to set additional attributes
+ before it is finalized.
+
+ =head1 RETURN VALUES
+@@ -84,4 +84,13 @@ L<PKCS7_final(3)>,
+
+ PPKCS7_sign_add_signer() was added to OpenSSL 1.0.0
+
++=head1 COPYRIGHT
++
++Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/PKCS7_verify.pod b/doc/crypto/PKCS7_verify.pod
+index b013e33..51694e7 100644
+--- a/doc/crypto/PKCS7_verify.pod
++++ b/doc/crypto/PKCS7_verify.pod
+@@ -61,7 +61,7 @@ Any of the following flags (ored together) can be passed in the B<flags> paramet
+ to change the default verify behaviour. Only the flag B<PKCS7_NOINTERN> is
+ meaningful to PKCS7_get0_signers().
+
+-If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
++If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
+ searched when locating the signer's certificate. This means that all the signers
+ certificates must be in the B<certs> parameter.
+
+@@ -86,7 +86,7 @@ certificates supplied in B<certs> then the verify will fail because the
+ signer cannot be found.
+
+ Care should be taken when modifying the default verify behaviour, for example
+-setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification
++setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification
+ and any signed message will be considered valid. This combination is however
+ useful if one merely wishes to write the content to B<out> and its validity
+ is not considered important.
+@@ -118,4 +118,13 @@ mentioned in PKCS7_sign() also applies to PKCS7_verify().
+
+ L<ERR_get_error(3)>, L<PKCS7_sign(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RAND_add.pod b/doc/crypto/RAND_add.pod
+index d54e1f5..9561c2a 100644
+--- a/doc/crypto/RAND_add.pod
++++ b/doc/crypto/RAND_add.pod
+@@ -68,4 +68,13 @@ The other functions do not return values.
+ L<rand(3)>, L<RAND_egd(3)>,
+ L<RAND_load_file(3)>, L<RAND_cleanup(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RAND_bytes.pod b/doc/crypto/RAND_bytes.pod
+index 03c6e7f..684215c 100644
+--- a/doc/crypto/RAND_bytes.pod
++++ b/doc/crypto/RAND_bytes.pod
+@@ -46,4 +46,13 @@ method.
+ L<rand(3)>, L<ERR_get_error(3)>,
+ L<RAND_add(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RAND_cleanup.pod b/doc/crypto/RAND_cleanup.pod
+index fd3f81c..2640c7d 100644
+--- a/doc/crypto/RAND_cleanup.pod
++++ b/doc/crypto/RAND_cleanup.pod
+@@ -30,4 +30,13 @@ L<rand(3)>
+
+ RAND_cleanup() was deprecated in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RAND_egd.pod b/doc/crypto/RAND_egd.pod
+index 4c68113..fcc57c0 100644
+--- a/doc/crypto/RAND_egd.pod
++++ b/doc/crypto/RAND_egd.pod
+@@ -75,4 +75,13 @@ success, and -1 if the connection failed. The PRNG state is not considered.
+ L<rand(3)>, L<RAND_add(3)>,
+ L<RAND_cleanup(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RAND_load_file.pod b/doc/crypto/RAND_load_file.pod
+index 6bc779a..133b8d2 100644
+--- a/doc/crypto/RAND_load_file.pod
++++ b/doc/crypto/RAND_load_file.pod
+@@ -45,4 +45,13 @@ error.
+
+ L<rand(3)>, L<RAND_add(3)>, L<RAND_cleanup(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RAND_set_rand_method.pod b/doc/crypto/RAND_set_rand_method.pod
+index 6a421a2..02fe90c 100644
+--- a/doc/crypto/RAND_set_rand_method.pod
++++ b/doc/crypto/RAND_set_rand_method.pod
+@@ -42,7 +42,7 @@ API is being used, so this function is no longer recommended.
+ void (*cleanup)(void);
+ void (*add)(const void *buf, int num, int entropy);
+ int (*pseudorand)(unsigned char *buf, int num);
+- int (*status)(void);
++ int (*status)(void);
+ } RAND_METHOD;
+
+ The components point to method implementations used by (or called by), in order,
+@@ -69,4 +69,13 @@ algorithms.
+
+ L<rand(3)>, L<engine(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_blinding_on.pod b/doc/crypto/RSA_blinding_on.pod
+index a323949..7258b08 100644
+--- a/doc/crypto/RSA_blinding_on.pod
++++ b/doc/crypto/RSA_blinding_on.pod
+@@ -36,4 +36,13 @@ RSA_blinding_off() returns no value.
+
+ L<rsa(3)>, L<rand(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_check_key.pod b/doc/crypto/RSA_check_key.pod
+index 8fd7d1f..69df864 100644
+--- a/doc/crypto/RSA_check_key.pod
++++ b/doc/crypto/RSA_check_key.pod
+@@ -73,4 +73,13 @@ L<ERR_get_error(3)>
+
+ RSA_check_key_ex() appeared after OpenSSL 1.0.2.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_generate_key.pod b/doc/crypto/RSA_generate_key.pod
+index 380bf12..aec321a 100644
+--- a/doc/crypto/RSA_generate_key.pod
++++ b/doc/crypto/RSA_generate_key.pod
+@@ -75,4 +75,13 @@ RSA_generate_key() goes into an infinite loop for illegal input values.
+ L<ERR_get_error(3)>, L<rand(3)>, L<rsa(3)>,
+ L<RSA_free(3)>, L<BN_generate_prime(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_get0_key.pod b/doc/crypto/RSA_get0_key.pod
+index 5caf9dd..19c7f3d 100644
+--- a/doc/crypto/RSA_get0_key.pod
++++ b/doc/crypto/RSA_get0_key.pod
+@@ -43,10 +43,13 @@ by the caller.
+
+ The B<n>, B<e> and B<d> parameter values can be set by calling
+ RSA_set0_key() and passing the new values for B<n>, B<e> and B<d> as
+-parameters to the function. Calling this function transfers the memory
+-management of the values to the RSA object, and therefore the values
+-that have been passed in should not be freed by the caller after this
+-function has been called.
++parameters to the function. The values B<n> and B<e> must be non-NULL
++the first time this function is called on a given RSA object. The
++value B<d> may be NULL. On subsequent calls any of these values may be
++NULL which means the corresponding RSA field is left untouched.
++Calling this function transfers the memory management of the values to
++the RSA object, and therefore the values that have been passed in
++should not be freed by the caller after this function has been called.
+
+ In a similar fashion, the B<p> and B<q> parameters can be obtained and
+ set with RSA_get0_factors() and RSA_set0_factors(), and the B<dmp1>,
+@@ -65,6 +68,14 @@ RSA object.
+ RSA_get0_engine() returns a handle to the ENGINE that has been set for
+ this RSA object, or NULL if no such ENGINE has been set.
+
++=head1 NOTES
++
++Values retrieved with RSA_get0_key() are owned by the RSA object used
++in the call and may therefore I<not> be passed to RSA_set0_key(). If
++needed, duplicate the received value using BN_dup() and pass the
++duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors()
++as well as RSA_get0_crt_params() and RSA_set0_crt_params().
++
+ =head1 RETURN VALUES
+
+ RSA_set0_key(), RSA_set0_factors and RSA_set0_crt_params() return 1 on
+@@ -83,4 +94,13 @@ L<rsa(3)>, L<RSA_new(3)>, L<RSA_size(3)>
+
+ The functions described here were added in OpenSSL version 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_meth_new.pod b/doc/crypto/RSA_meth_new.pod
+index e6499b7..c5a78fc 100644
+--- a/doc/crypto/RSA_meth_new.pod
++++ b/doc/crypto/RSA_meth_new.pod
+@@ -222,4 +222,13 @@ L<RSA_set_method(3)>, L<RSA_size(3)>, L<RSA_get0_key(3)>
+
+ The functions described here were added in OpenSSL version 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_new.pod b/doc/crypto/RSA_new.pod
+index 4910557..c3441ca 100644
+--- a/doc/crypto/RSA_new.pod
++++ b/doc/crypto/RSA_new.pod
+@@ -35,4 +35,13 @@ L<ERR_get_error(3)>, L<rsa(3)>,
+ L<RSA_generate_key(3)>,
+ L<RSA_new_method(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_padding_add_PKCS1_type_1.pod b/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
+index fe81e5f..3089944 100644
+--- a/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
++++ b/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
+@@ -110,4 +110,13 @@ L<RSA_public_encrypt(3)>,
+ L<RSA_private_decrypt(3)>,
+ L<RSA_sign(3)>, L<RSA_verify(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_print.pod b/doc/crypto/RSA_print.pod
+index df09726..fb5bcb7 100644
+--- a/doc/crypto/RSA_print.pod
++++ b/doc/crypto/RSA_print.pod
+@@ -40,4 +40,13 @@ These functions return 1 on success, 0 on error.
+
+ L<dh(3)>, L<dsa(3)>, L<rsa(3)>, L<BN_bn2bin(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_private_encrypt.pod b/doc/crypto/RSA_private_encrypt.pod
+index fa4830c..4b307a0 100644
+--- a/doc/crypto/RSA_private_encrypt.pod
++++ b/doc/crypto/RSA_private_encrypt.pod
+@@ -11,7 +11,7 @@ RSA_private_encrypt, RSA_public_decrypt - low level signature operations
+ int RSA_private_encrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+
+- int RSA_public_decrypt(int flen, unsigned char *from,
++ int RSA_public_decrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+
+ =head1 DESCRIPTION
+@@ -62,4 +62,13 @@ obtained by L<ERR_get_error(3)>.
+ L<ERR_get_error(3)>, L<rsa(3)>,
+ L<RSA_sign(3)>, L<RSA_verify(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_public_encrypt.pod b/doc/crypto/RSA_public_encrypt.pod
+index 57f1f18..c371dac 100644
+--- a/doc/crypto/RSA_public_encrypt.pod
++++ b/doc/crypto/RSA_public_encrypt.pod
+@@ -76,4 +76,13 @@ SSL, PKCS #1 v2.0
+ L<ERR_get_error(3)>, L<rand(3)>, L<rsa(3)>,
+ L<RSA_size(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_set_method.pod b/doc/crypto/RSA_set_method.pod
+index a3572f1..f8695ed 100644
+--- a/doc/crypto/RSA_set_method.pod
++++ b/doc/crypto/RSA_set_method.pod
+@@ -43,7 +43,7 @@ been set as a default for RSA, so this function is no longer recommended.
+
+ RSA_get_default_method() returns a pointer to the current default
+ RSA_METHOD. However, the meaningfulness of this result is dependent on
+-whether the ENGINE API is being used, so this function is no longer
++whether the ENGINE API is being used, so this function is no longer
+ recommended.
+
+ RSA_set_method() selects B<meth> to perform all operations using the key
+@@ -80,56 +80,56 @@ the default method is used.
+ typedef struct rsa_meth_st
+ {
+ /* name of the implementation */
+- const char *name;
++ const char *name;
+
+ /* encrypt */
+- int (*rsa_pub_enc)(int flen, unsigned char *from,
++ int (*rsa_pub_enc)(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+
+ /* verify arbitrary data */
+- int (*rsa_pub_dec)(int flen, unsigned char *from,
++ int (*rsa_pub_dec)(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+
+ /* sign arbitrary data */
+- int (*rsa_priv_enc)(int flen, unsigned char *from,
++ int (*rsa_priv_enc)(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+
+ /* decrypt */
+- int (*rsa_priv_dec)(int flen, unsigned char *from,
++ int (*rsa_priv_dec)(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+
+ /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
+ implementations) */
+- int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
++ int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+
+ /* compute r = a ^ p mod m (May be NULL for some implementations) */
+- int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
++ int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+ /* called at RSA_new */
+- int (*init)(RSA *rsa);
++ int (*init)(RSA *rsa);
+
+ /* called at RSA_free */
+- int (*finish)(RSA *rsa);
++ int (*finish)(RSA *rsa);
+
+ /* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
+ * operations, even if p,q,dmp1,dmq1,iqmp
+ * are NULL
+ * RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
+ */
+- int flags;
++ int flags;
+
+- char *app_data; /* ?? */
++ char *app_data; /* ?? */
+
+- int (*rsa_sign)(int type,
+- const unsigned char *m, unsigned int m_length,
+- unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+- int (*rsa_verify)(int dtype,
+- const unsigned char *m, unsigned int m_length,
+- const unsigned char *sigbuf, unsigned int siglen,
+- const RSA *rsa);
++ int (*rsa_sign)(int type,
++ const unsigned char *m, unsigned int m_length,
++ unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
++ int (*rsa_verify)(int dtype,
++ const unsigned char *m, unsigned int m_length,
++ const unsigned char *sigbuf, unsigned int siglen,
++ const RSA *rsa);
+ /* keygen. If NULL builtin RSA key generation will be used */
+- int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
++ int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+ } RSA_METHOD;
+
+@@ -168,4 +168,13 @@ not currently exist).
+
+ L<rsa(3)>, L<RSA_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_sign.pod b/doc/crypto/RSA_sign.pod
+index 94fae37..4c6f149 100644
+--- a/doc/crypto/RSA_sign.pod
++++ b/doc/crypto/RSA_sign.pod
+@@ -51,6 +51,15 @@ SSL, PKCS #1 v2.0
+
+ L<ERR_get_error(3)>,
+ L<rsa(3)>, L<RSA_private_encrypt(3)>,
+-L<RSA_public_decrypt(3)>
++L<RSA_public_decrypt(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod b/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
+index 2ba2b47..499bf43 100644
+--- a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
++++ b/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
+@@ -51,4 +51,13 @@ L<ERR_get_error(3)>,
+ L<rand(3)>, L<rsa(3)>, L<RSA_sign(3)>,
+ L<RSA_verify(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/RSA_size.pod b/doc/crypto/RSA_size.pod
+index eff8cdc..4ae29da 100644
+--- a/doc/crypto/RSA_size.pod
++++ b/doc/crypto/RSA_size.pod
+@@ -34,4 +34,13 @@ L<rsa(3)>, L<BN_num_bits(3)>
+
+ RSA_bits() was added in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/SMIME_read_CMS.pod b/doc/crypto/SMIME_read_CMS.pod
+index 4b7c14d..8e06e59 100644
+--- a/doc/crypto/SMIME_read_CMS.pod
++++ b/doc/crypto/SMIME_read_CMS.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- SMIME_read_CMS - parse S/MIME message.
++SMIME_read_CMS - parse S/MIME message.
+
+ =head1 SYNOPSIS
+
+@@ -63,4 +63,13 @@ L<SMIME_read_CMS(3)>, L<CMS_sign(3)>,
+ L<CMS_verify(3)>, L<CMS_encrypt(3)>
+ L<CMS_decrypt(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/SMIME_read_PKCS7.pod b/doc/crypto/SMIME_read_PKCS7.pod
+index e96038b..6e4db5a 100644
+--- a/doc/crypto/SMIME_read_PKCS7.pod
++++ b/doc/crypto/SMIME_read_PKCS7.pod
+@@ -66,4 +66,13 @@ L<SMIME_read_PKCS7(3)>, L<PKCS7_sign(3)>,
+ L<PKCS7_verify(3)>, L<PKCS7_encrypt(3)>
+ L<PKCS7_decrypt(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/SMIME_write_CMS.pod b/doc/crypto/SMIME_write_CMS.pod
+index 0895825..008143f 100644
+--- a/doc/crypto/SMIME_write_CMS.pod
++++ b/doc/crypto/SMIME_write_CMS.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- SMIME_write_CMS - convert CMS structure to S/MIME format.
++SMIME_write_CMS - convert CMS structure to S/MIME format.
+
+ =head1 SYNOPSIS
+
+@@ -57,4 +57,13 @@ L<ERR_get_error(3)>, L<CMS_sign(3)>,
+ L<CMS_verify(3)>, L<CMS_encrypt(3)>
+ L<CMS_decrypt(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/SMIME_write_PKCS7.pod b/doc/crypto/SMIME_write_PKCS7.pod
+index 6e272cf..1da51f7 100644
+--- a/doc/crypto/SMIME_write_PKCS7.pod
++++ b/doc/crypto/SMIME_write_PKCS7.pod
+@@ -58,4 +58,13 @@ L<ERR_get_error(3)>, L<PKCS7_sign(3)>,
+ L<PKCS7_verify(3)>, L<PKCS7_encrypt(3)>
+ L<PKCS7_decrypt(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509V3_get_d2i.pod b/doc/crypto/X509V3_get_d2i.pod
+index b502e81..30264ff 100644
+--- a/doc/crypto/X509V3_get_d2i.pod
++++ b/doc/crypto/X509V3_get_d2i.pod
+@@ -112,7 +112,7 @@ determine the precise reason by checking the value of B<*crit>.
+ The following sections contain a list of all supported extensions
+ including their name and NID.
+
+-=head2 PKIX CERTIFICATE EXTENSIONS
++=head2 PKIX Certificate Extensions
+
+ The following certificate extensions are defined in PKIX standards such as
+ RFC5280.
+@@ -141,7 +141,7 @@ RFC5280.
+
+ TLS Feature NID_tlsfeature
+
+-=head2 NETSCAPE CERTIFICATE EXTENSIONS
++=head2 Netscape Certificate Extensions
+
+ The following are (largely obsolete) Netscape certificate extensions.
+
+@@ -154,12 +154,12 @@ The following are (largely obsolete) Netscape certificate extensions.
+ Netscape SSL Server Name NID_netscape_ssl_server_name
+ Netscape Comment NID_netscape_comment
+
+-=head2 MISCELLANEOUS CERTIFICATE EXTENSIONS
++=head2 Miscellaneous Certificate Extensions
+
+ Strong Extranet ID NID_sxnet
+ Proxy Certificate Information NID_proxyCertInfo
+
+-=head2 PKIX CRL EXTENSIONS
++=head2 PKIX CRL Extensions
+
+ The following are CRL extensions from PKIX standards such as RFC5280.
+
+@@ -175,7 +175,7 @@ The following are CRL entry extensions from PKIX standards such as RFC5280.
+ CRL Reason Code NID_crl_reason
+ Certificate Issuer NID_certificate_issuer
+
+-=head2 OCSP EXTENSIONS
++=head2 OCSP Extensions
+
+ OCSP Nonce NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID NID_id_pkix_OCSP_CrlID
+@@ -185,7 +185,7 @@ The following are CRL entry extensions from PKIX standards such as RFC5280.
+ OCSP Service Locator NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code NID_hold_instruction_code
+
+-=head2 CERTIFICATE TRANSPARENCY EXTENSIONS
++=head2 Certificate Transparency Extensions
+
+ The following extensions are used by certificate transparency, RFC6962
+
+@@ -228,4 +228,13 @@ L<X509_new(3)>,
+ L<X509_sign(3)>,
+ L<X509_verify_cert(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_CRL_get0_by_serial.pod b/doc/crypto/X509_CRL_get0_by_serial.pod
+index d00dab9..1b32cd7 100644
+--- a/doc/crypto/X509_CRL_get0_by_serial.pod
++++ b/doc/crypto/X509_CRL_get0_by_serial.pod
+@@ -100,4 +100,13 @@ L<X509_sign(3)>,
+ L<X509V3_get_d2i(3)>,
+ L<X509_verify_cert(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_EXTENSION_set_object.pod b/doc/crypto/X509_EXTENSION_set_object.pod
+index 6afef2b..f3cf414 100644
+--- a/doc/crypto/X509_EXTENSION_set_object.pod
++++ b/doc/crypto/X509_EXTENSION_set_object.pod
+@@ -1,3 +1,5 @@
++=pod
++
+ =head1 NAME
+
+ X509_EXTENSION_set_object, X509_EXTENSION_set_critical,
+@@ -81,3 +83,14 @@ X509_EXTENSION_get_data() returns an B<ASN1_OCTET_STRING> pointer.
+ =head1 SEE ALSO
+
+ L<X509V3_get_d2i(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/X509_LOOKUP_hash_dir.pod b/doc/crypto/X509_LOOKUP_hash_dir.pod
+index dfb9e21..e9aafa3 100644
+--- a/doc/crypto/X509_LOOKUP_hash_dir.pod
++++ b/doc/crypto/X509_LOOKUP_hash_dir.pod
+@@ -51,7 +51,7 @@ L<X509_STORE_set_default_paths(3)>.
+
+
+ Functions return number of objects loaded from file or 0 in case of
+-error.
++error.
+
+ Both methods support adding several certificate locations into one
+ B<X509_STORE>.
+@@ -59,7 +59,7 @@ B<X509_STORE>.
+ This page documents certificate store formats used by these methods and
+ caching policy.
+
+-=head2 FILE METHOD
++=head2 File Method
+
+ The B<X509_LOOKUP_file> method loads all the certificates or CRLs
+ present in a file into memory at the time the file is added as a
+@@ -71,7 +71,7 @@ and CRLs.
+ This method should be used by applications which work with a small
+ set of CAs.
+
+-=head2 HASHED DIR METHOD
++=head2 Hashed Directory Method
+
+ B<X509_LOOKUP_hash_dir> is a more advanced method, which loads
+ certificates and CRLs on demand, and caches them in memory once
+@@ -118,5 +118,13 @@ L<X509_STORE_load_locations(3)>,
+ L<X609_store_add_lookup(3)>,
+ L<SSL_CTX_load_verify_locations(3)>,
+
+-=cut
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/X509_NAME_ENTRY_get_object.pod b/doc/crypto/X509_NAME_ENTRY_get_object.pod
+index 2cb96c5..363a89b 100644
+--- a/doc/crypto/X509_NAME_ENTRY_get_object.pod
++++ b/doc/crypto/X509_NAME_ENTRY_get_object.pod
+@@ -35,17 +35,17 @@ X509_NAME_ENTRY_set_data() sets the field value of B<ne> to string type
+ B<type> and value determined by B<bytes> and B<len>.
+
+ X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID()
+-and X509_NAME_ENTRY_create_by_OBJ() create and return an
++and X509_NAME_ENTRY_create_by_OBJ() create and return an
+ B<X509_NAME_ENTRY> structure.
+
+ =head1 NOTES
+
+ X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be
+-used to examine an B<X509_NAME_ENTRY> function as returned by
++used to examine an B<X509_NAME_ENTRY> function as returned by
+ X509_NAME_get_entry() for example.
+
+ X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID(),
+-and X509_NAME_ENTRY_create_by_OBJ() create and return an
++and X509_NAME_ENTRY_create_by_OBJ() create and return an
+
+ X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(),
+ X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data()
+@@ -60,15 +60,18 @@ X509_NAME_add_entry_by_txt(). So for example B<type> can be set to
+ B<MBSTRING_ASC> but in the case of X509_set_data() the field name must be
+ set first so the relevant field information can be looked up internally.
+
+-=head1 RETURN VALUES
+-
+ =head1 SEE ALSO
+
+ L<ERR_get_error(3)>, L<d2i_X509_NAME(3)>,
+ L<OBJ_nid2obj(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+-TBA
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/X509_NAME_add_entry_by_txt.pod b/doc/crypto/X509_NAME_add_entry_by_txt.pod
+index c10ea0f..0b00278 100644
+--- a/doc/crypto/X509_NAME_add_entry_by_txt.pod
++++ b/doc/crypto/X509_NAME_add_entry_by_txt.pod
+@@ -61,7 +61,7 @@ to 0. This adds a new entry to the end of B<name> as a single valued
+ RelativeDistinguishedName (RDN).
+
+ B<loc> actually determines the index where the new entry is inserted:
+-if it is -1 it is appended.
++if it is -1 it is appended.
+
+ B<set> determines how the new type is added. If it is zero a
+ new RDN is created.
+@@ -80,16 +80,16 @@ Create an B<X509_NAME> structure:
+ X509_NAME *nm;
+ nm = X509_NAME_new();
+ if (nm == NULL)
+- /* Some error */
+- if (!X509_NAME_add_entry_by_txt(nm, "C", MBSTRING_ASC,
+- "UK", -1, -1, 0))
+- /* Error */
++ /* Some error */
++ if (!X509_NAME_add_entry_by_txt(nm, "C", MBSTRING_ASC,
++ "UK", -1, -1, 0))
++ /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, "O", MBSTRING_ASC,
+- "Disorganized Organization", -1, -1, 0))
+- /* Error */
++ "Disorganized Organization", -1, -1, 0))
++ /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC,
+- "Joe Bloggs", -1, -1, 0))
+- /* Error */
++ "Joe Bloggs", -1, -1, 0))
++ /* Error */
+
+ =head1 RETURN VALUES
+
+@@ -111,6 +111,13 @@ can result in invalid field types its use is strongly discouraged.
+
+ L<ERR_get_error(3)>, L<d2i_X509_NAME(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/X509_NAME_get_index_by_NID.pod b/doc/crypto/X509_NAME_get_index_by_NID.pod
+index e6dfff3..e84642a 100644
+--- a/doc/crypto/X509_NAME_get_index_by_NID.pod
++++ b/doc/crypto/X509_NAME_get_index_by_NID.pod
+@@ -44,7 +44,7 @@ B<obj>, if no such entry exists -1 is returned. At most B<len> bytes
+ will be written and the text written to B<buf> will be null
+ terminated. The length of the output string written is returned
+ excluding the terminating null. If B<buf> is <NULL> then the amount
+-of space needed in B<buf> (excluding the final null) is returned.
++of space needed in B<buf> (excluding the final null) is returned.
+
+ =head1 NOTES
+
+@@ -76,10 +76,10 @@ Process all entries:
+ X509_NAME_ENTRY *e;
+
+ for (i = 0; i < X509_NAME_entry_count(nm); i++)
+- {
+- e = X509_NAME_get_entry(nm, i);
+- /* Do something with e */
+- }
++ {
++ e = X509_NAME_get_entry(nm, i);
++ /* Do something with e */
++ }
+
+ Process all commonName entries:
+
+@@ -88,13 +88,13 @@ Process all commonName entries:
+
+ loc = -1;
+ for (;;)
+- {
+- lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
+- if (lastpos == -1)
+- break;
+- e = X509_NAME_get_entry(nm, lastpos);
+- /* Do something with e */
+- }
++ {
++ lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
++ if (lastpos == -1)
++ break;
++ e = X509_NAME_get_entry(nm, lastpos);
++ /* Do something with e */
++ }
+
+ =head1 RETURN VALUES
+
+@@ -112,8 +112,13 @@ requested entry or B<NULL> if the index is invalid.
+
+ L<ERR_get_error(3)>, L<d2i_X509_NAME(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/X509_NAME_print_ex.pod b/doc/crypto/X509_NAME_print_ex.pod
+index 0d8e5fe..9e35c5c 100644
+--- a/doc/crypto/X509_NAME_print_ex.pod
++++ b/doc/crypto/X509_NAME_print_ex.pod
+@@ -11,7 +11,7 @@ X509_NAME_oneline - X509_NAME printing routines.
+
+ int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
+ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
+- char * X509_NAME_oneline(X509_NAME *a,char *buf,int size);
++ char * X509_NAME_oneline(X509_NAME *a,char *buf,int size);
+ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
+
+ =head1 DESCRIPTION
+@@ -27,7 +27,7 @@ X509_NAME_oneline() prints an ASCII version of B<a> to B<buf>. At most B<size>
+ bytes will be written. If B<buf> is B<NULL> then a buffer is dynamically allocated
+ and returned, otherwise B<buf> is returned.
+
+-X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase>
++X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase>
+ characters. Multiple lines are used if the output (including indent) exceeds
+ 80 characters.
+
+@@ -76,7 +76,7 @@ printed instead of the values.
+ If B<XN_FLAG_FN_ALIGN> is set then field names are padded to 20 characters: this
+ is only of use for multiline format.
+
+-Additionally all the options supported by ASN1_STRING_print_ex() can be used to
++Additionally all the options supported by ASN1_STRING_print_ex() can be used to
+ control how each field value is displayed.
+
+ In addition a number options can be set for commonly used formats.
+@@ -98,8 +98,13 @@ B<XN_FLAG_COMPAT> uses a format identical to X509_NAME_print(): in fact it calls
+
+ L<ASN1_STRING_print_ex(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/X509_PUBKEY.pod b/doc/crypto/X509_PUBKEY.pod
+index 7b85ffa..36da685 100644
+--- a/doc/crypto/X509_PUBKEY.pod
++++ b/doc/crypto/X509_PUBKEY.pod
+@@ -108,4 +108,13 @@ L<d2i_X509(3)>,
+ L<ERR_get_error(3)>,
+ L<X509_get_pubkey(3)>,
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_STORE_CTX_get_error.pod b/doc/crypto/X509_STORE_CTX_get_error.pod
+index 1cc6bb5..428e500 100644
+--- a/doc/crypto/X509_STORE_CTX_get_error.pod
++++ b/doc/crypto/X509_STORE_CTX_get_error.pod
+@@ -3,20 +3,24 @@
+ =head1 NAME
+
+ X509_STORE_CTX_get_error, X509_STORE_CTX_set_error,
+-X509_STORE_CTX_get_error_depth, X509_STORE_CTX_get_current_cert,
+-X509_STORE_CTX_get0_cert,
+-X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information
++X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth,
++X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert,
++X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain,
++X509_verify_cert_error_string - get or set certificate verification status
++information
+
+ =head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+ #include <openssl/x509_vfy.h>
+
+- int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+- void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
+- int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+- X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+- X509 * X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
++ int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
++ void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
++ int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
++ void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
++ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
++ void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
++ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+@@ -39,11 +43,27 @@ non-negative integer representing where in the certificate chain the error
+ occurred. If it is zero it occurred in the end entity certificate, one if
+ it is the certificate which signed the end entity certificate and so on.
+
+-X509_STORE_CTX_get0_cert() returns the leaf certificate being verified.
++X509_STORE_CTX_set_error_depth() sets the error B<depth>.
++This can be used in combination with X509_STORE_CTX_set_error() to set the
++depth at which an error condition was detected.
+
+ X509_STORE_CTX_get_current_cert() returns the certificate in B<ctx> which
+ caused the error or B<NULL> if no certificate is relevant.
+
++X509_STORE_CTX_set_current_cert() sets the certificate B<x> in B<ctx> which
++caused the error.
++This value is not intended to remain valid for very long, and remains owned by
++the caller.
++It may be examined by a verification callback invoked to handle each error
++encountered during chain verification and is no longer required after such a
++callback.
++If a callback wishes the save the certificate for use after it returns, it
++needs to increment its reference count via L<X509_up_ref(3)>.
++Once such a I<saved> certificate is no longer needed it can be freed with
++L<X509_free(3)>.
++
++X509_STORE_CTX_get0_cert() returns the leaf certificate being verified.
++
+ X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous
+ call to X509_verify_cert() is successful. If the call to X509_verify_cert()
+ is B<not> successful the returned chain may be incomplete or invalid. The
+@@ -302,10 +322,17 @@ thread safe but will never happen unless an invalid code is passed.
+
+ =head1 SEE ALSO
+
+-L<X509_verify_cert(3)>
++L<X509_verify_cert(3)>,
++L<X509_up_ref(3)>,
++L<X509_free(3)>.
++
++=head1 COPYRIGHT
+
+-=head1 HISTORY
++Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+-TBA
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/X509_STORE_CTX_new.pod b/doc/crypto/X509_STORE_CTX_new.pod
+index 17517b3..7b9952c 100644
+--- a/doc/crypto/X509_STORE_CTX_new.pod
++++ b/doc/crypto/X509_STORE_CTX_new.pod
+@@ -24,7 +24,7 @@ X509_STORE_CTX_get_verify - X509_STORE_CTX initialisation
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+- X509 *x509, STACK_OF(X509) *chain);
++ X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+@@ -47,6 +47,7 @@ X509_STORE_CTX_get_verify - X509_STORE_CTX initialisation
+ X509_STORE_CTX_verify X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify verify);
+
++ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify verify);
+
+ =head1 DESCRIPTION
+
+@@ -115,6 +116,23 @@ find an appropriate set of parameters from B<name>.
+ X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates
+ that were used in building the chain following a call to X509_verify_cert().
+
++X509_STORE_CTX_set_verify() provides the capability for overriding the default
++verify function. This function is responsible for verifying chain signatures and
++expiration times. X509_STORE_CTX_get_verify() obtains the current verify
++function being used.
++
++X509_STORE_set_verify() works in the same way as for X509_STORE_CTX_set_verify()
++but sets the default verify function to be used by all X509_STORE_CTX objects
++created for this X509_STORE.
++
++A verify function is defined as an X509_STORE_CTX_verify type which has the
++following signature:
++
++ int (*verify)(X509_STORE_CTX *);
++
++This function should receive the current X509_STORE_CTX as a parameter and
++return 1 on success or 0 on failure.
++
+ =head1 NOTES
+
+ The certificates and CRLs in a store are used internally and should B<not>
+@@ -147,6 +165,9 @@ X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.
+ X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates
+ used.
+
++X509_STORE_CTX_get_verify() returns the current verify function in use for this
++X509_STORE_CTX.
++
+ =head1 SEE ALSO
+
+ L<X509_verify_cert(3)>
+@@ -156,5 +177,17 @@ L<X509_VERIFY_PARAM_set_flags(3)>
+
+ X509_STORE_CTX_set0_crls() was first added to OpenSSL 1.0.0
+ X509_STORE_CTX_get_num_untrusted() was first added to OpenSSL 1.1.0
++X509_STORE_set_verify() wsa first added to OpenSSL 1.1.0. It was previously
++available as a macro X509_STORE_set_verify_func(). This macro still exists but
++simply calls this function.
++
++=head1 COPYRIGHT
++
++Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/X509_STORE_CTX_set_verify_cb.pod b/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
+index e89b806..1305f32 100644
+--- a/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
++++ b/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
+@@ -14,7 +14,7 @@ X509_STORE_CTX_set_verify_cb - get and set verification callback
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+- X509_STORE_CTX_verify_cb verify_cb);
++ X509_STORE_CTX_verify_cb verify_cb);
+
+ =head1 DESCRIPTION
+
+@@ -68,92 +68,92 @@ X509_STORE_CTX_set_verify_cb() does not return a value.
+ Default callback operation:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+- {
+- return ok;
+- }
++ {
++ return ok;
++ }
+
+ Simple example, suppose a certificate in the chain is expired and we wish
+ to continue after this error:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+- {
+- /* Tolerate certificate expiration */
+- if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+- return 1;
+- /* Otherwise don't override */
+- return ok;
+- }
++ {
++ /* Tolerate certificate expiration */
++ if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
++ return 1;
++ /* Otherwise don't override */
++ return ok;
++ }
+
+ More complex example, we don't wish to continue after B<any> certificate has
+ expired just one specific case:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+- {
+- int err = X509_STORE_CTX_get_error(ctx);
+- X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+- if (err == X509_V_ERR_CERT_HAS_EXPIRED)
+- {
+- if (check_is_acceptable_expired_cert(err_cert)
+- return 1;
+- }
+- return ok;
+- }
++ {
++ int err = X509_STORE_CTX_get_error(ctx);
++ X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
++ if (err == X509_V_ERR_CERT_HAS_EXPIRED)
++ {
++ if (check_is_acceptable_expired_cert(err_cert)
++ return 1;
++ }
++ return ok;
++ }
+
+ Full featured logging callback. In this case the B<bio_err> is assumed to be
+ a global logging B<BIO>, an alternative would to store a BIO in B<ctx> using
+ B<ex_data>.
+-
++
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+- {
+- X509 *err_cert;
+- int err,depth;
+-
+- err_cert = X509_STORE_CTX_get_current_cert(ctx);
+- err = X509_STORE_CTX_get_error(ctx);
+- depth = X509_STORE_CTX_get_error_depth(ctx);
+-
+- BIO_printf(bio_err,"depth=%d ",depth);
+- if (err_cert)
+- {
+- X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+- 0, XN_FLAG_ONELINE);
+- BIO_puts(bio_err, "\n");
+- }
+- else
+- BIO_puts(bio_err, "<no cert>\n");
+- if (!ok)
+- BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+- X509_verify_cert_error_string(err));
+- switch (err)
+- {
+- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+- BIO_puts(bio_err,"issuer= ");
+- X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+- 0, XN_FLAG_ONELINE);
+- BIO_puts(bio_err, "\n");
+- break;
+- case X509_V_ERR_CERT_NOT_YET_VALID:
+- case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+- BIO_printf(bio_err,"notBefore=");
+- ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
+- BIO_printf(bio_err,"\n");
+- break;
+- case X509_V_ERR_CERT_HAS_EXPIRED:
+- case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+- BIO_printf(bio_err,"notAfter=");
+- ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
+- BIO_printf(bio_err,"\n");
+- break;
+- case X509_V_ERR_NO_EXPLICIT_POLICY:
+- policies_print(bio_err, ctx);
+- break;
+- }
+- if (err == X509_V_OK && ok == 2)
+- /* print out policies */
+-
+- BIO_printf(bio_err,"verify return:%d\n",ok);
+- return(ok);
+- }
++ {
++ X509 *err_cert;
++ int err,depth;
++
++ err_cert = X509_STORE_CTX_get_current_cert(ctx);
++ err = X509_STORE_CTX_get_error(ctx);
++ depth = X509_STORE_CTX_get_error_depth(ctx);
++
++ BIO_printf(bio_err,"depth=%d ",depth);
++ if (err_cert)
++ {
++ X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
++ 0, XN_FLAG_ONELINE);
++ BIO_puts(bio_err, "\n");
++ }
++ else
++ BIO_puts(bio_err, "<no cert>\n");
++ if (!ok)
++ BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
++ X509_verify_cert_error_string(err));
++ switch (err)
++ {
++ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
++ BIO_puts(bio_err,"issuer= ");
++ X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
++ 0, XN_FLAG_ONELINE);
++ BIO_puts(bio_err, "\n");
++ break;
++ case X509_V_ERR_CERT_NOT_YET_VALID:
++ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
++ BIO_printf(bio_err,"notBefore=");
++ ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
++ BIO_printf(bio_err,"\n");
++ break;
++ case X509_V_ERR_CERT_HAS_EXPIRED:
++ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
++ BIO_printf(bio_err,"notAfter=");
++ ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
++ BIO_printf(bio_err,"\n");
++ break;
++ case X509_V_ERR_NO_EXPLICIT_POLICY:
++ policies_print(bio_err, ctx);
++ break;
++ }
++ if (err == X509_V_OK && ok == 2)
++ /* print out policies */
++
++ BIO_printf(bio_err,"verify return:%d\n",ok);
++ return(ok);
++ }
+
+ =head1 SEE ALSO
+
+@@ -161,4 +161,13 @@ L<X509_STORE_CTX_get_error(3)>
+ L<X509_STORE_set_verify_cb_func(3)>
+ L<X509_STORE_CTX_get_ex_new_index(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_STORE_get0_param.pod b/doc/crypto/X509_STORE_get0_param.pod
+new file mode 100644
+index 0000000..2144f2b
+--- /dev/null
++++ b/doc/crypto/X509_STORE_get0_param.pod
+@@ -0,0 +1,57 @@
++=pod
++
++=head1 NAME
++
++X509_STORE_get0_param, X509_STORE_set1_param,
++X509_STORE_get0_objects - X509_STORE setter and getter functions
++
++=head1 SYNOPSIS
++
++ #include <openssl/x509_vfy.h>
++
++ X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
++ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
++ STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *ctx);
++
++=head1 DESCRIPTION
++
++X509_STORE_set1_param() sets the verification parameters
++to B<pm> for B<ctx>.
++
++X509_STORE_get0_param() retrieves an internal pointer to the verification
++parameters for B<ctx>. The returned pointer must not be freed by the
++calling application
++
++X509_STORE_get0_objects() retrieve an internal pointer to the store's
++X509 object cache. The cache contains B<X509> and B<X509_CRL> objects. The
++returned pointer must not be freed by the calling application.
++
++
++=head1 RETURN VALUES
++
++X509_STORE_get0_param() returns a pointer to an
++B<X509_VERIFY_PARAM> structure.
++
++X509_STORE_set1_param() returns 1 for success and 0 for failure.
++
++X509_STORE_get0_objects() returns a pointer to a stack of B<X509_OBJECT>.
++
++=head1 SEE ALSO
++
++L<X509_STORE_new(3)>
++
++=head1 HISTORY
++
++B<X509_STORE_get0_param> and B<X509_STORE_get0_objects> were added in
++OpenSSL version 1.1.0.
++
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/X509_STORE_new.pod b/doc/crypto/X509_STORE_new.pod
+index 37cabb5..0d0656f 100644
+--- a/doc/crypto/X509_STORE_new.pod
++++ b/doc/crypto/X509_STORE_new.pod
+@@ -32,5 +32,19 @@ X509_STORE_free() does not return values.
+ =head1 SEE ALSO
+
+ L<X509_STORE_set_verify_cb_func(3)>
++L<X509_STORE_get0_param(3)>
++
++=head1 HISTORY
++
++The B<X509_STORE_up_ref> function was added in OpenSSL 1.1.0
++
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/X509_STORE_set_verify_cb_func.pod b/doc/crypto/X509_STORE_set_verify_cb_func.pod
+index 67092db..7e66b23 100644
+--- a/doc/crypto/X509_STORE_set_verify_cb_func.pod
++++ b/doc/crypto/X509_STORE_set_verify_cb_func.pod
+@@ -9,10 +9,10 @@ X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb - set verification callb
+ #include <openssl/x509_vfy.h>
+
+ void X509_STORE_set_verify_cb(X509_STORE *st,
+- int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
++ int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+- int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
++ int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+ =head1 DESCRIPTION
+
+@@ -24,14 +24,14 @@ is implemented as a macro.
+
+ =head1 NOTES
+
+-The verification callback from an B<X509_STORE> is inherited by
++The verification callback from an B<X509_STORE> is inherited by
+ the corresponding B<X509_STORE_CTX> structure when it is initialized. This can
+-be used to set the verification callback when the B<X509_STORE_CTX> is
++be used to set the verification callback when the B<X509_STORE_CTX> is
+ otherwise inaccessible (for example during S/MIME verification).
+
+ =head1 BUGS
+
+-The macro version of this function was the only one available before
++The macro version of this function was the only one available before
+ OpenSSL 1.0.0.
+
+ =head1 RETURN VALUES
+@@ -48,4 +48,13 @@ L<CMS_verify(3)>
+
+ X509_STORE_set_verify_cb() was added to OpenSSL 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
+index 04f5215..4b8e177 100644
+--- a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
++++ b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
+@@ -11,7 +11,7 @@ X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_ge
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+ unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+- unsigned long flags);
++ unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+@@ -20,9 +20,9 @@ X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_ge
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+- ASN1_OBJECT *policy);
+- int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+- STACK_OF(ASN1_OBJECT) *policies);
++ ASN1_OBJECT *policy);
++ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
++ STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+@@ -32,22 +32,22 @@ X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_ge
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+- const char *name, size_t namelen);
++ const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+ const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+- unsigned int flags);
++ unsigned int flags);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+- const char *email, size_t emaillen);
++ const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+- const unsigned char *ip, size_t iplen);
++ const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);
+
+ =head1 DESCRIPTION
+
+ These functions manipulate the B<X509_VERIFY_PARAM> structure associated with
+-a certificate verification operation.
++a certificate verification operation.
+
+ The X509_VERIFY_PARAM_set_flags() function sets the flags in B<param> by oring
+ it with B<flags>. See the B<VERIFICATION FLAGS> section for a complete
+@@ -61,7 +61,7 @@ X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B<param>
+ to B<purpose>. This determines the acceptable purpose of the certificate
+ chain, for example SSL client or SSL server.
+
+-X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
++X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
+ B<trust>.
+
+ X509_VERIFY_PARAM_set_time() sets the verification time in B<param> to
+@@ -177,7 +177,7 @@ The verification flags consists of zero or more of the following flags
+ ored together.
+
+ B<X509_V_FLAG_CRL_CHECK> enables CRL checking for the certificate chain leaf
+-certificate. An error occurs if a suitable CRL cannot be found.
++certificate. An error occurs if a suitable CRL cannot be found.
+
+ B<X509_V_FLAG_CRL_CHECK_ALL> enables CRL checking for the entire certificate
+ chain.
+@@ -251,7 +251,7 @@ X509_STORE_CTX_set_flags().
+ =head1 BUGS
+
+ Delta CRL checking is currently primitive. Only a single delta can be used and
+-(partly due to limitations of B<X509_STORE>) constructed CRLs are not
++(partly due to limitations of B<X509_STORE>) constructed CRLs are not
+ maintained.
+
+ If CRLs checking is enable CRLs are expected to be available in the
+@@ -260,7 +260,7 @@ CRLs from the CRL distribution points extension.
+
+ =head1 EXAMPLE
+
+-Enable CRL checking when performing certificate verification during SSL
++Enable CRL checking when performing certificate verification during SSL
+ connections associated with an B<SSL_CTX> structure B<ctx>:
+
+ X509_VERIFY_PARAM *param;
+@@ -282,4 +282,13 @@ The B<X509_V_FLAG_NO_ALT_CHAINS> flag was added in OpenSSL 1.1.0
+ The legacy B<X509_V_FLAG_CB_ISSUER_CHECK> flag is deprecated as of
+ OpenSSL 1.1.0, and has no effect.
+
++=head1 COPYRIGHT
++
++Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_check_ca.pod b/doc/crypto/X509_check_ca.pod
+index 87b6c26..fbeacde 100644
+--- a/doc/crypto/X509_check_ca.pod
++++ b/doc/crypto/X509_check_ca.pod
+@@ -33,4 +33,13 @@ L<X509_verify_cert(3)>,
+ L<X509_check_issued(3)>,
+ L<X509_check_purpose(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_check_host.pod b/doc/crypto/X509_check_host.pod
+index d35ade8..9384815 100644
+--- a/doc/crypto/X509_check_host.pod
++++ b/doc/crypto/X509_check_host.pod
+@@ -9,11 +9,11 @@ X509_check_host, X509_check_email, X509_check_ip, X509_check_ip_asc - X.509 cert
+ #include <openssl/x509.h>
+
+ int X509_check_host(X509 *, const char *name, size_t namelen,
+- unsigned int flags, char **peername);
++ unsigned int flags, char **peername);
+ int X509_check_email(X509 *, const char *address, size_t addresslen,
+- unsigned int flags);
++ unsigned int flags);
+ int X509_check_ip(X509 *, const unsigned char *address, size_t addresslen,
+- unsigned int flags);
++ unsigned int flags);
+ int X509_check_ip_asc(X509 *, const char *address, unsigned int flags);
+
+ =head1 DESCRIPTION
+@@ -145,4 +145,13 @@ L<X509_VERIFY_PARAM_set1_ipasc(3)>
+
+ These functions were added in OpenSSL 1.0.2.
+
++=head1 COPYRIGHT
++
++Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_check_issued.pod b/doc/crypto/X509_check_issued.pod
+index 0830e82..8e4b111 100644
+--- a/doc/crypto/X509_check_issued.pod
++++ b/doc/crypto/X509_check_issued.pod
+@@ -15,7 +15,7 @@ certificate
+ =head1 DESCRIPTION
+
+ This function checks if certificate I<subject> was issued using CA
+-certificate I<issuer>. This function takes into account not only
++certificate I<issuer>. This function takes into account not only
+ matching of issuer field of I<subject> with subject field of I<issuer>,
+ but also compares B<authorityKeyIdentifier> extension of I<subject> with
+ B<subjectKeyIdentifier> of I<issuer> if B<authorityKeyIdentifier>
+@@ -33,4 +33,13 @@ L<X509_verify_cert(3)>,
+ L<X509_check_ca(3)>,
+ L<verify(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_get0_signature.pod b/doc/crypto/X509_get0_signature.pod
+index 8758684..d86f238 100644
+--- a/doc/crypto/X509_get0_signature.pod
++++ b/doc/crypto/X509_get0_signature.pod
+@@ -82,4 +82,13 @@ X509_REQ_get0_signature(), X509_REQ_get_signature_nid(),
+ X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were first added
+ to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_get0_uids.pod b/doc/crypto/X509_get0_uids.pod
+index a61c267..ccdded6 100644
+--- a/doc/crypto/X509_get0_uids.pod
++++ b/doc/crypto/X509_get0_uids.pod
+@@ -44,4 +44,13 @@ L<X509_sign(3)>,
+ L<X509V3_get_d2i(3)>,
+ L<X509_verify_cert(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_get_extension_flags.pod b/doc/crypto/X509_get_extension_flags.pod
+index c6e2486..ac17795 100644
+--- a/doc/crypto/X509_get_extension_flags.pod
++++ b/doc/crypto/X509_get_extension_flags.pod
+@@ -127,4 +127,13 @@ is absent or an error occurred during parsing.
+
+ L<X509_check_purpose(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_get_pubkey.pod b/doc/crypto/X509_get_pubkey.pod
+index c2fb5c0..4fe7dbc 100644
+--- a/doc/crypto/X509_get_pubkey.pod
++++ b/doc/crypto/X509_get_pubkey.pod
+@@ -3,8 +3,8 @@
+ =head1 NAME
+
+ X509_get_pubkey, X509_get0_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY,
+-X509_REQ_get_pubkey, X509_REQ_get0_pubkey, X509_REQ_set_pubkey,
+-X509_REQ_get_X509_PUBKEY - get or set certificate or certificate request
++X509_REQ_get_pubkey, X509_REQ_get0_pubkey, X509_REQ_set_pubkey,
++X509_REQ_get_X509_PUBKEY - get or set certificate or certificate request
+ public key.
+
+ =head1 SYNOPSIS
+@@ -37,7 +37,7 @@ must not be freed up after use.
+ X509_set_pubkey() attempts to set the public key for certificate B<x> to
+ B<pkey>. The key B<pkey> should be freed up after use.
+
+-X509_REQ_get_pubkey(), X509_REQ_get0_pubkey(), X509_REQ_set_pubkey() and
++X509_REQ_get_pubkey(), X509_REQ_get0_pubkey(), X509_REQ_set_pubkey() and
+ X509_REQ_get_X509_PUBKEY() are similar but operate on certificate request B<req>.
+
+ =head1 NOTES
+@@ -75,6 +75,13 @@ L<X509_sign(3)>,
+ L<X509V3_get_d2i(3)>,
+ L<X509_verify_cert(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/X509_get_serialNumber.pod b/doc/crypto/X509_get_serialNumber.pod
+index 42ba257..f51e30d 100644
+--- a/doc/crypto/X509_get_serialNumber.pod
++++ b/doc/crypto/X509_get_serialNumber.pod
+@@ -52,4 +52,13 @@ L<X509_verify_cert(3)>
+ X509_get_serialNumber() and X509_set_serialNumber() are available in
+ all versions of OpenSSL.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_get_subject_name.pod b/doc/crypto/X509_get_subject_name.pod
+index dcbf969..8f1b30c 100644
+--- a/doc/crypto/X509_get_subject_name.pod
++++ b/doc/crypto/X509_get_subject_name.pod
+@@ -74,4 +74,13 @@ L<X509_sign(3)>,
+ L<X509V3_get_d2i(3)>,
+ L<X509_verify_cert(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_get_version.pod b/doc/crypto/X509_get_version.pod
+index b02f12b..1878967 100644
+--- a/doc/crypto/X509_get_version.pod
++++ b/doc/crypto/X509_get_version.pod
+@@ -71,4 +71,13 @@ L<X509_verify_cert(3)>
+ X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() are
+ functions in OpenSSL 1.1.0, in previous versions they were macros.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_new.pod b/doc/crypto/X509_new.pod
+index 8db6cdb..0b9126e 100644
+--- a/doc/crypto/X509_new.pod
++++ b/doc/crypto/X509_new.pod
+@@ -10,7 +10,7 @@ X509_new, X509_free, X509_up_ref - X509 certificate ASN1 allocation functions
+
+ X509 *X509_new(void);
+ void X509_free(X509 *a);
+- void X509_up_ref(X509 *a);
++ int X509_up_ref(X509 *a);
+ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x);
+
+ =head1 DESCRIPTION
+@@ -46,7 +46,7 @@ If the allocation fails, X509_new() returns B<NULL> and sets an error
+ code that can be obtained by L<ERR_get_error(3)>.
+ Otherwise it returns a pointer to the newly allocated structure.
+
+-X509_free() and X509_up_ref() do not return a value.
++X509_up_ref() returns 1 for success and 0 for failure.
+
+ X509_chain_up_ref() returns a copy of the stack or B<NULL> if an error
+ occurred.
+@@ -70,4 +70,13 @@ L<X509_sign(3)>,
+ L<X509V3_get_d2i(3)>,
+ L<X509_verify_cert(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_sign.pod b/doc/crypto/X509_sign.pod
+index fa24360..59fa175 100644
+--- a/doc/crypto/X509_sign.pod
++++ b/doc/crypto/X509_sign.pod
+@@ -87,4 +87,13 @@ versions of OpenSSL.
+ X509_sign_ctx(), X509_REQ_sign_ctx() and X509_CRL_sign_ctx() were first added
+ to OpenSSL 1.0.1.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509_verify_cert.pod b/doc/crypto/X509_verify_cert.pod
+index a84ef00..74acf8d 100644
+--- a/doc/crypto/X509_verify_cert.pod
++++ b/doc/crypto/X509_verify_cert.pod
+@@ -31,12 +31,13 @@ Applications rarely call this function directly but it is used by
+ OpenSSL internally for certificate validation, in both the S/MIME and
+ SSL/TLS code.
+
+-The negative return value from X509_verify_cert() can only occur if no
+-certificate is set in B<ctx> (due to a programming error); if X509_verify_cert()
+-twice without reinitialising B<ctx> in between; or if a retry
+-operation is requested during internal lookups (which never happens with
+-standard lookup methods). It is however recommended that application check
+-for <= 0 return value on error.
++A negative return value from X509_verify_cert() can occur if it is invoked
++incorrectly, such as with no certificate set in B<ctx>, or when it is called
++twice in succession without reinitialising B<ctx> for the second call.
++A negative return value can also happen due to internal resource problems or if
++a retry operation is requested during internal lookups (which never happens
++with standard lookup methods).
++Applications must check for <= 0 return value on error.
+
+ =head1 BUGS
+
+@@ -47,4 +48,13 @@ functions which use B<x509_vfy.h>.
+
+ L<X509_STORE_CTX_get_error(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/X509v3_get_ext_by_NID.pod b/doc/crypto/X509v3_get_ext_by_NID.pod
+index b11d663..11ff8a3 100644
+--- a/doc/crypto/X509v3_get_ext_by_NID.pod
++++ b/doc/crypto/X509v3_get_ext_by_NID.pod
+@@ -75,7 +75,7 @@ extension after B<lastpos> or from the beginning if <lastpos> is B<-1>. If
+ the extension is found its index is returned otherwise B<-1> is returned.
+
+ X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it
+-looks for an extension of criticality B<crit>. A zero value for B<crit>
++looks for an extension of criticality B<crit>. A zero value for B<crit>
+ looks for a non-critical extension a non-zero value looks for a critical
+ extension.
+
+@@ -140,3 +140,14 @@ field is absent it will return B<NULL>: this is B<not> an error condition.
+ =head1 SEE ALSO
+
+ L<X509V3_get_d2i(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/bio.pod b/doc/crypto/bio.pod
+index fc1da92..cf44a74 100644
+--- a/doc/crypto/bio.pod
++++ b/doc/crypto/bio.pod
+@@ -8,9 +8,6 @@ bio - I/O abstraction
+
+ #include <openssl/bio.h>
+
+-TBA
+-
+-
+ =head1 DESCRIPTION
+
+ A BIO is an I/O abstraction, it hides many of the underlying I/O
+@@ -53,3 +50,14 @@ L<BIO_s_mem(3)>,
+ L<BIO_s_null(3)>, L<BIO_s_socket(3)>,
+ L<BIO_set_callback(3)>,
+ L<BIO_should_retry(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/blowfish.pod b/doc/crypto/blowfish.pod
+index 25b954c..182cb87 100644
+--- a/doc/crypto/blowfish.pod
++++ b/doc/crypto/blowfish.pod
+@@ -14,12 +14,12 @@ BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption
+ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ BF_KEY *key, int enc);
+ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
+- long length, BF_KEY *schedule, unsigned char *ivec, int enc);
++ long length, BF_KEY *schedule, unsigned char *ivec, int enc);
+ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+- long length, BF_KEY *schedule, unsigned char *ivec, int *num,
++ long length, BF_KEY *schedule, unsigned char *ivec, int *num,
+ int enc);
+ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+- long length, BF_KEY *schedule, unsigned char *ivec, int *num);
++ long length, BF_KEY *schedule, unsigned char *ivec, int *num);
+ const char *BF_options(void);
+
+ void BF_encrypt(BF_LONG *data,const BF_KEY *key);
+@@ -52,7 +52,7 @@ everything after the first 64 bits is ignored.
+
+ The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt()
+ all operate on variable length data. They all take an initialization vector
+-B<ivec> which needs to be passed along into the next call of the same function
++B<ivec> which needs to be passed along into the next call of the same function
+ for the same message. B<ivec> may be initialized with anything, but the
+ recipient needs to know what it was initialized with, or it won't be able
+ to decrypt. Some programs and protocols simplify this, like SSH, where
+@@ -105,4 +105,13 @@ functions directly.
+ L<EVP_EncryptInit(3)>,
+ L<des_modes(7)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/bn.pod b/doc/crypto/bn.pod
+index 37d638d..6d87d11 100644
+--- a/doc/crypto/bn.pod
++++ b/doc/crypto/bn.pod
+@@ -129,24 +129,24 @@ bn - multiprecision integer arithmetics
+ BN_CTX *ctx);
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+- BIGNUM *mod);
++ BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+- BN_CTX *ctx);
++ BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n,const BIGNUM *r,BN_BLINDING *b,
+- BN_CTX *ctx);
++ BN_CTX *ctx);
+ unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
+ void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+- const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+- int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
+- BN_MONT_CTX *m_ctx);
++ const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
++ int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
++ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
++ BN_MONT_CTX *m_ctx);
+
+ =head1 DESCRIPTION
+
+@@ -185,4 +185,13 @@ L<BN_mod_mul_reciprocal(3)>,
+ L<BN_mod_mul_montgomery(3)>,
+ L<BN_BLINDING_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/bn_internal.pod b/doc/crypto/bn_internal.pod
+index e609a08..07e72aa 100644
+--- a/doc/crypto/bn_internal.pod
++++ b/doc/crypto/bn_internal.pod
+@@ -95,8 +95,8 @@ is the number of words being used, so for a value of 4, bn.d[0]=4 and
+ bn.top=1. B<neg> is 1 if the number is negative. When a B<BIGNUM> is
+ B<0>, the B<d> field can be B<NULL> and B<top> == B<0>.
+
+-B<flags> is a bit field of flags which are defined in C<openssl/bn.h>. The
+-flags begin with B<BN_FLG_>. The macros BN_set_flags(b,n) and
++B<flags> is a bit field of flags which are defined in C<openssl/bn.h>. The
++flags begin with B<BN_FLG_>. The macros BN_set_flags(b,n) and
+ BN_get_flags(b,n) exist to enable or fetch flag(s) B<n> from B<BIGNUM>
+ structure B<b>.
+
+@@ -235,4 +235,13 @@ and bn_set_max() are defined as empty macros.
+
+ L<bn(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/buffer.pod b/doc/crypto/buffer.pod
+index a2543e8..16fe3da 100644
+--- a/doc/crypto/buffer.pod
++++ b/doc/crypto/buffer.pod
+@@ -17,9 +17,9 @@ standard C library equivalents
+
+ BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
+
+- void BUF_MEM_free(BUF_MEM *a);
++ void BUF_MEM_free(BUF_MEM *a);
+
+- int BUF_MEM_grow(BUF_MEM *str, int len);
++ int BUF_MEM_grow(BUF_MEM *str, int len);
+
+ =head1 DESCRIPTION
+
+@@ -56,4 +56,13 @@ L<CRYPTO_secure_malloc(3)>.
+
+ BUF_MEM_new_ex() was added in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/crypto.pod b/doc/crypto/crypto.pod
+index 6e23c1a..7870fb8 100644
+--- a/doc/crypto/crypto.pod
++++ b/doc/crypto/crypto.pod
+@@ -4,8 +4,6 @@
+
+ crypto - OpenSSL cryptographic library
+
+-=head1 SYNOPSIS
+-
+ =head1 DESCRIPTION
+
+ The OpenSSL B<crypto> library implements a wide range of cryptographic
+@@ -46,4 +44,13 @@ so both (B<x> and B<obj> above) should be freed up.
+
+ L<openssl(1)>, L<ssl(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/d2i_ASN1_OBJECT.pod b/doc/crypto/d2i_ASN1_OBJECT.pod
+index 32c6b05..331335e 100644
+--- a/doc/crypto/d2i_ASN1_OBJECT.pod
++++ b/doc/crypto/d2i_ASN1_OBJECT.pod
+@@ -22,8 +22,13 @@ described in the L<d2i_X509(3)> manual page.
+
+ L<d2i_X509(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/d2i_CMS_ContentInfo.pod b/doc/crypto/d2i_CMS_ContentInfo.pod
+index e3142cb..4f1d90f 100644
+--- a/doc/crypto/d2i_CMS_ContentInfo.pod
++++ b/doc/crypto/d2i_CMS_ContentInfo.pod
+@@ -22,4 +22,13 @@ described in the L<d2i_X509(3)> manual page.
+
+ L<d2i_X509(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/d2i_DHparams.pod b/doc/crypto/d2i_DHparams.pod
+index f13d0b5..6ef62fb 100644
+--- a/doc/crypto/d2i_DHparams.pod
++++ b/doc/crypto/d2i_DHparams.pod
+@@ -23,8 +23,13 @@ described in the L<d2i_X509(3)> manual page.
+
+ L<d2i_X509(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/d2i_DSAPublicKey.pod b/doc/crypto/d2i_DSAPublicKey.pod
+index 1344b00..d38f131 100644
+--- a/doc/crypto/d2i_DSAPublicKey.pod
++++ b/doc/crypto/d2i_DSAPublicKey.pod
+@@ -66,7 +66,7 @@ i2d_X509() described in the L<d2i_X509(3)> manual page.
+ The B<DSA> structure passed to the private key encoding functions should have
+ all the private key components present.
+
+-The data encoded by the private key functions is unencrypted and therefore
++The data encoded by the private key functions is unencrypted and therefore
+ offers no private key security.
+
+ The B<DSA_PUBKEY> functions should be used in preference to the B<DSAPublicKey>
+@@ -84,8 +84,13 @@ B<priv_key> fields respectively.
+
+ L<d2i_X509(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/d2i_ECPKParameters.pod b/doc/crypto/d2i_ECPKParameters.pod
+index abb6f4f..560795f 100644
+--- a/doc/crypto/d2i_ECPKParameters.pod
++++ b/doc/crypto/d2i_ECPKParameters.pod
+@@ -15,7 +15,7 @@ d2i_ECPKParameters, i2d_ECPKParameters, d2i_ECPKParameters_bio, i2d_ECPKParamete
+ #define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
+ (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
+ #define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
+- (unsigned char *)(x))
++ (unsigned char *)(x))
+ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
+ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
+
+@@ -25,7 +25,7 @@ d2i_ECPKParameters, i2d_ECPKParameters, d2i_ECPKParameters_bio, i2d_ECPKParamete
+ The ECPKParameters encode and decode routines encode and parse the public parameters for an
+ B<EC_GROUP> structure, which represents a curve.
+
+-d2i_ECPKParameters() attempts to decode B<len> bytes at B<*in>. If
++d2i_ECPKParameters() attempts to decode B<len> bytes at B<*in>. If
+ successful a pointer to the B<EC_GROUP> structure is returned. If an error
+ occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
+ returned structure is written to B<*px>. If B<*px> is not B<NULL>
+@@ -38,7 +38,7 @@ i2d_ECPKParameters() encodes the structure pointed to by B<x> into DER format.
+ If B<out> is not B<NULL> is writes the DER encoded data to the buffer
+ at B<*out>, and increments it to point after the data just written.
+ If the return value is negative an error occurred, otherwise it
+-returns the length of the encoded data.
++returns the length of the encoded data.
+
+ If B<*out> is B<NULL> memory will be allocated for a buffer and the encoded
+ data written to it. In this case B<*out> is not incremented and it points to
+@@ -73,7 +73,7 @@ i2d_ECPKParameters() returns the number of bytes successfully encoded or a negat
+ value if an error occurs.
+
+ i2d_ECPKParameters_bio(), i2d_ECPKParameters_fp(), ECPKParameters_print and ECPKParameters_print_fp
+-return 1 for success and 0 if an error occurs.
++return 1 for success and 0 if an error occurs.
+
+ =head1 SEE ALSO
+
+@@ -81,4 +81,13 @@ L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>, L<EC_GROUP_copy(3)>,
+ L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+ L<EC_GFp_simple_method(3)>, L<d2i_X509(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/d2i_ECPrivateKey.pod b/doc/crypto/d2i_ECPrivateKey.pod
+index 0859579..6cd24f2 100644
+--- a/doc/crypto/d2i_ECPrivateKey.pod
++++ b/doc/crypto/d2i_ECPrivateKey.pod
+@@ -64,4 +64,13 @@ L<EC_GFp_simple_method(3)>,
+ L<d2i_ECPKParameters(3)>,
+ L<d2i_ECPrivateKey(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/d2i_PKCS8PrivateKey.pod b/doc/crypto/d2i_PKCS8PrivateKey.pod
+index cc20479..9170fd5 100644
+--- a/doc/crypto/d2i_PKCS8PrivateKey.pod
++++ b/doc/crypto/d2i_PKCS8PrivateKey.pod
+@@ -14,20 +14,20 @@ i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private
+ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+- char *kstr, int klen,
+- pem_password_cb *cb, void *u);
++ char *kstr, int klen,
++ pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+- char *kstr, int klen,
+- pem_password_cb *cb, void *u);
++ char *kstr, int klen,
++ pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+- char *kstr, int klen,
+- pem_password_cb *cb, void *u);
++ char *kstr, int klen,
++ pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+- char *kstr, int klen,
+- pem_password_cb *cb, void *u);
++ char *kstr, int klen,
++ pem_password_cb *cb, void *u);
+
+ =head1 DESCRIPTION
+
+@@ -49,4 +49,13 @@ to memory BIOs, see L<BIO_s_mem(3)> for details.
+
+ L<pem(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/d2i_PrivateKey.pod b/doc/crypto/d2i_PrivateKey.pod
+new file mode 100644
+index 0000000..efadaeb
+--- /dev/null
++++ b/doc/crypto/d2i_PrivateKey.pod
+@@ -0,0 +1,68 @@
++=pod
++
++=head1 NAME
++
++d2i_Private_key, d2i_AutoPrivateKey, i2d_PrivateKey - decode and encode
++functions for reading and saving EVP_PKEY structures.
++
++=head1 SYNOPSIS
++
++ #include <openssl/evp.h>
++
++ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
++ long length);
++ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
++ long length);
++ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
++
++=head1 DESCRIPTION
++
++d2i_PrivateKey() decodes a private key using algorithm B<type>. It attempts to
++use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The
++B<type> parameter should be a public key algorithm constant such as
++B<EVP_PKEY_RSA>. An error occurs if the decoded key does not match B<type>.
++
++d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to
++automatically detect the private key format.
++
++i2d_PrivateKey() encodes B<key>. It uses a key specific format or, if none is
++defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format.
++
++These functions are similar to the d2i_X509() functions, and you should refer to
++that page for a detailed description (see L<d2i_X509(3)>).
++
++=head1 NOTES
++
++All these functions use DER format and unencrypted keys. Applications wishing
++to encrypt or decrypt private keys should use other functions such as
++d2i_PKC8PrivateKey() instead.
++
++If the B<*a> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey()
++(i.e. an existing structure is being reused) and the key format is PKCS#8
++then B<*a> will be freed and replaced on a successful call.
++
++=head1 RETURN VALUES
++
++d2i_PrivateKey() and d2i_AutoPrivateKey() return a valid B<EVP_KEY> structure
++or B<NULL> if an error occurs. The error code can be obtained by calling
++L<ERR_get_error(3)>.
++
++i2d_PrivateKey() returns the number of bytes successfully encoded or a
++negative value if an error occurs. The error code can be obtained by calling
++L<ERR_get_error(3)>.
++
++=head1 SEE ALSO
++
++L<crypto(3)>,
++L<d2i_PKCS8PrivateKey(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/d2i_RSAPublicKey.pod b/doc/crypto/d2i_RSAPublicKey.pod
+index 946fe0f..8b6e12d 100644
+--- a/doc/crypto/d2i_RSAPublicKey.pod
++++ b/doc/crypto/d2i_RSAPublicKey.pod
+@@ -60,8 +60,8 @@ described in the L<d2i_X509(3)> manual page.
+ The B<RSA> structure passed to the private key encoding functions should have
+ all the PKCS#1 private key components present.
+
+-The data encoded by the private key functions is unencrypted and therefore
+-offers no private key security.
++The data encoded by the private key functions is unencrypted and therefore
++offers no private key security.
+
+ The NET format functions are present to provide compatibility with certain very
+ old software. This format has some severe security weaknesses and should be
+@@ -71,8 +71,13 @@ avoided if possible.
+
+ L<d2i_X509(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/d2i_X509.pod b/doc/crypto/d2i_X509.pod
+index 3cd2509..422edfc 100644
+--- a/doc/crypto/d2i_X509.pod
++++ b/doc/crypto/d2i_X509.pod
+@@ -9,8 +9,10 @@ i2d_X509_fp - X509 encode and decode functions
+
+ #include <openssl/x509.h>
+
+- X509 *d2i_X509(X509 **px, const unsigned char **in, int len);
++ X509 *d2i_X509(X509 **px, const unsigned char **in, long len);
++ X509 *d2i_X509_AUX(X509 **px, const unsigned char **in, long len);
+ int i2d_X509(X509 *x, unsigned char **out);
++ int i2d_X509_AUX(X509 *x, unsigned char **out);
+
+ X509 *d2i_X509_bio(BIO *bp, X509 **x);
+ X509 *d2i_X509_fp(FILE *fp, X509 **x);
+@@ -25,7 +27,7 @@ i2d_X509_fp - X509 encode and decode functions
+ The X509 encode and decode routines encode and parse an
+ B<X509> structure, which represents an X509 certificate.
+
+-d2i_X509() attempts to decode B<len> bytes at B<*in>. If
++d2i_X509() attempts to decode B<len> bytes at B<*in>. If
+ successful a pointer to the B<X509> structure is returned. If an error
+ occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
+ returned structure is written to B<*px>. If B<*px> is not B<NULL>
+@@ -37,17 +39,27 @@ below, and the discussion in the RETURN VALUES section).
+ If the call is successful B<*in> is incremented to the byte following the
+ parsed data.
+
++d2i_X509_AUX() is similar to d2i_X509() but the input is expected to consist of
++an X509 certificate followed by auxiliary trust information.
++This is used by the PEM routines to read "TRUSTED CERTIFICATE" objects.
++This function should not be called on untrusted input.
++
+ i2d_X509() encodes the structure pointed to by B<x> into DER format.
+ If B<out> is not B<NULL> is writes the DER encoded data to the buffer
+ at B<*out>, and increments it to point after the data just written.
+ If the return value is negative an error occurred, otherwise it
+-returns the length of the encoded data.
++returns the length of the encoded data.
+
+ If B<*out> is B<NULL> memory will be
+ allocated for a buffer and the encoded data written to it. In this
+ case B<*out> is not incremented and it points to the start of the
+ data just written.
+
++i2d_X509_AUX() is similar to i2d_X509(), but the encoded output contains both
++the certificate and any auxiliary trust information.
++This is used by the PEM routines to write "TRUSTED CERTIFICATE" objects.
++Note, this is a non-standard OpenSSL-specific data format.
++
+ d2i_X509_bio() is similar to d2i_X509() except it attempts
+ to parse data from BIO B<bp>.
+
+@@ -103,7 +115,7 @@ Allocate and encode the DER encoding of an X509 structure:
+ buf = NULL;
+ len = i2d_X509(x, &buf);
+ if (len < 0)
+- /* error */
++ /* error */
+
+ Attempt to decode a buffer:
+
+@@ -143,7 +155,7 @@ mistake is to attempt to use a buffer directly as follows:
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ if (buf == NULL)
+- /* error */
++ /* error */
+
+ i2d_X509(x, &buf);
+ /* Other stuff ... */
+@@ -159,7 +171,7 @@ Another trap to avoid is misuse of the B<xp> argument to d2i_X509():
+ X509 *x;
+
+ if (!d2i_X509(&x, &p, len))
+- /* Some error */
++ /* Some error */
+
+ This will probably crash somewhere in d2i_X509(). The reason for this
+ is that the variable B<x> is uninitialized and an attempt will be made to
+@@ -169,7 +181,7 @@ happen.
+
+ =head1 BUGS
+
+-In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when
++In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when
+ B<*px> is valid is broken and some parts of the reused structure may
+ persist if they are not present in the new one. As a result the use
+ of this "reuse" behaviour is strongly discouraged.
+@@ -207,10 +219,10 @@ state.
+
+ i2d_X509() returns the number of bytes successfully encoded or a negative
+ value if an error occurs. The error code can be obtained by
+-L<ERR_get_error(3)>.
++L<ERR_get_error(3)>.
+
+-i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error
+-occurs The error code can be obtained by L<ERR_get_error(3)>.
++i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error
++occurs The error code can be obtained by L<ERR_get_error(3)>.
+
+ =head1 SEE ALSO
+
+@@ -231,4 +243,13 @@ L<X509_sign(3)>,
+ L<X509V3_get_d2i(3)>,
+ L<X509_verify_cert(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/d2i_X509_ALGOR.pod b/doc/crypto/d2i_X509_ALGOR.pod
+index fb8a75d..01fc506 100644
+--- a/doc/crypto/d2i_X509_ALGOR.pod
++++ b/doc/crypto/d2i_X509_ALGOR.pod
+@@ -48,8 +48,13 @@ encodings and non-zero otherwise.
+
+ L<d2i_X509(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/d2i_X509_CRL.pod b/doc/crypto/d2i_X509_CRL.pod
+index 96f5a4d..ac6ffef 100644
+--- a/doc/crypto/d2i_X509_CRL.pod
++++ b/doc/crypto/d2i_X509_CRL.pod
+@@ -32,8 +32,13 @@ described in the L<d2i_X509(3)> manual page.
+
+ L<d2i_X509(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/d2i_X509_NAME.pod b/doc/crypto/d2i_X509_NAME.pod
+index d1d32df..f30ebab 100644
+--- a/doc/crypto/d2i_X509_NAME.pod
++++ b/doc/crypto/d2i_X509_NAME.pod
+@@ -32,14 +32,23 @@ the encoding of an B<X509_NAME> structure without copying it.
+
+ =head1 RETURN VALUES
+
+-=head1 SEE ALSO
+-
+ The meanings of the return values of d2i_X509_NAME() and i2d_X509_NAME()
+ are similar to those for d2i_X509() and i2d_X509().
+
+ The function X509_NAME_get0_der() returns 1 for success and 0 if an error
+ occurred.
+
++=head1 SEE ALSO
++
+ L<d2i_X509(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/d2i_X509_REQ.pod b/doc/crypto/d2i_X509_REQ.pod
+index 0d66da7..23d3c5f 100644
+--- a/doc/crypto/d2i_X509_REQ.pod
++++ b/doc/crypto/d2i_X509_REQ.pod
+@@ -32,8 +32,13 @@ described in the L<d2i_X509(3)> manual page.
+
+ L<d2i_X509(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/d2i_X509_SIG.pod b/doc/crypto/d2i_X509_SIG.pod
+index 08d0876..ac1abe3 100644
+--- a/doc/crypto/d2i_X509_SIG.pod
++++ b/doc/crypto/d2i_X509_SIG.pod
+@@ -29,8 +29,13 @@ value in B<sig>. These values can then be examined or initialised.
+
+ L<d2i_X509(3)>
+
+-=head1 HISTORY
++=head1 COPYRIGHT
+
+-TBA
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/des.pod b/doc/crypto/des.pod
+index 19b6662..7ccadbc 100644
+--- a/doc/crypto/des.pod
++++ b/doc/crypto/des.pod
+@@ -10,7 +10,7 @@ DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt,
+ DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt,
+ DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt,
+ DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys,
+-DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
++DES_fcrypt, DES_crypt - DES encryption
+
+ =head1 SYNOPSIS
+
+@@ -28,16 +28,16 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+- void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
++ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks, int enc);
+- void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
++ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+- void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+- DES_key_schedule *ks1, DES_key_schedule *ks2,
++ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
++ DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3, int enc);
+
+- void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+- long length, DES_key_schedule *schedule, DES_cblock *ivec,
++ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
++ long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+ int numbits, long length, DES_key_schedule *schedule,
+@@ -45,8 +45,8 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+ int numbits, long length, DES_key_schedule *schedule,
+ DES_cblock *ivec);
+- void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+- long length, DES_key_schedule *schedule, DES_cblock *ivec,
++ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
++ long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
+@@ -55,8 +55,8 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ int *num);
+
+- void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+- long length, DES_key_schedule *schedule, DES_cblock *ivec,
++ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
++ long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input,
+@@ -73,18 +73,18 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
+ unsigned char *output, long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec,
+ int enc);
+- void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
++ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3, DES_cblock *ivec, int *num, int enc);
+- void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+- long length, DES_key_schedule *ks1,
+- DES_key_schedule *ks2, DES_key_schedule *ks3,
++ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
++ long length, DES_key_schedule *ks1,
++ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num);
+
+- DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+- long length, DES_key_schedule *schedule,
++ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
++ long length, DES_key_schedule *schedule,
+ const_DES_cblock *ivec);
+- DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
++ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+ long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1,
+@@ -93,11 +93,6 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);
+
+- int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
+- DES_cblock *iv);
+- int DES_enc_write(int fd, const void *buf, int len,
+- DES_key_schedule *sched, DES_cblock *iv);
+-
+ =head1 DESCRIPTION
+
+ This library contains a fast implementation of the DES encryption
+@@ -132,7 +127,7 @@ depend on a global variable.
+ DES_set_odd_parity() sets the parity of the passed I<key> to odd.
+
+ DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it
+-is ok.
++is ok.
+
+ The following routines mostly operate on an input and output stream of
+ I<DES_cblock>s.
+@@ -256,25 +251,6 @@ containing the length of the following encrypted data. The encrypted
+ data then follows, padded with random data out to a multiple of 8
+ bytes.
+
+-DES_enc_read() is used to read I<len> bytes from file descriptor
+-I<fd> into buffer I<buf>. The data being read from I<fd> is assumed to
+-have come from DES_enc_write() and is decrypted using I<sched> for
+-the key schedule and I<iv> for the initial vector.
+-
+-B<Warning:> The data format used by DES_enc_write() and DES_enc_read()
+-has a cryptographic weakness: When asked to write more than MAXWRITE
+-bytes, DES_enc_write() will split the data into several chunks that
+-are all encrypted using the same IV. So don't use these functions
+-unless you are sure you know what you do (in which case you might not
+-want to use them anyway). They cannot handle non-blocking sockets.
+-DES_enc_read() uses an internal state and thus cannot be used on
+-multiple files.
+-
+-I<DES_rw_mode> is used to specify the encryption mode to use with
+-DES_enc_read() and DES_end_write(). If set to I<DES_PCBC_MODE> (the
+-default), DES_pcbc_encrypt is used. If set to I<DES_CBC_MODE>
+-DES_cbc_encrypt is used.
+-
+ =head1 BUGS
+
+ DES_3cbc_encrypt() is flawed and must not be used in applications.
+@@ -317,4 +293,13 @@ not suitable for most applications; see L<des_modes(7)>.
+ L<des_modes(7)>,
+ L<EVP_EncryptInit(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/des_modes.pod b/doc/crypto/des_modes.pod
+index bd6a358..5107b77 100644
+--- a/doc/crypto/des_modes.pod
++++ b/doc/crypto/des_modes.pod
+@@ -240,16 +240,24 @@ This text was been written in large parts by Eric Young in his original
+ documentation for SSLeay, the predecessor of OpenSSL. In turn, he attributed
+ it to:
+
+- AS 2805.5.2
+- Australian Standard
+- Electronic funds transfer - Requirements for interfaces,
+- Part 5.2: Modes of operation for an n-bit block cipher algorithm
+- Appendix A
++ AS 2805.5.2
++ Australian Standard
++ Electronic funds transfer - Requirements for interfaces,
++ Part 5.2: Modes of operation for an n-bit block cipher algorithm
++ Appendix A
+
+ =head1 SEE ALSO
+
+ L<blowfish(3)>, L<des(3)>, L<idea(3)>,
+ L<rc2(3)>
+
+-=cut
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/dh.pod b/doc/crypto/dh.pod
+index b1eaa48..b56c27c 100644
+--- a/doc/crypto/dh.pod
++++ b/doc/crypto/dh.pod
+@@ -9,15 +9,15 @@ dh - Diffie-Hellman key agreement
+ #include <openssl/dh.h>
+ #include <openssl/engine.h>
+
+- DH * DH_new(void);
+- void DH_free(DH *dh);
++ DH * DH_new(void);
++ void DH_free(DH *dh);
+
+- DH * DH_generate_parameters(int prime_len, int generator,
+- void (*callback)(int, int, void *), void *cb_arg);
+- int DH_check(const DH *dh, int *codes);
++ DH * DH_generate_parameters(int prime_len, int generator,
++ void (*callback)(int, int, void *), void *cb_arg);
++ int DH_check(const DH *dh, int *codes);
+
+- int DH_generate_key(DH *dh);
+- int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
++ int DH_generate_key(DH *dh);
++ int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
+
+ void DH_set_default_method(const DH_METHOD *meth);
+ const DH_METHOD *DH_get_default_method(void);
+@@ -25,11 +25,11 @@ dh - Diffie-Hellman key agreement
+ DH *DH_new_method(ENGINE *engine);
+ const DH_METHOD *DH_OpenSSL(void);
+
+- DH * d2i_DHparams(DH **a, unsigned char **pp, long length);
+- int i2d_DHparams(const DH *a, unsigned char **pp);
++ DH * d2i_DHparams(DH **a, unsigned char **pp, long length);
++ int i2d_DHparams(const DH *a, unsigned char **pp);
+
+- int DHparams_print_fp(FILE *fp, const DH *x);
+- int DHparams_print(BIO *bp, const DH *x);
++ int DHparams_print_fp(FILE *fp, const DH *x);
++ int DHparams_print(BIO *bp, const DH *x);
+
+ =head1 DESCRIPTION
+
+@@ -56,6 +56,15 @@ L<DH_set_method(3)>, L<DH_new(3)>,
+ L<DH_get_ex_new_index(3)>,
+ L<DH_generate_parameters(3)>,
+ L<DH_compute_key(3)>, L<DH_get0_pqg(3)>, L<DH_meth_new(3)>, L<d2i_DHparams(3)>,
+-L<RSA_print(3)>
++L<RSA_print(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/dsa.pod b/doc/crypto/dsa.pod
+index 9cf1c49..2850c1d 100644
+--- a/doc/crypto/dsa.pod
++++ b/doc/crypto/dsa.pod
+@@ -9,25 +9,25 @@ dsa - Digital Signature Algorithm
+ #include <openssl/dsa.h>
+ #include <openssl/engine.h>
+
+- DSA * DSA_new(void);
+- void DSA_free(DSA *dsa);
++ DSA * DSA_new(void);
++ void DSA_free(DSA *dsa);
+
+- int DSA_size(const DSA *dsa);
++ int DSA_size(const DSA *dsa);
+
+- DSA * DSA_generate_parameters(int bits, unsigned char *seed,
++ DSA * DSA_generate_parameters(int bits, unsigned char *seed,
+ int seed_len, int *counter_ret, unsigned long *h_ret,
+- void (*callback)(int, int, void *), void *cb_arg);
++ void (*callback)(int, int, void *), void *cb_arg);
+
+- DH * DSA_dup_DH(const DSA *r);
++ DH * DSA_dup_DH(const DSA *r);
+
+- int DSA_generate_key(DSA *dsa);
++ int DSA_generate_key(DSA *dsa);
+
+- int DSA_sign(int dummy, const unsigned char *dgst, int len,
+- unsigned char *sigret, unsigned int *siglen, DSA *dsa);
+- int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
++ int DSA_sign(int dummy, const unsigned char *dgst, int len,
++ unsigned char *sigret, unsigned int *siglen, DSA *dsa);
++ int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
+ BIGNUM **rp);
+- int DSA_verify(int dummy, const unsigned char *dgst, int len,
+- const unsigned char *sigbuf, int siglen, DSA *dsa);
++ int DSA_verify(int dummy, const unsigned char *dgst, int len,
++ const unsigned char *sigbuf, int siglen, DSA *dsa);
+
+ void DSA_set_default_method(const DSA_METHOD *meth);
+ const DSA_METHOD *DSA_get_default_method(void);
+@@ -36,25 +36,25 @@ dsa - Digital Signature Algorithm
+ const DSA_METHOD *DSA_OpenSSL(void);
+
+ DSA_SIG *DSA_SIG_new(void);
+- void DSA_SIG_free(DSA_SIG *a);
+- int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
++ void DSA_SIG_free(DSA_SIG *a);
++ int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
+ DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
+
+ DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+- int DSA_do_verify(const unsigned char *dgst, int dgst_len,
+- DSA_SIG *sig, DSA *dsa);
++ int DSA_do_verify(const unsigned char *dgst, int dgst_len,
++ DSA_SIG *sig, DSA *dsa);
+
+- DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
+- DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
+- DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
+- int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
+- int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
+- int i2d_DSAparams(const DSA *a,unsigned char **pp);
++ DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
++ DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
++ DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
++ int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
++ int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
++ int i2d_DSAparams(const DSA *a,unsigned char **pp);
+
+- int DSAparams_print(BIO *bp, const DSA *x);
+- int DSAparams_print_fp(FILE *fp, const DSA *x);
+- int DSA_print(BIO *bp, const DSA *x, int off);
+- int DSA_print_fp(FILE *bp, const DSA *x, int off);
++ int DSAparams_print(BIO *bp, const DSA *x);
++ int DSAparams_print_fp(FILE *fp, const DSA *x);
++ int DSA_print(BIO *bp, const DSA *x, int off);
++ int DSA_print_fp(FILE *bp, const DSA *x, int off);
+
+ =head1 DESCRIPTION
+
+@@ -69,11 +69,11 @@ The B<DSA> structure consists of several BIGNUM components.
+
+ struct
+ {
+- BIGNUM *p; // prime number (public)
+- BIGNUM *q; // 160-bit subprime, q | p-1 (public)
+- BIGNUM *g; // generator of subgroup (public)
+- BIGNUM *priv_key; // private key x
+- BIGNUM *pub_key; // public key y = g^x
++ BIGNUM *p; // prime number (public)
++ BIGNUM *q; // 160-bit subprime, q | p-1 (public)
++ BIGNUM *g; // generator of subgroup (public)
++ BIGNUM *priv_key; // private key x
++ BIGNUM *pub_key; // public key y = g^x
+ // ...
+ }
+ DSA;
+@@ -106,4 +106,13 @@ L<DSA_sign(3)>, L<DSA_set_method(3)>,
+ L<DSA_get_ex_new_index(3)>,
+ L<RSA_print(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ec.pod b/doc/crypto/ec.pod
+index d6f1381..5e20b4e 100644
+--- a/doc/crypto/ec.pod
++++ b/doc/crypto/ec.pod
+@@ -60,34 +60,34 @@ ec - Elliptic Curve functions
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+- const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
++ const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+- const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
++ const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+- const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
++ const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+- const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
++ const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+- const BIGNUM *x, int y_bit, BN_CTX *ctx);
++ const BIGNUM *x, int y_bit, BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+- const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
++ const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+- const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
++ const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+- const BIGNUM *x, int y_bit, BN_CTX *ctx);
++ const BIGNUM *x, int y_bit, BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+- point_conversion_form_t form,
++ point_conversion_form_t form,
+ unsigned char *buf, size_t len, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+ const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
+- point_conversion_form_t form, BIGNUM *, BN_CTX *);
++ point_conversion_form_t form, BIGNUM *, BN_CTX *);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
+- EC_POINT *, BN_CTX *);
++ EC_POINT *, BN_CTX *);
+ char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
+- point_conversion_form_t form, BN_CTX *);
++ point_conversion_form_t form, BN_CTX *);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
+- EC_POINT *, BN_CTX *);
++ EC_POINT *, BN_CTX *);
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+@@ -104,8 +104,8 @@ ec - Elliptic Curve functions
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+- int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+- unsigned int *k2, unsigned int *k3);
++ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
++ unsigned int *k2, unsigned int *k3);
+ EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
+ int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
+ #define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
+@@ -113,7 +113,7 @@ ec - Elliptic Curve functions
+ #define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
+ (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
+ #define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
+- (unsigned char *)(x))
++ (unsigned char *)(x))
+ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
+ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
+
+@@ -150,14 +150,14 @@ ec - Elliptic Curve functions
+
+ EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
+ int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
+- int ECParameters_print(BIO *bp, const EC_KEY *key);
+- int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
+- int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
+- int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
++ int ECParameters_print(BIO *bp, const EC_KEY *key);
++ int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
++ int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
++ int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
+ #define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
+ #define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
+- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, \
+- EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
++ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, \
++ EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+@@ -195,4 +195,13 @@ L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+ L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
+
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ecdsa.pod b/doc/crypto/ecdsa.pod
+index c2e786e..0967f08 100644
+--- a/doc/crypto/ecdsa.pod
++++ b/doc/crypto/ecdsa.pod
+@@ -186,4 +186,13 @@ L<rsa(3)>,
+ L<EVP_DigestSignInit(3)>,
+ L<EVP_DigestVerifyInit(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/engine.pod b/doc/crypto/engine.pod
+index 8d1b3df..df12d59 100644
+--- a/doc/crypto/engine.pod
++++ b/doc/crypto/engine.pod
+@@ -444,7 +444,7 @@ boolean success or failure.
+ ENGINE_free(e);
+ return 0;
+ }
+- pre_cmds += 2;
++ pre_cmds += 2;
+ }
+ if(!ENGINE_init(e)) {
+ fprintf(stderr, "Failed initialisation\n");
+@@ -461,7 +461,7 @@ boolean success or failure.
+ ENGINE_finish(e);
+ return 0;
+ }
+- post_cmds += 2;
++ post_cmds += 2;
+ }
+ ENGINE_set_default(e, ENGINE_METHOD_ALL & ~ENGINE_METHOD_RAND);
+ /* Success */
+@@ -491,15 +491,15 @@ OpenSSL core routines.
+ It is using these "core" control commands that one can discover the control
+ commands implemented by a given ENGINE, specifically the commands;
+
+- #define ENGINE_HAS_CTRL_FUNCTION 10
+- #define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
+- #define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
+- #define ENGINE_CTRL_GET_CMD_FROM_NAME 13
+- #define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
+- #define ENGINE_CTRL_GET_NAME_FROM_CMD 15
+- #define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
+- #define ENGINE_CTRL_GET_DESC_FROM_CMD 17
+- #define ENGINE_CTRL_GET_CMD_FLAGS 18
++ #define ENGINE_HAS_CTRL_FUNCTION 10
++ #define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
++ #define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
++ #define ENGINE_CTRL_GET_CMD_FROM_NAME 13
++ #define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
++ #define ENGINE_CTRL_GET_NAME_FROM_CMD 15
++ #define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
++ #define ENGINE_CTRL_GET_DESC_FROM_CMD 17
++ #define ENGINE_CTRL_GET_CMD_FLAGS 18
+
+ Whilst these commands are automatically processed by the OpenSSL framework code,
+ they use various properties exposed by each ENGINE to process these
+@@ -535,10 +535,10 @@ or populate a supplied character buffer with a copy of the command name or
+ description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR'd mask of the following
+ possible values;
+
+- #define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
+- #define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
+- #define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
+- #define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
++ #define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
++ #define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
++ #define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
++ #define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
+
+ If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely
+ informational to the caller - this flag will prevent the command being usable
+@@ -563,4 +563,13 @@ ENGINE_cleanup(), ENGINE_load_openssl(), ENGINE_load_dynamic(), and
+ ENGINE_load_cryptodev() were deprecated in OpenSSL 1.1.0 by
+ OPENSSL_init_crypto().
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/err.pod b/doc/crypto/err.pod
+index 33cb19d..b57798e 100644
+--- a/doc/crypto/err.pod
++++ b/doc/crypto/err.pod
+@@ -22,7 +22,6 @@ err - error codes
+ int ERR_GET_REASON(unsigned long e);
+
+ void ERR_clear_error(void);
+- void ERR_remove_thread_state(void);
+
+ char *ERR_error_string(unsigned long e, char *buf);
+ const char *ERR_lib_error_string(unsigned long e);
+@@ -49,6 +48,10 @@ Deprecated:
+ #endif
+
+ #if OPENSSL_API_COMPAT < 0x10100000L
++ void ERR_remove_thread_state(void *);
++ #endif
++
++ #if OPENSSL_API_COMPAT < 0x10100000L
+ void ERR_free_strings(void)
+ #endif
+
+@@ -71,9 +74,6 @@ messages is described in L<ERR_error_string(3)>.
+ L<ERR_clear_error(3)> can be used to clear the
+ error queue.
+
+-Note that L<ERR_remove_thread_state(3)> should be used to
+-avoid memory leaks when threads are terminated.
+-
+ =head1 ADDING NEW ERROR CODES TO OPENSSL
+
+ See L<ERR_put_error(3)> if you want to record error codes in the
+@@ -119,7 +119,7 @@ name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
+ C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
+ (in B<crypto/err/err_all.c>). Finally, add an entry
+
+- L XXX xxx.h xxx_err.c
++ L XXX xxx.h xxx_err.c
+
+ to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
+ Running B<make errors> will then generate a file B<xxx_err.c>, and
+@@ -164,8 +164,6 @@ the header file and generate the C error code file. This will normally
+ be done if the external library needs to generate new ASN1 structures
+ but it can also be used to add more general purpose error code handling.
+
+-TBA more details
+-
+ =head1 INTERNALS
+
+ The error queues are stored in a thread-local storage with one B<ERR_STATE>
+@@ -186,7 +184,6 @@ L<ERR_clear_error(3)>,
+ L<ERR_error_string(3)>,
+ L<ERR_print_errors(3)>,
+ L<ERR_load_crypto_strings(3)>,
+-L<ERR_remove_thread_state(3)>,
+ L<ERR_put_error(3)>,
+ L<ERR_load_strings(3)>,
+ L<SSL_get_error(3)>
+@@ -196,4 +193,13 @@ L<SSL_get_error(3)>
+ The ERR_load_crypto_strings() function was deprecated in OpenSSL 1.1.0 by
+ OPENSSL_init_crypto().
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/evp.pod b/doc/crypto/evp.pod
+index 09870b4..c930e7d 100644
+--- a/doc/crypto/evp.pod
++++ b/doc/crypto/evp.pod
+@@ -61,6 +61,10 @@ based encryption. Careful selection of the parameters will provide a PKCS#5 PBKD
+ implementation. However, new applications should not typically use this (preferring, for example,
+ PBKDF2 from PCKS#5).
+
++The L<B<EVP_Encode>I<...>|EVP_EncodeInit(3)> and
++L<B<EVP_Decode>I<...>|EVP_EncodeInit(3)> functions implement base 64 encoding
++and decoding.
++
+ All the symmetric algorithms (ciphers), digests and asymmetric algorithms
+ (public key algorithms) can be replaced by L<engine(3)> modules providing alternative
+ implementations. If ENGINE implementations of ciphers or digests are registered
+@@ -71,7 +75,7 @@ implementations. For more information, consult the engine(3) man page.
+ Although low level algorithm specific functions exist for many algorithms
+ their use is discouraged. They cannot be used with an ENGINE and ENGINE
+ versions of new algorithms cannot be accessed using the low level functions.
+-Also makes code harder to adapt to new algorithms and some options are not
++Also makes code harder to adapt to new algorithms and some options are not
+ cleanly supported at the low level and some operations are more efficient
+ using the high level interface.
+
+@@ -84,6 +88,7 @@ L<EVP_SealInit(3)>,
+ L<EVP_DigestSignInit(3)>,
+ L<EVP_SignInit(3)>,
+ L<EVP_VerifyInit(3)>,
++L<EVP_EncodeInit(3)>,
+ L<EVP_PKEY_new(3)>,
+ L<EVP_PKEY_set1_RSA(3)>,
+ L<EVP_PKEY_keygen(3)>,
+@@ -97,4 +102,13 @@ L<EVP_PKEY_derive(3)>,
+ L<EVP_BytesToKey(3)>,
+ L<engine(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/hmac.pod b/doc/crypto/hmac.pod
+index 57c274c..cabb493 100644
+--- a/doc/crypto/hmac.pod
++++ b/doc/crypto/hmac.pod
+@@ -16,7 +16,7 @@ HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+- const EVP_MD *md, ENGINE *impl);
++ const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+@@ -110,4 +110,13 @@ HMAC_CTX_new() and HMAC_CTX_free() are new in OpenSSL version 1.1.
+ HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
+ versions of OpenSSL before 1.0.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/i2d_CMS_bio_stream.pod b/doc/crypto/i2d_CMS_bio_stream.pod
+index 42b06c2..fd566bb 100644
+--- a/doc/crypto/i2d_CMS_bio_stream.pod
++++ b/doc/crypto/i2d_CMS_bio_stream.pod
+@@ -2,7 +2,7 @@
+
+ =head1 NAME
+
+- i2d_CMS_bio_stream - output CMS_ContentInfo structure in BER format.
++i2d_CMS_bio_stream - output CMS_ContentInfo structure in BER format.
+
+ =head1 SYNOPSIS
+
+@@ -41,4 +41,13 @@ L<PEM_write_bio_CMS_stream(3)>
+
+ i2d_CMS_bio_stream() was added to OpenSSL 1.0.0
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/i2d_PKCS7_bio_stream.pod b/doc/crypto/i2d_PKCS7_bio_stream.pod
+index 7a96cf9..f22e0e1 100644
+--- a/doc/crypto/i2d_PKCS7_bio_stream.pod
++++ b/doc/crypto/i2d_PKCS7_bio_stream.pod
+@@ -41,4 +41,13 @@ L<PEM_write_bio_PKCS7_stream(3)>
+
+ i2d_PKCS7_bio_stream() was added to OpenSSL 1.0.0
+
++=head1 COPYRIGHT
++
++Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/lh_stats.pod b/doc/crypto/lh_stats.pod
+index fa7bd9d..c454a47 100644
+--- a/doc/crypto/lh_stats.pod
++++ b/doc/crypto/lh_stats.pod
+@@ -2,20 +2,21 @@
+
+ =head1 NAME
+
+-lh_stats, lh_node_stats, lh_node_usage_stats, lh_stats_bio,
+-lh_node_stats_bio, lh_node_usage_stats_bio - LHASH statistics
++OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats,
++OPENSSL_LH_stats_bio,
++OPENSSL_LH_node_stats_bio, OPENSSL_LH_node_usage_stats_bio - LHASH statistics
+
+ =head1 SYNOPSIS
+
+ #include <openssl/lhash.h>
+
+- void lh_stats(LHASH *table, FILE *out);
+- void lh_node_stats(LHASH *table, FILE *out);
+- void lh_node_usage_stats(LHASH *table, FILE *out);
++ void OPENSSL_LH_stats(LHASH *table, FILE *out);
++ void OPENSSL_LH_node_stats(LHASH *table, FILE *out);
++ void OPENSSL_LH_node_usage_stats(LHASH *table, FILE *out);
+
+- void lh_stats_bio(LHASH *table, BIO *out);
+- void lh_node_stats_bio(LHASH *table, BIO *out);
+- void lh_node_usage_stats_bio(LHASH *table, BIO *out);
++ void OPENSSL_LH_stats_bio(LHASH *table, BIO *out);
++ void OPENSSL_LH_node_stats_bio(LHASH *table, BIO *out);
++ void OPENSSL_LH_node_usage_stats_bio(LHASH *table, BIO *out);
+
+ =head1 DESCRIPTION
+
+@@ -24,14 +25,14 @@ accessing the hash table. This is mostly a legacy of Eric Young
+ writing this library for the reasons of implementing what looked like
+ a nice algorithm rather than for a particular software product.
+
+-lh_stats() prints out statistics on the size of the hash table, how
++OPENSSL_LH_stats() prints out statistics on the size of the hash table, how
+ many entries are in it, and the number and result of calls to the
+ routines in this library.
+
+-lh_node_stats() prints the number of entries for each 'bucket' in the
++OPENSSL_LH_node_stats() prints the number of entries for each 'bucket' in the
+ hash table.
+
+-lh_node_usage_stats() prints out a short summary of the state of the
++OPENSSL_LH_node_usage_stats() prints out a short summary of the state of the
+ hash table. It prints the 'load' and the 'actual load'. The load is
+ the average number of data items per 'bucket' in the hash table. The
+ 'actual load' is the average number of items per 'bucket', but only
+@@ -40,7 +41,7 @@ average number of searches that will need to find an item in the hash
+ table, while the 'load' is the average number that will be done to
+ record a miss.
+
+-lh_stats_bio(), lh_node_stats_bio() and lh_node_usage_stats_bio()
++OPENSSL_LH_stats_bio(), OPENSSL_LH_node_stats_bio() and OPENSSL_LH_node_usage_stats_bio()
+ are the same as the above, except that the output goes to a B<BIO>.
+
+ =head1 RETURN VALUES
+@@ -51,4 +52,13 @@ These functions do not return values.
+
+ L<bio(3)>, L<lhash(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/lhash.pod b/doc/crypto/lhash.pod
+index 7d39a67..959e2d6 100644
+--- a/doc/crypto/lhash.pod
++++ b/doc/crypto/lhash.pod
+@@ -2,39 +2,45 @@
+
+ =head1 NAME
+
+-lh_new, lh_free, lh_insert, lh_delete, lh_retrieve, lh_doall, lh_doall_arg, lh_error - dynamic hash table
++DECLARE_LHASH_OF,
++OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC,
++LHASH_DOALL_ARG_FN_TYPE,
++lh_TYPE_new, lh_TYPE_free,
++lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve,
++lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table
+
+ =head1 SYNOPSIS
+
+ #include <openssl/lhash.h>
+
+- DECLARE_LHASH_OF(<type>);
++ DECLARE_LHASH_OF(TYPE);
+
+- LHASH *lh_<type>_new();
+- void lh_<type>_free(LHASH_OF(<type> *table);
++ LHASH *lh_TYPE_new();
++ void lh_TYPE_free(LHASH_OF(TYPE *table);
+
+- <type> *lh_<type>_insert(LHASH_OF(<type> *table, <type> *data);
+- <type> *lh_<type>_delete(LHASH_OF(<type> *table, <type> *data);
+- <type> *lh_retrieve(LHASH_OF<type> *table, <type> *data);
++ TYPE *lh_TYPE_insert(LHASH_OF(TYPE *table, TYPE *data);
++ TYPE *lh_TYPE_delete(LHASH_OF(TYPE *table, TYPE *data);
++ TYPE *lh_retrieve(LHASH_OFTYPE *table, TYPE *data);
+
+- void lh_<type>_doall(LHASH_OF(<type> *table, LHASH_DOALL_FN_TYPE func);
+- void lh_<type>_doall_arg(LHASH_OF(<type> *table, LHASH_DOALL_ARG_FN_TYPE func,
+- <type2>, <type2> *arg);
++ void lh_TYPE_doall(LHASH_OF(TYPE *table, OPENSSL_LH_DOALL_FUNC func);
++ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
++ TYPE, TYPE *arg);
+
+- int lh_<type>_error(LHASH_OF(<type> *table);
++ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+- typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *);
+- typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *);
+- typedef void (*LHASH_DOALL_FN_TYPE)(const void *);
++ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
++ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
++ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);
+
+ =head1 DESCRIPTION
+
+ This library implements type-checked dynamic hash tables. The hash
+ table entries can be arbitrary structures. Usually they consist of key
+-and value fields.
++and value fields. In the description here, I<TYPE> is used a placeholder
++for any of the OpenSSL datatypes, such as I<SSL_SESSION>.
+
+-lh_<type>_new() creates a new B<LHASH_OF(<type>> structure to store
++lh_TYPE_new() creates a new B<LHASH_OF(TYPE)> structure to store
+ arbitrary data entries, and provides the 'hash' and 'compare'
+ callbacks to be used in organising the table's entries. The B<hash>
+ callback takes a pointer to a table entry as its argument and returns
+@@ -47,43 +53,43 @@ will contain items of some particular type and the B<hash> and
+ B<compare> callbacks hash/compare these types, then the
+ B<DECLARE_LHASH_HASH_FN> and B<IMPLEMENT_LHASH_COMP_FN> macros can be
+ used to create callback wrappers of the prototypes required by
+-lh_<type>_new(). These provide per-variable casts before calling the
++lh_TYPE_new(). These provide per-variable casts before calling the
+ type-specific callbacks written by the application author. These
+ macros, as well as those used for the "doall" callbacks, are defined
+ as;
+
+ #define DECLARE_LHASH_HASH_FN(name, o_type) \
+- unsigned long name##_LHASH_HASH(const void *);
++ unsigned long name##_LHASH_HASH(const void *);
+ #define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
+- unsigned long name##_LHASH_HASH(const void *arg) { \
+- const o_type *a = arg; \
+- return name##_hash(a); }
++ unsigned long name##_LHASH_HASH(const void *arg) { \
++ const o_type *a = arg; \
++ return name##_hash(a); }
+ #define LHASH_HASH_FN(name) name##_LHASH_HASH
+
+ #define DECLARE_LHASH_COMP_FN(name, o_type) \
+- int name##_LHASH_COMP(const void *, const void *);
++ int name##_LHASH_COMP(const void *, const void *);
+ #define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
+- int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
+- const o_type *a = arg1; \
+- const o_type *b = arg2; \
+- return name##_cmp(a,b); }
++ int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
++ const o_type *a = arg1; \
++ const o_type *b = arg2; \
++ return name##_cmp(a,b); }
+ #define LHASH_COMP_FN(name) name##_LHASH_COMP
+
+ #define DECLARE_LHASH_DOALL_FN(name, o_type) \
+- void name##_LHASH_DOALL(void *);
++ void name##_LHASH_DOALL(void *);
+ #define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
+- void name##_LHASH_DOALL(void *arg) { \
+- o_type *a = arg; \
+- name##_doall(a); }
++ void name##_LHASH_DOALL(void *arg) { \
++ o_type *a = arg; \
++ name##_doall(a); }
+ #define LHASH_DOALL_FN(name) name##_LHASH_DOALL
+
+ #define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+- void name##_LHASH_DOALL_ARG(void *, void *);
++ void name##_LHASH_DOALL_ARG(void *, void *);
+ #define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+- void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
+- o_type *a = arg1; \
+- a_type *b = arg2; \
+- name##_doall_arg(a, b); }
++ void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
++ o_type *a = arg1; \
++ a_type *b = arg2; \
++ name##_doall_arg(a, b); }
+ #define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
+
+ An example of a hash table storing (pointers to) structures of type 'STUFF'
+@@ -101,28 +107,28 @@ as;
+ /* Create the new hash table using the hash/compare wrappers */
+ LHASH_OF(STUFF) *hashtable = lh_STUFF_new(LHASH_HASH_FN(STUFF_hash),
+ LHASH_COMP_FN(STUFF_cmp));
+- /* ... */
++ /* ... */
+ }
+
+-lh_<type>_free() frees the B<LHASH_OF(<type>> structure
++lh_TYPE_free() frees the B<LHASH_OF(TYPE)> structure
+ B<table>. Allocated hash table entries will not be freed; consider
+-using lh_<type>_doall() to deallocate any remaining entries in the
++using lh_TYPE_doall() to deallocate any remaining entries in the
+ hash table (see below).
+
+-lh_<type>_insert() inserts the structure pointed to by B<data> into
++lh_TYPE_insert() inserts the structure pointed to by B<data> into
+ B<table>. If there already is an entry with the same key, the old
+-value is replaced. Note that lh_<type>_insert() stores pointers, the
++value is replaced. Note that lh_TYPE_insert() stores pointers, the
+ data are not copied.
+
+-lh_<type>_delete() deletes an entry from B<table>.
++lh_TYPE_delete() deletes an entry from B<table>.
+
+-lh_<type>_retrieve() looks up an entry in B<table>. Normally, B<data>
++lh_TYPE_retrieve() looks up an entry in B<table>. Normally, B<data>
+ is a structure with the key field(s) set; the function will return a
+ pointer to a fully populated structure.
+
+-lh_<type>_doall() will, for every entry in the hash table, call
+-B<func> with the data item as its parameter. For lh_<type>_doall()
+-and lh_<type>_doall_arg(), function pointer casting should be avoided
++lh_TYPE_doall() will, for every entry in the hash table, call
++B<func> with the data item as its parameter. For lh_TYPE_doall()
++and lh_TYPE_doall_arg(), function pointer casting should be avoided
+ in the callbacks (see B<NOTE>) - instead use the declare/implement
+ macros to create type-checked wrappers that cast variables prior to
+ calling your type-specific callbacks. An example of this is
+@@ -149,7 +155,7 @@ you start (which will stop the hash table ever decreasing in size).
+ The best solution is probably to avoid deleting items from the hash
+ table inside a "doall" callback!
+
+-lh_<type>_doall_arg() is the same as lh_<type>_doall() except that
++lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that
+ B<func> will be called with B<arg> as the second argument and B<func>
+ should be of type B<LHASH_DOALL_ARG_FN_TYPE> (a callback prototype
+ that is passed both the table entry and an extra argument). As with
+@@ -168,28 +174,29 @@ that is provided by the caller):
+ /* Print out the entire hashtable to a particular BIO */
+ lh_STUFF_doall_arg(hashtable, LHASH_DOALL_ARG_FN(STUFF_print), BIO,
+ logging_bio);
+-
+-lh_<type>_error() can be used to determine if an error occurred in the last
+-operation. lh_<type>_error() is a macro.
++
++
++lh_TYPE_error() can be used to determine if an error occurred in the last
++operation.
+
+ =head1 RETURN VALUES
+
+-lh_<type>_new() returns B<NULL> on error, otherwise a pointer to the new
++lh_TYPE_new() returns B<NULL> on error, otherwise a pointer to the new
+ B<LHASH> structure.
+
+-When a hash table entry is replaced, lh_<type>_insert() returns the value
++When a hash table entry is replaced, lh_TYPE_insert() returns the value
+ being replaced. B<NULL> is returned on normal operation and on error.
+
+-lh_<type>_delete() returns the entry being deleted. B<NULL> is returned if
++lh_TYPE_delete() returns the entry being deleted. B<NULL> is returned if
+ there is no such value in the hash table.
+
+-lh_<type>_retrieve() returns the hash table entry if it has been found,
++lh_TYPE_retrieve() returns the hash table entry if it has been found,
+ B<NULL> otherwise.
+
+-lh_<type>_error() returns 1 if an error occurred in the last operation, 0
++lh_TYPE_error() returns 1 if an error occurred in the last operation, 0
+ otherwise.
+
+-lh_<type>_free(), lh_<type>_doall() and lh_<type>_doall_arg() return no values.
++lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.
+
+ =head1 NOTE
+
+@@ -232,7 +239,7 @@ without any "const" qualifiers.
+
+ =head1 BUGS
+
+-lh_<type>_insert() returns B<NULL> both for success and error.
++lh_TYPE_insert() returns B<NULL> both for success and error.
+
+ =head1 SEE ALSO
+
+@@ -243,4 +250,13 @@ L<lh_stats(3)>
+ In OpenSSL 1.0.0, the lhash interface was revamped for better
+ type checking.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/md5.pod b/doc/crypto/md5.pod
+index a8c0718..78da750 100644
+--- a/doc/crypto/md5.pod
++++ b/doc/crypto/md5.pod
+@@ -75,7 +75,7 @@ preferred.
+
+ =head1 RETURN VALUES
+
+-MD2(), MD4(), and MD5() return pointers to the hash value.
++MD2(), MD4(), and MD5() return pointers to the hash value.
+
+ MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
+ MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for
+@@ -89,4 +89,13 @@ RFC 1319, RFC 1320, RFC 1321
+
+ L<EVP_DigestInit(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/mdc2.pod b/doc/crypto/mdc2.pod
+index f7cc425..f7db71b 100644
+--- a/doc/crypto/mdc2.pod
++++ b/doc/crypto/mdc2.pod
+@@ -44,7 +44,7 @@ hash functions directly.
+
+ =head1 RETURN VALUES
+
+-MDC2() returns a pointer to the hash value.
++MDC2() returns a pointer to the hash value.
+
+ MDC2_Init(), MDC2_Update() and MDC2_Final() return 1 for success, 0 otherwise.
+
+@@ -56,4 +56,13 @@ ISO/IEC 10118-2, with DES
+
+ L<EVP_DigestInit(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/pem.pod b/doc/crypto/pem.pod
+index 5687375..f355196 100644
+--- a/doc/crypto/pem.pod
++++ b/doc/crypto/pem.pod
+@@ -3,7 +3,8 @@
+ =head1 NAME
+
+ PEM, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey,
+-PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey,
++PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey,
++PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey,
+ PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid,
+ PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY,
+ PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey,
+@@ -35,6 +36,10 @@ PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u);
++ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
++ const EVP_CIPHER *enc,
++ unsigned char *kstr, int klen,
++ pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+@@ -157,19 +162,21 @@ clarity the term "B<foobar> functions" will be used to collectively
+ refer to the PEM_read_bio_foobar(), PEM_read_foobar(),
+ PEM_write_bio_foobar() and PEM_write_foobar() functions.
+
+-The B<PrivateKey> functions read or write a private key in
+-PEM format using an EVP_PKEY structure. The write routines use
+-"traditional" private key format and can handle both RSA and DSA
+-private keys. The read functions can additionally transparently
+-handle PKCS#8 format encrypted and unencrypted keys too.
++The B<PrivateKey> functions read or write a private key in PEM format using an
++EVP_PKEY structure. The write routines use PKCS#8 private key format and are
++equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently
++handle traditional and PKCS#8 format encrypted and unencrypted keys.
+
+-PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey()
+-write a private key in an EVP_PKEY structure in PKCS#8
+-EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption
+-algorithms. The B<cipher> argument specifies the encryption algorithm to
+-use: unlike all other PEM routines the encryption is applied at the
+-PKCS#8 level and not in the PEM headers. If B<cipher> is NULL then no
+-encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.
++PEM_write_bio_PrivateKey_traditional() writes out a private key in legacy
++"traditional" format.
++
++PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private
++key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using
++PKCS#5 v2.0 password based encryption algorithms. The B<cipher> argument
++specifies the encryption algorithm to use: unlike some other PEM routines the
++encryption is applied at the PKCS#8 level and not in the PEM headers. If
++B<cipher> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo
++structure is used instead.
+
+ PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid()
+ also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however
+@@ -182,7 +189,8 @@ structure. The public key is encoded as a SubjectPublicKeyInfo
+ structure.
+
+ The B<RSAPrivateKey> functions process an RSA private key using an
+-RSA structure. It handles the same formats as the B<PrivateKey>
++RSA structure. The write routines uses traditional format. The read
++routines handles the same formats as the B<PrivateKey>
+ functions but an error occurs if the private key is not RSA.
+
+ The B<RSAPublicKey> functions process an RSA public key using an
+@@ -195,7 +203,8 @@ SubjectPublicKeyInfo structure and an error occurs if the public
+ key is not RSA.
+
+ The B<DSAPrivateKey> functions process a DSA private key using a
+-DSA structure. It handles the same formats as the B<PrivateKey>
++DSA structure. The write routines uses traditional format. The read
++routines handles the same formats as the B<PrivateKey>
+ functions but an error occurs if the private key is not DSA.
+
+ The B<DSA_PUBKEY> functions process a DSA public key using
+@@ -216,7 +225,7 @@ structure. They will also process a trusted X509 certificate but
+ any trust settings are discarded.
+
+ The B<X509_AUX> functions process a trusted X509 certificate using
+-an X509 structure.
++an X509 structure.
+
+ The B<X509_REQ> and B<X509_REQ_NEW> functions process a PKCS#10
+ certificate request using an X509_REQ structure. The B<X509_REQ>
+@@ -340,7 +349,7 @@ Skeleton pass phrase callback:
+ char *tmp;
+
+ /* We'd probably do something else if 'rwflag' is 1 */
+- printf("Enter pass phrase for \"%s\"\n", (char *)u);
++ printf("Enter pass phrase for \"%s\"\n", (char *)u);
+
+ /* get pass phrase, length 'len' into 'tmp' */
+ tmp = "hello";
+@@ -379,7 +388,7 @@ which is an uninitialised pointer.
+
+ These old B<PrivateKey> routines use a non standard technique for encryption.
+
+-The private key (or other data) takes the following form:
++The private key (or other data) takes the following form:
+
+ -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+@@ -403,7 +412,7 @@ password is passed to EVP_BytesToKey() using the B<data> and B<datal>
+ parameters. Finally, the library uses an iteration count of 1 for
+ EVP_BytesToKey().
+
+-he B<key> derived by EVP_BytesToKey() along with the original initialization
++The B<key> derived by EVP_BytesToKey() along with the original initialization
+ vector is then used to decrypt the encrypted data. The B<iv> produced by
+ EVP_BytesToKey() is not utilized or needed, and NULL should be passed to
+ the function.
+@@ -433,7 +442,7 @@ an existing structure. Therefore the following:
+
+ PEM_read_bio_X509(bp, &x, 0, NULL);
+
+-where B<x> already contains a valid certificate, may not work, whereas:
++where B<x> already contains a valid certificate, may not work, whereas:
+
+ X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+@@ -456,3 +465,14 @@ as they will be formally deprecated in a future releases.
+ =head1 SEE ALSO
+
+ L<EVP_EncryptInit(3)>, L<EVP_BytesToKey(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/pem_read.pod b/doc/crypto/pem_read.pod
+new file mode 100644
+index 0000000..7123dd8
+--- /dev/null
++++ b/doc/crypto/pem_read.pod
+@@ -0,0 +1,101 @@
++=pod
++
++=head1 NAME
++
++PEM_read, PEM_read_bio, PEM_do_header - low-level PEM routines
++
++=head1 SYNOPSIS
++
++ #include <openssl/pem.h>
++
++ int PEM_read(FILE *fp, char **name, char **header,
++ unsigned char **data, long *len);
++ int PEM_read_bio(BIO *bp, char **name, char **header,
++ unsigned char **data, long *len);
++ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cinfo);
++ int PEM_do_header(EVP_CIPHER_INFO *cinfo, unsigned char *data, long *len,
++ pem_password_cb *cb, void *u);
++
++=head1 DESCRIPTION
++
++These functions read and decode PEM-encoded objects, returning the
++PEM type B<name>, any encapsulation B<header> and the decoded
++B<data> of length B<len>.
++
++PEM_read() reads from the stdio file handle B<fp>, while PEM_read_bio() reads
++from the BIO B<bio>.
++Both skip any non-PEM data that precedes the start of the next PEM object.
++When an object is successfuly retrieved, the type name from the "----BEGIN
++<type>-----" is returned via the B<name> argument, any encapsulation headers
++are returned in B<header> and the base64-decoded content and its length are
++returned via B<data> and B<len> respectively.
++The B<name>, B<header> and B<data> pointers are allocated via OPENSSL_malloc()
++and should be freed by the caller via OPENSSL_free() when no longer needed.
++
++PEM_get_EVP_CIPHER_INFO() can be used to determine the B<data> returned by
++PEM_read() or PEM_read_bio() is encrypted and to retrieve the associated cipher
++and IV.
++The caller passes a pointer to structure of type B<EVP_CIPHER_INFO> via the
++B<cinfo> argument and the B<header> returned via PEM_read() or PEM_read_bio().
++If the call is succesful 1 is retured and the cipher and IV are stored at the
++address pointed to by B<cinfo>.
++When the header is malformed, or not supported or when the cipher is unknown
++or some internal error happens 0 is returned.
++This function is deprecated, see B<NOTES> below.
++
++PEM_do_header() can then be used to decrypt the data if the header
++indicates encryption.
++The B<cinfo> argument is a pointer to the structure initialized by the previous
++call to PEM_get_EVP_CIPHER_INFO().
++The B<data> and B<len> arguments are those returned by the previous call to
++PEM_read() or PEM_read_bio().
++The B<cb> and B<u> arguments make it possible to override the default password
++prompt function as described in L<pem(3)>.
++On successful completion the B<data> is decrypted in place, and B<len> is
++updated to indicate the plaintext length.
++This function is deprecated, see B<NOTES> below.
++
++If the data is a priori known to not be encrypted, then neither PEM_do_header()
++nor PEM_get_EVP_CIPHER_INFO() need be called.
++
++The final B<data> buffer is typically an ASN.1 object which can be decoded with
++the B<d2i> function appropriate to the type B<name>.
++
++=head1 RETURN VALUES
++
++PEM_read() and PEM_read_bio() return 1 on success and 0 on failure, the latter
++includes the case when no more PEM objects remain in the input file.
++To distinguish end of file from more serious errors the caller must peek at the
++error stack and check for B<PEM_R_NO_START_LINE>, which indicates that no more
++PEM objects were found. See L<ERR_peek_last_error(3)>, L<ERR_GET_REASON(3)>.
++
++PEM_get_EVP_CIPHER_INFO() and PEM_do_header() return 1 on success, and 0 on
++failure.
++The B<data> is likely meaningless if these functions fail.
++
++=head1 NOTES
++
++The PEM_get_EVP_CIPHER_INFO() and PEM_do_header() functions are deprecated.
++This is because the underlying PEM encryption format is obsolete, and should
++be avoided.
++It uses an encryption format with an OpenSSL-specific key-derivation function,
++which employs MD5 with an iteration count of 1!
++Instead, private keys should be stored in PKCS#8 form, with a strong PKCS#5
++v2.0 PBE.
++See L<pkcs8(1)> and L<pem(3)> and L<d2i_PKCS8PrivateKey_bio(3)>.
++
++=head1 SEE ALSO
++
++L<pem(3)>, L<ERR_peek_last_error(3)>, L<ERR_GET_LIB(3)>, L<pkcs8(1)>,
++L<d2i_PKCS8PrivateKey_bio(3)>.
++
++=head1 COPYRIGHT
++
++Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/rand.pod b/doc/crypto/rand.pod
+index 46de8f7..45a6d6b 100644
+--- a/doc/crypto/rand.pod
++++ b/doc/crypto/rand.pod
+@@ -64,7 +64,7 @@ described in L<RAND_add(3)>. Its state can be saved in a seed file
+ seeding process whenever the application is started.
+
+ L<RAND_bytes(3)> describes how to obtain random data from the
+-PRNG.
++PRNG.
+
+ =head1 SEE ALSO
+
+@@ -72,6 +72,15 @@ L<BN_rand(3)>, L<RAND_add(3)>,
+ L<RAND_load_file(3)>, L<RAND_egd(3)>,
+ L<RAND_bytes(3)>,
+ L<RAND_set_rand_method(3)>,
+-L<RAND_cleanup(3)>
++L<RAND_cleanup(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/rc4.pod b/doc/crypto/rc4.pod
+index af2a609..fe5d2d1 100644
+--- a/doc/crypto/rc4.pod
++++ b/doc/crypto/rc4.pod
+@@ -54,4 +54,13 @@ multiple encryptions using the same key stream.
+
+ L<EVP_EncryptInit(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ripemd.pod b/doc/crypto/ripemd.pod
+index c7a94cc..a372e32 100644
+--- a/doc/crypto/ripemd.pod
++++ b/doc/crypto/ripemd.pod
+@@ -41,7 +41,7 @@ the B<RIPEMD160_CTX>.
+
+ =head1 RETURN VALUES
+
+-RIPEMD160() returns a pointer to the hash value.
++RIPEMD160() returns a pointer to the hash value.
+
+ RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for
+ success, 0 otherwise.
+@@ -60,4 +60,13 @@ ISO/IEC 10118-3 (draft) (??)
+
+ L<EVP_DigestInit(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/rsa.pod b/doc/crypto/rsa.pod
+index a1341b8..2a2a1e8 100644
+--- a/doc/crypto/rsa.pod
++++ b/doc/crypto/rsa.pod
+@@ -18,7 +18,7 @@ rsa - RSA public key cryptosystem
+ unsigned char *to, RSA *rsa, int padding);
+ int RSA_private_encrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+- int RSA_public_decrypt(int flen, unsigned char *from,
++ int RSA_public_decrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+
+ int RSA_sign(int type, unsigned char *m, unsigned int m_len,
+@@ -98,6 +98,15 @@ L<RSA_set_method(3)>, L<RSA_print(3)>,
+ L<RSA_get_ex_new_index(3)>,
+ L<RSA_private_encrypt(3)>,
+ L<RSA_sign_ASN1_OCTET_STRING(3)>,
+-L<RSA_padding_add_PKCS1_type_1(3)>
++L<RSA_padding_add_PKCS1_type_1(3)>
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/crypto/sha.pod b/doc/crypto/sha.pod
+index 26f1df3..f3565bb 100644
+--- a/doc/crypto/sha.pod
++++ b/doc/crypto/sha.pod
+@@ -81,7 +81,7 @@ used only when backward compatibility is required.
+ =head1 RETURN VALUES
+
+ SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash
+-value.
++value.
+
+ SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256,
+ SHA384 and SHA512 functions return 1 for success, 0 otherwise.
+@@ -96,4 +96,13 @@ ANSI X9.30
+
+ L<EVP_DigestInit(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/sk_X509_num.pod b/doc/crypto/sk_X509_num.pod
+deleted file mode 100644
+index eebdeb3..0000000
+--- a/doc/crypto/sk_X509_num.pod
++++ /dev/null
+@@ -1,200 +0,0 @@
+-=pod
+-
+-=head1 NAME
+-
+-sk_X509_num, sk_X509_value, sk_X509_new, sk_X509_new_null, sk_X509_free,
+-sk_X509_zero, sk_X509_delete, sk_X509_delete_ptr, sk_X509_push,
+-sk_X509_unshift, sk_X509_pop, sk_X509_shift, sk_X509_pop_free, sk_X509_insert,
+-sk_X509_set, sk_X509_find, sk_X509_find_ex, sk_X509_sort, sk_X509_is_sorted,
+-sk_X509_dup, sk_X509_deep_copy, sk_X509_set_cmp_func - X509 stack
+-
+-=head1 SYNOPSIS
+-
+- #include <openssl/x509.h>
+-
+- int sk_X509_num(const STACK_OF(X509) *sk);
+- X509 *sk_X509_value(const STACK_OF(X509) *sk, int idx);
+- STACK_OF(X509) *sk_X509_new(int (*cmpf)(const X509 * const *a,
+- const X509 * const *b));
+- STACK_OF(X509) *sk_X509_new_null(void);
+- int (*sk_X509_set_cmp_func (STACK_OF(X509) *sk,
+- int (*cmpf) (const X509 * const *a,
+- const X509 * const *b)))
+- (const X509 * const *, const X509 * const *);
+- void sk_X509_free(const STACK_OF(X509) *sk);
+- void sk_X509_zero(const STACK_OF(X509) *sk);
+- void sk_X509_pop_free(STACK_OF(X509) *sk, void (*func) (X509 *a));
+- X509 *sk_X509_delete(STACK_OF(X509) *sk, int i);
+- X509 *sk_X509_delete_ptr(STACK_OF(X509) *sk, X509 *ptr);
+- int sk_X509_insert(STACK_OF(X509) *sk, X509 *ptr, int idx);
+- int sk_X509_push(STACK_OF(X509) *sk, X509 *ptr);
+- int sk_X509_unshift(STACK_OF(X509) *sk, X509 *ptr);
+- X509 *sk_X509_pop(STACK_OF(X509) *sk);
+- X509 *sk_X509_shift(STACK_OF(X509) *sk);
+- X509 *sk_X509_set(STACK_OF(X509) *sk, int idx, X509 *ptr);
+- int sk_X509_find(STACK_OF(X509) *sk, X509 *ptr);
+- int sk_X509_find_ex(STACK_OF(X509) *sk, X509 *ptr);
+- void sk_X509_sort(const STACK_OF(X509) *sk);
+- int sk_X509_is_sorted(const STACK_OF(X509) *sk);
+- STACK_OF(X509) *sk_X509_dup(STACK_OF(X509) *sk);
+- STACK_OF(X509) *sk_X509_deep_copy(STACK_OF(X509) *sk,
+- X509 * (*copyfn) (const X509 *),
+- void (*freefn) (X509 *));
+-
+-=head1 DESCRIPTION
+-
+-sk_X509_num() returns the number of elements in B<sk> or -1 if B<sk> is
+-B<NULL>.
+-
+-sk_X509_value() returns element B<idx> in B<sk>. Where B<idx> runs from 0
+-to sk_X509_num(sk) - 1 inclusive. If B<idx> is out of range then B<NULL>
+-is returned.
+-
+-sk_X509_new() allocates a new empty stack using comparison function B<cmpf>.
+-If B<cmpf> is B<0> then no comparison function is used.
+-
+-sk_X509_new_null() allocates a new empty stack with no comparison function.
+-
+-sk_X509_set_cmp_func() sets the comparison function of B<sk> to B<cmpf>.
+-The previous comparison function is returned or B<0> if there was
+-no previous comparison function.
+-
+-sk_X509_free() frees up the B<sk> structure. It does B<not> free up any
+-elements of B<sk>. After this call B<sk> is no longer valid.
+-
+-sk_X509_zero() sets the number of elements in B<sk> to zero. It does not free
+-B<sk> so after this call B<sk> is still valid.
+-
+-sk_X509_pop_free() frees up all elements of B<sk> and B<sk> itself. The
+-free function func() is called on each element to free it.
+-
+-sk_X509_delete() deletes element B<i> from B<sk>. It returns the deleted
+-element or B<NULL> if B<i> is out of range.
+-
+-sk_X509_delete_ptr() deletes element matching B<ptr> from B<sk>. It returns
+-the deleted element or B<NULL> if no element matching B<ptr> was found.
+-
+-sk_X509_insert() inserts B<ptr> into B<sk> at position B<idx>. Any existing
+-elements at or after B<idx> are moved downwards. If B<idx> is out of range
+-the new element is appended to B<sk>. sk_X509_insert() either returns the
+-number of elements in B<sk> after the new element is inserted or zero if
+-an error occurred: which will happen if there is a memory allocation failure.
+-
+-sk_X509_push() appends B<ptr> to B<sk> it is equivalent to:
+-
+- sk_X509_insert(sk, ptr, -1);
+-
+-sk_X509_unshift() inserts B<ptr> at the start of B<sk> it is equivalent to:
+-
+- sk_X509_insert(sk, ptr, 0);
+-
+-sk_X509_pop() returns and removes the last element from B<sk>.
+-
+-sk_X509_shift() returns and removes the first element from B<sk>.
+-
+-sk_X509_set() sets element B<idx> of B<sk> to B<ptr> replacing the current
+-element. The new element value is returned or B<NULL> if an error occurred:
+-this will only happen if B<sk> is B<NULL> or B<idx> is out of range.
+-
+-sk_X509_find() and int sk_X509_find_ex() search B<sk> using the supplied
+-comparison function for an element matching B<ptr>. sk_X509_find() returns
+-the index of the first matching element or B<-1> if there is no match.
+-sk_X509_find_ex() returns a matching element or the nearest element that
+-does not match B<ptr>. Note: if a comparison function is set then B<sk> is
+-sorted before the search which may change its order. If no comparison
+-function is set then a linear search is made for a pointer matching B<ptr>
+-and the stack is not reordered.
+-
+-sk_X509_sort() sorts B<sk> using the supplied comparison function.
+-
+-sk_X509_is_sorted() returns B<1> if B<sk> is sorted and B<0> otherwise.
+-
+-sk_X509_dup() returns a copy of B<sk>. Note the pointers in the copy
+-are identical to the original.
+-
+-sk_X509_deep_copy() returns a new stack where each element has been copied.
+-Copying is performed by the supplied copyfn() and freeing by freefn(). The
+-function freefn() is only called if an error occurs.
+-
+-=head1 NOTES
+-
+-This manual page documents the functions which operate on a stack of
+-B<X509> pointers. A stack can contain pointers to any structure with B<X509>
+-replaced by the appropriate structure name.
+-
+-Care should be taken when accessing stacks in multi-threaded environments.
+-Any operation which increases the size of a stack such as sk_X509_insert() or
+-sk_push() can "grow" the size of an internal array and cause race conditions
+-if the same stack is accessed in a different thread. Operations such as
+-sk_find() and sk_sort() can also reorder the stack.
+-
+-Any comparison function supplied should use a metric suitable
+-for use in a binary search operation. That is it should return zero, a
+-positive or negative value if B<a> is equal to, greater than
+-or less than B<b> respectively.
+-
+-Care should be taken when checking the return values of the functions
+-sk_X509_find() and sk_X509_find_ex(). They return an index to the
+-matching element. In particular B<0> indicates a matching first element.
+-A failed search is indicated by a B<-1> return value.
+-
+-=head1 APPLICATION DEFINED STACKS
+-
+-Applications can create and use their own stacks by placing any of the macros
+-described below in a header file.
+-
+-DEFINE_STACK_OF(NAME) creates set of functions for a stack of B<NAME>. This
+-will mean that type B<NAME> is stored in each stack, the type is referenced by
+-STACK_OF(NAME) and each function name begins with sk_NAME_. For example:
+-
+- NAME *sk_NAME_value(STACK_OF(NAME) *sk, int idx);
+-
+-DEFINE_STACK_OF_CONST(NAME) is identical to DEFINE_STACK_OF(NAME) except
+-each element is constant for example:
+-
+- const NAME *sk_name_value(STACK_OF(NAME) *sk, int idx);
+-
+-DEFINE_SPECIAL_STACK_OF(FNAME, STNAME) defines a stack of B<STNAME> but
+-each function uses B<FNAME>. For example:
+-
+- STNAME *sk_FNAME_value(STACK_OF(STNAME) *sk, int idx);
+-
+-=head1 RETURN VALUES
+-
+-sk_X509_num() returns the number of elements in the stack or B<-1> if the
+-passed stack is B<NULL>.
+-
+-sk_X509_value() returns a pointer to a stack element or B<NULL> if the
+-index is out of range.
+-
+-sk_X509_new() and sk_X509_new_null() return an empty stack or B<NULL> if
+-an error occurs.
+-
+-sk_X509_set_cmp_func() returns the old comparison function or B<NULL> if
+-there was no old comparison function.
+-
+-sk_X509_free(), sk_X509_zero(), sk_X509_pop_free() and sk_X509_sort() do
+-not return values.
+-
+-sk_X509_pop(), sk_X509_shift(), sk_X509_delete() and sk_X509_delete_ptr()
+-return a pointer to the deleted element or B<NULL> on error.
+-
+-sk_X509_insert(), sk_X509_push() and sk_X509_unshift() return the total
+-number of elements in the stack and 0 if an error occurred.
+-
+-sk_X509_set() returns a pointer to the replacement element or B<NULL> on
+-error.
+-
+-sk_X509_find() and sk_X509_find_ex() return an index to the found element
+-or B<-1> on error.
+-
+-sk_X509_is_sorted() returns B<1> if the stack is sorted and B<0> if it is
+-not.
+-
+-sk_X509_dup() and sk_X509_deep_copy() return a pointer to the copy of the
+-stack.
+-
+-=head1 HISTORY
+-
+-Use of inline functions and application defined stacks first appeared in
+-OpenSSL 1.1.0. Previous versions of OpenSSL implemented stacks as macros.
+diff --git a/doc/crypto/stack.pod b/doc/crypto/stack.pod
+new file mode 100644
+index 0000000..1defff0
+--- /dev/null
++++ b/doc/crypto/stack.pod
+@@ -0,0 +1,212 @@
++=pod
++
++=head1 NAME
++
++DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF,
++sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_free,
++sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push,
++sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free,
++sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort,
++sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func -
++stack container
++
++=head1 SYNOPSIS
++
++ #include <openssl/safestack.h>
++
++ #define STACK_OF(TYPE)
++ #define DEFINE_STACK_OF
++ #define DEFINE_STACK_OF_CONST
++ #define DEFINE_SPECIAL_STACK_OF
++
++ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
++ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
++ typedef void (*sk_TYPE_freefunc)(TYPE *a);
++
++ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
++ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
++ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
++ STACK_OF(TYPE) *sk_TYPE_new_null(void);
++ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
++ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
++ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
++ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
++ int sk_TYPE_push(STACK_OF(TYPE) *sk, TYPE *ptr);
++ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, TYPE *ptr);
++ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
++ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
++ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
++ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
++ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, TYPE *ptr);
++ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
++ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
++ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
++ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
++ STACK_OF(TYPE) *sk_TYPE_dup(STACK_OF(TYPE) *sk);
++ STACK_OF(TYPE) *sk_TYPE_deep_copy(STACK_OF(TYPE) *sk,
++ sk_TYPE_copyfunc copyfunc,
++ sk_TYPE_freefunc freefunc);
++ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk, sk_TYPE_compfunc compare);
++
++=head1 DESCRIPTION
++
++Applications can create and use their own stacks by placing any of the macros
++described below in a header file. In the description below, I<TYPE> is used
++as a placeholder for any of the OpenSSL datatypes, such as I<X509>.
++
++DEFINE_STACK_OF(TYPE) creates set of functions for a stack of B<TYPE>. This
++will mean that type B<TYPE> is stored in each stack, the type is referenced by
++STACK_OF(TYPE) and each function name begins with I<sk_TYPE_>. For example:
++
++ TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);
++
++DEFINE_STACK_OF_CONST(TYPE) is identical to DEFINE_STACK_OF(TYPE) except
++each element is constant. For example:
++
++ const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);
++
++DEFINE_SPECIAL_STACK_OF(FUNCNAME, TYPE) defines a stack of B<TYPE> but
++each function uses B<FUNCNAME> in the function name. For example:
++
++ TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);
++
++sk_TYPE_num() returns the number of elements in B<sk> or -1 if B<sk> is
++B<NULL>.
++
++sk_TYPE_value() returns element B<idx> in B<sk>, where B<idx> starts at
++zero. If B<idx> is out of range then B<NULL> is returned.
++
++sk_TYPE_new() allocates a new empty stack using comparison function B<compar>.
++If B<compar> is B<NULL> then no comparison function is used.
++
++sk_TYPE_new_null() allocates a new empty stack with no comparison function.
++
++sk_TYPE_set_cmp_func() sets the comparison function of B<sk> to B<compar>.
++The previous comparison function is returned or B<NULL> if there was
++no previous comparison function.
++
++sk_TYPE_free() frees up the B<sk> structure. It does B<not> free up any
++elements of B<sk>. After this call B<sk> is no longer valid.
++
++sk_TYPE_zero() sets the number of elements in B<sk> to zero. It does not free
++B<sk> so after this call B<sk> is still valid.
++
++sk_TYPE_pop_free() frees up all elements of B<sk> and B<sk> itself. The
++free function freefunc() is called on each element to free it.
++
++sk_TYPE_delete() deletes element B<i> from B<sk>. It returns the deleted
++element or B<NULL> if B<i> is out of range.
++
++sk_TYPE_delete_ptr() deletes element matching B<ptr> from B<sk>. It returns
++the deleted element or B<NULL> if no element matching B<ptr> was found.
++
++sk_TYPE_insert() inserts B<ptr> into B<sk> at position B<idx>. Any existing
++elements at or after B<idx> are moved downwards. If B<idx> is out of range
++the new element is appended to B<sk>. sk_TYPE_insert() either returns the
++number of elements in B<sk> after the new element is inserted or zero if
++an error (such as memory allocation failure) occurred.
++
++sk_TYPE_push() appends B<ptr> to B<sk> it is equivalent to:
++
++ sk_TYPE_insert(sk, ptr, -1);
++
++sk_TYPE_unshift() inserts B<ptr> at the start of B<sk> it is equivalent to:
++
++ sk_TYPE_insert(sk, ptr, 0);
++
++sk_TYPE_pop() returns and removes the last element from B<sk>.
++
++sk_TYPE_shift() returns and removes the first element from B<sk>.
++
++sk_TYPE_set() sets element B<idx> of B<sk> to B<ptr> replacing the current
++element. The new element value is returned or B<NULL> if an error occurred:
++this will only happen if B<sk> is B<NULL> or B<idx> is out of range.
++
++sk_TYPE_find() and sk_TYPE_find_ex() search B<sk> using the supplied
++comparison function for an element matching B<ptr>. sk_TYPE_find() returns
++the index of the first matching element or B<-1> if there is no match.
++sk_TYPE_find_ex() returns a matching element or the nearest element that
++does not match B<ptr>. Note: if a comparison function is set then B<sk> is
++sorted before the search which may change its order. If no comparison
++function is set then a linear search is made for a pointer matching B<ptr>
++and the stack is not reordered.
++
++sk_TYPE_sort() sorts B<sk> using the supplied comparison function.
++
++sk_TYPE_is_sorted() returns B<1> if B<sk> is sorted and B<0> otherwise.
++
++sk_TYPE_dup() returns a copy of B<sk>. Note the pointers in the copy
++are identical to the original.
++
++sk_TYPE_deep_copy() returns a new stack where each element has been copied.
++Copying is performed by the supplied copyfunc() and freeing by freefunc(). The
++function freefunc() is only called if an error occurs.
++
++=head1 NOTES
++
++Care should be taken when accessing stacks in multi-threaded environments.
++Any operation which increases the size of a stack such as sk_TYPE_insert() or
++sk_push() can "grow" the size of an internal array and cause race conditions
++if the same stack is accessed in a different thread. Operations such as
++sk_find() and sk_sort() can also reorder the stack.
++
++Any comparison function supplied should use a metric suitable
++for use in a binary search operation. That is it should return zero, a
++positive or negative value if B<a> is equal to, greater than
++or less than B<b> respectively.
++
++Care should be taken when checking the return values of the functions
++sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the
++matching element. In particular B<0> indicates a matching first element.
++A failed search is indicated by a B<-1> return value.
++
++=head1 RETURN VALUES
++
++sk_TYPE_num() returns the number of elements in the stack or B<-1> if the
++passed stack is B<NULL>.
++
++sk_TYPE_value() returns a pointer to a stack element or B<NULL> if the
++index is out of range.
++
++sk_TYPE_new() and sk_TYPE_new_null() return an empty stack or B<NULL> if
++an error occurs.
++
++sk_TYPE_set_cmp_func() returns the old comparison function or B<NULL> if
++there was no old comparison function.
++
++sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do
++not return values.
++
++sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr()
++return a pointer to the deleted element or B<NULL> on error.
++
++sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total
++number of elements in the stack and 0 if an error occurred.
++
++sk_TYPE_set() returns a pointer to the replacement element or B<NULL> on
++error.
++
++sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element
++or B<-1> on error.
++
++sk_TYPE_is_sorted() returns B<1> if the stack is sorted and B<0> if it is
++not.
++
++sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the
++stack.
++
++=head1 HISTORY
++
++Before OpenSSL 1.1.0, this was implemented via macros and not inline functions
++and was not a public API.
++
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/doc/crypto/threads.pod b/doc/crypto/threads.pod
+index 90c5709..37671b9 100644
+--- a/doc/crypto/threads.pod
++++ b/doc/crypto/threads.pod
+@@ -2,6 +2,7 @@
+
+ =head1 NAME
+
++CRYPTO_THREAD_run_once,
+ CRYPTO_THREAD_lock_new, CRYPTO_THREAD_read_lock, CRYPTO_THREAD_write_lock,
+ CRYPTO_THREAD_unlock, CRYPTO_THREAD_lock_free, CRYPTO_atomic_add - OpenSSL thread support
+
+@@ -9,6 +10,9 @@ CRYPTO_THREAD_unlock, CRYPTO_THREAD_lock_free, CRYPTO_atomic_add - OpenSSL threa
+
+ #include <openssl/crypto.h>
+
++ CRYPTO_ONCE CRYPTO_ONCE_STATIC_INIT;
++ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
++
+ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
+ int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
+@@ -31,6 +35,16 @@ The following multi-threading function are provided:
+ =over 4
+
+ =item *
++CRYPTO_THREAD_run_once() can be used to perform one-time initialization.
++The B<once> argument must be a pointer to a static object of type
++B<CRYPTO_ONCE> that was statically initialized to the value
++B<CRYPTO_ONCE_STATIC_INIT>.
++The B<init> argument is a pointer to a function that performs the desired
++exactly once initialization.
++In particular, this can be used to allocate locks in a thread-safe manner,
++which can then be used with the locking functions below.
++
++=item *
+ CRYPTO_THREAD_lock_new() allocates, initializes and returns a new read/write
+ lock.
+
+@@ -57,17 +71,62 @@ be the only way that the variable is modified.
+
+ =head1 RETURN VALUES
+
++CRYPTO_THREAD_run_once() returns 1 on success, or 0 on error.
++
+ CRYPTO_THREAD_lock_new() returns the allocated lock, or NULL on error.
+
+ CRYPTO_THREAD_lock_frees() returns no value.
+
+ The other functions return 1 on success or 0 on error.
+
++=head1 EXAMPLE
++
++This example safely initializes and uses a lock.
++
++ #include <openssl/crypto.h>
++
++ static CRYPTO_ONCE once = CRYPTO_ONCE_STATIC_INIT;
++ static CRYPTO_RWLOCK *lock;
++
++ static void myinit(void)
++ {
++ lock = CRYPTO_THREAD_lock_new();
++ }
++
++ static int mylock(void)
++ {
++ if (!CRYPTO_THREAD_run_once(&once, void init) || lock == NULL)
++ return 0;
++ return CRYPTO_THREAD_write_lock(lock);
++ }
++
++ static int myunlock(void)
++ {
++ return CRYPTO_THREAD_unlock(lock);
++ }
++
++ int serialized(void)
++ {
++ int ret = 0;
++
++ if (mylock()) {
++ /* Your code here, do not return without releasing the lock! */
++ ret = ... ;
++ }
++ myunlock();
++ return ret;
++ }
++
++Finalization of locks is an advanced topic, not covered in this example.
++This can only be done at process exit or when a dynamically loaded library is
++no longer in use and is unloaded.
++The simplest solution is to just "leak" the lock in applications and not
++repeatedly load/unload shared libraries that allocate locks.
++
+ =head1 NOTES
+
+ You can find out if OpenSSL was configured with thread support:
+
+- #define OPENSSL_THREAD_DEFINES
+ #include <openssl/opensslconf.h>
+ #if defined(OPENSSL_THREADS)
+ // thread support enabled
+@@ -79,4 +138,13 @@ You can find out if OpenSSL was configured with thread support:
+
+ L<crypto(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/ui.pod b/doc/crypto/ui.pod
+index f03e989..a941265 100644
+--- a/doc/crypto/ui.pod
++++ b/doc/crypto/ui.pod
+@@ -22,30 +22,30 @@ UI_set_method, UI_OpenSSL, ERR_load_UI_strings - New User Interface
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+- char *result_buf, int minsize, int maxsize);
++ char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+- char *result_buf, int minsize, int maxsize);
++ char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+- char *result_buf, int minsize, int maxsize, const char *test_buf);
++ char *result_buf, int minsize, int maxsize, const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+- char *result_buf, int minsize, int maxsize, const char *test_buf);
++ char *result_buf, int minsize, int maxsize, const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+- const char *ok_chars, const char *cancel_chars,
+- int flags, char *result_buf);
++ const char *ok_chars, const char *cancel_chars,
++ int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+- const char *ok_chars, const char *cancel_chars,
+- int flags, char *result_buf);
++ const char *ok_chars, const char *cancel_chars,
++ int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ /* These are the possible flags. They can be or'ed together. */
+- #define UI_INPUT_FLAG_ECHO 0x01
+- #define UI_INPUT_FLAG_DEFAULT_PWD 0x02
++ #define UI_INPUT_FLAG_ECHO 0x01
++ #define UI_INPUT_FLAG_DEFAULT_PWD 0x02
+
+ char *UI_construct_prompt(UI *ui_method,
+- const char *object_desc, const char *object_name);
++ const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+@@ -55,8 +55,8 @@ UI_set_method, UI_OpenSSL, ERR_load_UI_strings - New User Interface
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+- #define UI_CTRL_PRINT_ERRORS 1
+- #define UI_CTRL_IS_REDOABLE 2
++ #define UI_CTRL_PRINT_ERRORS 1
++ #define UI_CTRL_IS_REDOABLE 2
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+@@ -110,12 +110,12 @@ If B<ui> is NULL nothing is done.
+
+ UI_add_input_string() and UI_add_verify_string() add a prompt to the UI,
+ as well as flags and a result buffer and the desired minimum and maximum
+-sizes of the result. The given information is used to prompt for
+-information, for example a password, and to verify a password (i.e. having
+-the user enter it twice and check that the same string was entered twice).
+-UI_add_verify_string() takes and extra argument that should be a pointer
+-to the result buffer of the input string that it's supposed to verify, or
+-verification will fail.
++sizes of the result, not counting the final NUL character. The given
++information is used to prompt for information, for example a password,
++and to verify a password (i.e. having the user enter it twice and check
++that the same string was entered twice). UI_add_verify_string() takes
++and extra argument that should be a pointer to the result buffer of the
++input string that it's supposed to verify, or verification will fail.
+
+ UI_add_input_boolean() adds a prompt to the UI that's supposed to be answered
+ in a boolean way, with a single character for yes and a different character
+@@ -183,4 +183,13 @@ UI_set_method() changes the UI method associated with a given UI.
+
+ L<ui_create(3)>, L<ui_compat(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/crypto/x509.pod b/doc/crypto/x509.pod
+index 8639525..a8969de 100644
+--- a/doc/crypto/x509.pod
++++ b/doc/crypto/x509.pod
+@@ -61,4 +61,13 @@ L<d2i_X509_SIG(3)>,
+ L<crypto(3)>,
+ L<x509v3(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/DTLSv1_listen.pod b/doc/ssl/DTLSv1_listen.pod
+index 7416693..ab7621d 100644
+--- a/doc/ssl/DTLSv1_listen.pod
++++ b/doc/ssl/DTLSv1_listen.pod
+@@ -90,4 +90,13 @@ L<ssl(3)>, L<bio(3)>
+ DTLSv1_listen() return codes were clarified in OpenSSL 1.1.0. The type of "peer"
+ also changed in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/OPENSSL_init_ssl.pod b/doc/ssl/OPENSSL_init_ssl.pod
+index 110a282..b963e5e 100644
+--- a/doc/ssl/OPENSSL_init_ssl.pod
++++ b/doc/ssl/OPENSSL_init_ssl.pod
+@@ -72,4 +72,13 @@ L<OPENSSL_init_crypto(3)>
+
+ The OPENSSL_init_ssl() function was added in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CIPHER_get_name.pod b/doc/ssl/SSL_CIPHER_get_name.pod
+index 296aa32..643eea4 100644
+--- a/doc/ssl/SSL_CIPHER_get_name.pod
++++ b/doc/ssl/SSL_CIPHER_get_name.pod
+@@ -112,4 +112,13 @@ rather than a fixed string, in OpenSSL 1.1
+ L<ssl(3)>, L<SSL_get_current_cipher(3)>,
+ L<SSL_get_ciphers(3)>, L<ciphers(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_COMP_add_compression_method.pod b/doc/ssl/SSL_COMP_add_compression_method.pod
+index fe10e1b..c455832 100644
+--- a/doc/ssl/SSL_COMP_add_compression_method.pod
++++ b/doc/ssl/SSL_COMP_add_compression_method.pod
+@@ -26,7 +26,7 @@ It cannot be set for specific SSL_CTX or SSL objects.
+ In versions of OpenSSL prior to 1.1.0 SSL_COMP_free_compression_methods() freed
+ the internal table of compression methods that were built internally, and
+ possibly augmented by adding SSL_COMP_add_compression_method(). However this is
+-now unncessary from version 1.1.0. No explicit initialisation or
++now unnecessary from version 1.1.0. No explicit initialisation or
+ de-initialisation is necessary. See L<OPENSSL_init_crypto(3)> and
+ L<OPENSSL_init_ssl(3)>. From OpenSSL 1.1.0 calling this function does nothing.
+
+@@ -84,4 +84,13 @@ L<ssl(3)>
+
+ SSL_COMP_free_compression_methods() was deprecated in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CONF_CTX_new.pod b/doc/ssl/SSL_CONF_CTX_new.pod
+index 329e3c7..79f0bbc 100644
+--- a/doc/ssl/SSL_CONF_CTX_new.pod
++++ b/doc/ssl/SSL_CONF_CTX_new.pod
+@@ -38,4 +38,13 @@ L<SSL_CONF_cmd_argv(3)>
+
+ These functions were first added to OpenSSL 1.0.2
+
++=head1 COPYRIGHT
++
++Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CONF_CTX_set1_prefix.pod b/doc/ssl/SSL_CONF_CTX_set1_prefix.pod
+index 5083a73..da9e580 100644
+--- a/doc/ssl/SSL_CONF_CTX_set1_prefix.pod
++++ b/doc/ssl/SSL_CONF_CTX_set1_prefix.pod
+@@ -20,7 +20,7 @@ to B<prefix>. If B<prefix> is B<NULL> it is restored to the default value.
+ Command prefixes alter the commands recognised by subsequent SSL_CTX_cmd()
+ calls. For example for files, if the prefix "SSL" is set then command names
+ such as "SSLProtocol", "SSLOptions" etc. are recognised instead of "Protocol"
+-and "Options". Similarly for command lines if the prefix is "--ssl-" then
++and "Options". Similarly for command lines if the prefix is "--ssl-" then
+ "--ssl-no_tls1_2" is recognised instead of "-no_tls1_2".
+
+ If the B<SSL_CONF_FLAG_CMDLINE> flag is set then prefix checks are case
+@@ -46,4 +46,13 @@ L<SSL_CONF_cmd_argv(3)>
+
+ These functions were first added to OpenSSL 1.0.2
+
++=head1 COPYRIGHT
++
++Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CONF_CTX_set_flags.pod b/doc/ssl/SSL_CONF_CTX_set_flags.pod
+index 10cfc4d..efd8da3 100644
+--- a/doc/ssl/SSL_CONF_CTX_set_flags.pod
++++ b/doc/ssl/SSL_CONF_CTX_set_flags.pod
+@@ -72,4 +72,13 @@ L<SSL_CONF_cmd_argv(3)>
+
+ These functions were first added to OpenSSL 1.0.2
+
++=head1 COPYRIGHT
++
++Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod b/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
+index e7ede42..7e4120f 100644
+--- a/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
++++ b/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
+@@ -44,4 +44,13 @@ L<SSL_CONF_cmd_argv(3)>
+
+ These functions were first added to OpenSSL 1.0.2
+
++=head1 COPYRIGHT
++
++Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CONF_cmd.pod b/doc/ssl/SSL_CONF_cmd.pod
+index 17b8758..083b33a 100644
+--- a/doc/ssl/SSL_CONF_cmd.pod
++++ b/doc/ssl/SSL_CONF_cmd.pod
+@@ -465,7 +465,7 @@ Set supported signature algorithms:
+
+ SSL_CONF_cmd(ctx, "SignatureAlgorithms", "ECDSA+SHA256:RSA+SHA256:DSA+SHA256");
+
+-There are various ways to select the supported procotols.
++There are various ways to select the supported protocols.
+
+ This set the minimum protocol version to TLSv1, and so disables SSLv3.
+ This is the recommended way to disable protocols.
+@@ -550,4 +550,13 @@ B<SSL_CONF_TYPE_UNKNOWN>.
+
+ B<MinProtocol> and B<MaxProtocol> where added in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CONF_cmd_argv.pod b/doc/ssl/SSL_CONF_cmd_argv.pod
+index c06b44f..8f38db1 100644
+--- a/doc/ssl/SSL_CONF_cmd_argv.pod
++++ b/doc/ssl/SSL_CONF_cmd_argv.pod
+@@ -39,4 +39,13 @@ L<SSL_CONF_cmd(3)>
+
+ These functions were first added to OpenSSL 1.0.2
+
++=head1 COPYRIGHT
++
++Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_add1_chain_cert.pod b/doc/ssl/SSL_CTX_add1_chain_cert.pod
+index 545b82e..1f0418b 100644
+--- a/doc/ssl/SSL_CTX_add1_chain_cert.pod
++++ b/doc/ssl/SSL_CTX_add1_chain_cert.pod
+@@ -146,4 +146,13 @@ L<SSL_CTX_add_extra_chain_cert(3)>
+
+ These functions were first added to OpenSSL 1.0.2.
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_add_extra_chain_cert.pod b/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
+index 63cf2b2..e2783de 100644
+--- a/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
++++ b/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
+@@ -68,4 +68,13 @@ L<SSL_add1_chain_cert(3)>
+ L<SSL_CTX_build_cert_chain(3)>
+ L<SSL_build_cert_chain(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_add_session.pod b/doc/ssl/SSL_CTX_add_session.pod
+index fb8cf6a..dbdd9f0 100644
+--- a/doc/ssl/SSL_CTX_add_session.pod
++++ b/doc/ssl/SSL_CTX_add_session.pod
+@@ -59,7 +59,7 @@ The following values are returned by all functions:
+ session was not found in the cache.
+
+ =item Z<>1
+-
++
+ The operation succeeded.
+
+ =back
+@@ -70,4 +70,13 @@ L<ssl(3)>,
+ L<SSL_CTX_set_session_cache_mode(3)>,
+ L<SSL_SESSION_free(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_config.pod b/doc/ssl/SSL_CTX_config.pod
+index 0cf93dd..40144f9 100644
+--- a/doc/ssl/SSL_CTX_config.pod
++++ b/doc/ssl/SSL_CTX_config.pod
+@@ -81,4 +81,13 @@ L<CONF_modules_load_file(3)>
+
+ SSL_CTX_config() and SSL_config() were first added to OpenSSL 1.1.0
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_ctrl.pod b/doc/ssl/SSL_CTX_ctrl.pod
+index b59d267..e8386a5 100644
+--- a/doc/ssl/SSL_CTX_ctrl.pod
++++ b/doc/ssl/SSL_CTX_ctrl.pod
+@@ -31,4 +31,13 @@ supplied via the B<cmd> parameter.
+
+ L<ssl(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_dane_enable.pod b/doc/ssl/SSL_CTX_dane_enable.pod
+index 8463a3d..cef109f 100644
+--- a/doc/ssl/SSL_CTX_dane_enable.pod
++++ b/doc/ssl/SSL_CTX_dane_enable.pod
+@@ -71,11 +71,17 @@ The arguments specify the fields of the TLSA record.
+ The B<data> field is provided in binary (wire RDATA) form, not the hexadecimal
+ ASCII presentation form, with an explicit length passed via B<dlen>.
+ A return value of 0 indicates that "unusable" TLSA records (with invalid or
+-unsupported parameters) were provided, a negative return value indicates an
+-internal error in processing the records.
+-If DANE authentication is enabled, but no TLSA records are added successfully,
+-authentication will fail, and the handshake may not complete, depending on the
+-B<mode> argument of L<SSL_set_verify(3)> and any verification callback.
++unsupported parameters) were provided.
++A negative return value indicates an internal error in processing the record.
++
++The caller is expected to check the return value of each SSL_dane_tlsa_add()
++call and take appropriate action if none are usable or an internal error
++is encountered in processing some records.
++
++If no TLSA records are added successfully, DANE authentication is not enabled,
++and authentication will be based on any configured traditional trust-anchors;
++authentication success in this case does not mean that the peer was
++DANE-authenticated.
+
+ SSL_get0_dane_authority() can be used to get more detailed information about
+ the matched DANE trust-anchor after successful connection completion.
+@@ -149,6 +155,7 @@ the lifetime of the SSL connection.
+
+ SSL_CTX *ctx;
+ SSL *ssl;
++ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = "example.com";
+ const char *dane_tlsa_domain = "smtp.example.com";
+@@ -175,11 +182,19 @@ the lifetime of the SSL connection.
+
+ /* set usage, selector, mtype, data, len */
+
+- /* Opportunistic DANE TLS clients treat usages 0, 1 as unusable. */
++ /*
++ * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
++ * They treat all other certificate usages, and in particular PKIX-TA(0)
++ * and PKIX-EE(1), as unusable.
++ */
+ switch (usage) {
++ default:
+ case 0: /* PKIX-TA(0) */
+ case 1: /* PKIX-EE(1) */
+ continue;
++ case 2: /* DANE-TA(2) */
++ case 3: /* DANE-EE(3) */
++ break;
+ }
+
+ ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+@@ -194,16 +209,29 @@ the lifetime of the SSL connection.
+ }
+
+ /*
++ * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+ * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+ * are unusable, so continue the handshake even if authentication fails.
+ */
+ if (num_usable == 0) {
+- int (*cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+-
+ /* Log all records unusable? */
+- /* Set cb to a non-NULL callback of your choice? */
+
+- SSL_set_verify(ssl, SSL_VERIFY_NONE, cb);
++ /* Optionally set verify_cb to a suitable non-NULL callback. */
++ SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
++ } else {
++ /* At least one usable record. We expect to verify the peer */
++
++ /* Optionally set verify_cb to a suitable non-NULL callback. */
++
++ /*
++ * Below we elect to fail the handshake when peer verification fails.
++ * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
++ * complete the handshake, check the verification status, and if not
++ * verified disconnect gracefully at the application layer, especially if
++ * application protocol supports informing the server that authentication
++ * failed.
++ */
++ SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+@@ -240,14 +268,14 @@ the lifetime of the SSL connection.
+ }
+ if (peername != NULL) {
+ /* Name checks were in scope and matched the peername */
+- printf(bio, "Verified peername: %s\n", peername);
++ printf("Verified peername: %s\n", peername);
+ }
+ } else {
+ /*
+ * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+- * callback suppressed connection termination despite presence of TLSA
+- * usable RRs none of which matched. Do whatever is appropriate for
+- * unauthenticated connections.
++ * callback suppressed connection termination despite the presence of
++ * usable TLSA RRs none of which matched. Do whatever is appropriate for
++ * fresh unauthenticated connections.
+ */
+ }
+
+@@ -297,4 +325,13 @@ L<EVP_PKEY_free(3)>
+
+ These functions were first added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_flush_sessions.pod b/doc/ssl/SSL_CTX_flush_sessions.pod
+index 103e13f..7639451 100644
+--- a/doc/ssl/SSL_CTX_flush_sessions.pod
++++ b/doc/ssl/SSL_CTX_flush_sessions.pod
+@@ -26,7 +26,7 @@ As sessions will not be reused ones they are expired, they should be
+ removed from the cache to save resources. This can either be done
+ automatically whenever 255 new sessions were established (see
+ L<SSL_CTX_set_session_cache_mode(3)>)
+-or manually by calling SSL_CTX_flush_sessions().
++or manually by calling SSL_CTX_flush_sessions().
+
+ The parameter B<tm> specifies the time which should be used for the
+ expiration test, in most cases the actual time given by time(0)
+@@ -37,8 +37,6 @@ cache. When a session is found and removed, the remove_session_cb is however
+ called to synchronize with the external cache (see
+ L<SSL_CTX_sess_set_get_cb(3)>).
+
+-=head1 RETURN VALUES
+-
+ =head1 SEE ALSO
+
+ L<ssl(3)>,
+@@ -46,4 +44,13 @@ L<SSL_CTX_set_session_cache_mode(3)>,
+ L<SSL_CTX_set_timeout(3)>,
+ L<SSL_CTX_sess_set_get_cb(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_free.pod b/doc/ssl/SSL_CTX_free.pod
+index 70a6314..e5cc1aa 100644
+--- a/doc/ssl/SSL_CTX_free.pod
++++ b/doc/ssl/SSL_CTX_free.pod
+@@ -39,4 +39,13 @@ SSL_CTX_free() does not provide diagnostic information.
+ L<SSL_CTX_new(3)>, L<ssl(3)>,
+ L<SSL_CTX_sess_set_get_cb(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_get0_param.pod b/doc/ssl/SSL_CTX_get0_param.pod
+index 6fdc2bd..6b93737 100644
+--- a/doc/ssl/SSL_CTX_get0_param.pod
++++ b/doc/ssl/SSL_CTX_get0_param.pod
+@@ -52,4 +52,13 @@ L<X509_VERIFY_PARAM_set_flags(3)>
+
+ These functions were first added to OpenSSL 1.0.2.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_get_verify_mode.pod b/doc/ssl/SSL_CTX_get_verify_mode.pod
+index f75c2da..bd10034 100644
+--- a/doc/ssl/SSL_CTX_get_verify_mode.pod
++++ b/doc/ssl/SSL_CTX_get_verify_mode.pod
+@@ -47,4 +47,13 @@ See DESCRIPTION
+
+ L<ssl(3)>, L<SSL_CTX_set_verify(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_has_client_custom_ext.pod b/doc/ssl/SSL_CTX_has_client_custom_ext.pod
+index 3a1079d..d9e9a06 100644
+--- a/doc/ssl/SSL_CTX_has_client_custom_ext.pod
++++ b/doc/ssl/SSL_CTX_has_client_custom_ext.pod
+@@ -25,4 +25,13 @@ Returns 1 if a handler has been set, 0 otherwise.
+ L<ssl(3)>,
+ L<SSL_CTX_add_client_custom_ext(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod
+index 53e119e..7e78bc6 100644
+--- a/doc/ssl/SSL_CTX_load_verify_locations.pod
++++ b/doc/ssl/SSL_CTX_load_verify_locations.pod
+@@ -2,8 +2,9 @@
+
+ =head1 NAME
+
+-SSL_CTX_load_verify_locations - set default locations for trusted CA
+-certificates
++SSL_CTX_load_verify_locations, SSL_CTX_set_default_verify_paths,
++SSL_CTX_set_default_verify_dir, SSL_CTX_set_default_verify_file - set
++default locations for trusted CA certificates
+
+ =head1 SYNOPSIS
+
+@@ -144,4 +145,13 @@ L<SSL_CTX_add_extra_chain_cert(3)>,
+ L<SSL_CTX_set_cert_store(3)>,
+ L<SSL_CTX_set_client_CA_list(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_new.pod b/doc/ssl/SSL_CTX_new.pod
+index f2cdc71..69b59bb 100644
+--- a/doc/ssl/SSL_CTX_new.pod
++++ b/doc/ssl/SSL_CTX_new.pod
+@@ -17,7 +17,7 @@ functions
+ #include <openssl/ssl.h>
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+- void SSL_CTX_up_ref(SSL_CTX *ctx);
++ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+@@ -184,6 +184,8 @@ the reason.
+
+ The return value points to an allocated SSL_CTX object.
+
++SSL_CTX_up_ref() returns 1 for success and 0 for failure.
++
+ =back
+
+ =head1 HISTORY
+@@ -203,4 +205,13 @@ All version-specific methods were deprecated in OpenSSL 1.1.0.
+ L<SSL_CTX_set_options(3)>, L<SSL_CTX_free(3)>, L<SSL_accept(3)>,
+ L<SSL_CTX_set_min_proto_version(3)>, L<ssl(3)>, L<SSL_set_connect_state(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_sess_number.pod b/doc/ssl/SSL_CTX_sess_number.pod
+index aa82c30..049c04c 100644
+--- a/doc/ssl/SSL_CTX_sess_number.pod
++++ b/doc/ssl/SSL_CTX_sess_number.pod
+@@ -73,4 +73,13 @@ L<ssl(3)>, L<SSL_set_session(3)>,
+ L<SSL_CTX_set_session_cache_mode(3)>
+ L<SSL_CTX_sess_set_cache_size(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_sess_set_cache_size.pod b/doc/ssl/SSL_CTX_sess_set_cache_size.pod
+index 3239675..5aef10b 100644
+--- a/doc/ssl/SSL_CTX_sess_set_cache_size.pod
++++ b/doc/ssl/SSL_CTX_sess_set_cache_size.pod
+@@ -50,4 +50,13 @@ L<SSL_CTX_set_session_cache_mode(3)>,
+ L<SSL_CTX_sess_number(3)>,
+ L<SSL_CTX_flush_sessions(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_sess_set_get_cb.pod b/doc/ssl/SSL_CTX_sess_set_get_cb.pod
+index b6e266b..d2b0e04 100644
+--- a/doc/ssl/SSL_CTX_sess_set_get_cb.pod
++++ b/doc/ssl/SSL_CTX_sess_set_get_cb.pod
+@@ -9,11 +9,11 @@ SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SS
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+- int (*new_session_cb)(SSL *, SSL_SESSION *));
++ int (*new_session_cb)(SSL *, SSL_SESSION *));
+ void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+- void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *));
++ void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *));
+ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+- SSL_SESSION (*get_session_cb)(SSL *, const unsigned char *, int, int *));
++ SSL_SESSION (*get_session_cb)(SSL *, const unsigned char *, int, int *));
+
+ int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl, SSL_SESSION *sess);
+ void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
+@@ -22,7 +22,7 @@ SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SS
+ int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
+ void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
+ SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data,
+- int len, int *copy);
++ int len, int *copy);
+
+ =head1 DESCRIPTION
+
+@@ -84,4 +84,13 @@ L<SSL_CTX_flush_sessions(3)>,
+ L<SSL_SESSION_free(3)>,
+ L<SSL_CTX_free(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_sessions.pod b/doc/ssl/SSL_CTX_sessions.pod
+index 0099b31..bc4a55e 100644
+--- a/doc/ssl/SSL_CTX_sessions.pod
++++ b/doc/ssl/SSL_CTX_sessions.pod
+@@ -31,4 +31,13 @@ L<ssl(3)>, L<lhash(3)>,
+ L<SSL_CTX_add_session(3)>,
+ L<SSL_CTX_set_session_cache_mode(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set1_curves.pod b/doc/ssl/SSL_CTX_set1_curves.pod
+index 4b6d1af..b0276c8 100644
+--- a/doc/ssl/SSL_CTX_set1_curves.pod
++++ b/doc/ssl/SSL_CTX_set1_curves.pod
+@@ -23,7 +23,7 @@ SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve
+ SSL_CTX_set1_curves() sets the supported curves for B<ctx> to B<clistlen>
+ curves in the array B<clist>. The array consist of all NIDs of curves in
+ preference order. For a TLS client the curves are used directly in the
+-supported curves extension. For a TLS server the curves are used to
++supported curves extension. For a TLS server the curves are used to
+ determine the set of shared curves.
+
+ SSL_CTX_set1_curves_list() sets the supported curves for B<ctx> to
+@@ -34,7 +34,7 @@ SSL_set1_curves() and SSL_set1_curves_list() are similar except they set
+ supported curves for the SSL structure B<ssl>.
+
+ SSL_get1_curves() returns the set of supported curves sent by a client
+-in the supported curves extension. It returns the total number of
++in the supported curves extension. It returns the total number of
+ supported curves. The B<curves> parameter can be B<NULL> to simply
+ return the number of curves for memory allocation purposes. The
+ B<curves> array is in the form of a set of curve NIDs in preference
+@@ -78,4 +78,13 @@ L<SSL_CTX_add_extra_chain_cert(3)>
+
+ These functions were first added to OpenSSL 1.0.2.
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set1_sigalgs.pod b/doc/ssl/SSL_CTX_set1_sigalgs.pod
+index a63076c..e9073b9 100644
+--- a/doc/ssl/SSL_CTX_set1_sigalgs.pod
++++ b/doc/ssl/SSL_CTX_set1_sigalgs.pod
+@@ -101,4 +101,13 @@ All these functions return 1 for success and 0 for failure.
+ L<ssl(3)>, L<SSL_get_shared_sigalgs(3)>,
+ L<SSL_CONF_CTX_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set1_verify_cert_store.pod b/doc/ssl/SSL_CTX_set1_verify_cert_store.pod
+index 989e145..bfe8b70 100644
+--- a/doc/ssl/SSL_CTX_set1_verify_cert_store.pod
++++ b/doc/ssl/SSL_CTX_set1_verify_cert_store.pod
+@@ -54,7 +54,7 @@ any client certificate chain.
+ The chain store is used to build the certificate chain.
+
+ If the mode B<SSL_MODE_NO_AUTO_CHAIN> is set or a certificate chain is
+-configured already (for example using the functions such as
++configured already (for example using the functions such as
+ L<SSL_CTX_add1_chain_cert(3)> or
+ L<SSL_CTX_add_extra_chain_cert(3)>) then
+ automatic chain building is disabled.
+@@ -88,4 +88,13 @@ L<SSL_build_cert_chain(3)>
+
+ These functions were first added to OpenSSL 1.0.2.
+
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_alpn_select_cb.pod b/doc/ssl/SSL_CTX_set_alpn_select_cb.pod
+index 1a3d92c..4859b3c 100644
+--- a/doc/ssl/SSL_CTX_set_alpn_select_cb.pod
++++ b/doc/ssl/SSL_CTX_set_alpn_select_cb.pod
+@@ -123,4 +123,13 @@ ALPN protocol not selected.
+ L<ssl(3)>, L<SSL_CTX_set_tlsext_servername_callback(3)>,
+ L<SSL_CTX_set_tlsext_servername_arg(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_cert_cb.pod b/doc/ssl/SSL_CTX_set_cert_cb.pod
+index 9152907..eaa7a4e 100644
+--- a/doc/ssl/SSL_CTX_set_cert_cb.pod
++++ b/doc/ssl/SSL_CTX_set_cert_cb.pod
+@@ -65,4 +65,13 @@ L<SSL_add1_chain_cert(3)>,
+ L<SSL_get_client_CA_list(3)>,
+ L<SSL_clear(3)>, L<SSL_free(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_cert_store.pod b/doc/ssl/SSL_CTX_set_cert_store.pod
+index 03a0937..7f7a794 100644
+--- a/doc/ssl/SSL_CTX_set_cert_store.pod
++++ b/doc/ssl/SSL_CTX_set_cert_store.pod
+@@ -46,7 +46,7 @@ X509_STORE object and its handling becomes available.
+
+ The X509_STORE structure used by an SSL_CTX is used for verifying peer
+ certificates and building certificate chains, it is also shared by
+-every child SSL structure. Applications wanting finer control can use
++every child SSL structure. Applications wanting finer control can use
+ functions such as SSL_CTX_set1_verify_cert_store() instead.
+
+ =head1 RETURN VALUES
+@@ -61,4 +61,13 @@ L<ssl(3)>,
+ L<SSL_CTX_load_verify_locations(3)>,
+ L<SSL_CTX_set_verify(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_cert_verify_callback.pod b/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
+index 6f6fe56..ca614d1 100644
+--- a/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
++++ b/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
+@@ -26,7 +26,7 @@ SSL_CTX_set_cert_verify_callback(), the supplied callback function is called
+ instead. By setting I<callback> to NULL, the default behaviour is restored.
+
+ When the verification must be performed, I<callback> will be called with
+-the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The
++the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The
+ argument I<arg> is specified by the application when setting I<callback>.
+
+ I<callback> should return 1 to indicate verification success and 0 to
+@@ -35,7 +35,7 @@ returns 0, the handshake will fail. As the verification procedure may
+ allow to continue the connection in case of failure (by always returning 1)
+ the verification result must be set in any case using the B<error>
+ member of I<x509_store_ctx> so that the calling application will be informed
+-about the detailed result of the verification procedure!
++about the detailed result of the verification procedure!
+
+ Within I<x509_store_ctx>, I<callback> has access to the I<verify_callback>
+ function set using L<SSL_CTX_set_verify(3)>.
+@@ -54,8 +54,6 @@ the B<verify_callback> function.
+
+ =head1 BUGS
+
+-=head1 RETURN VALUES
+-
+ SSL_CTX_set_cert_verify_callback() does not provide diagnostic information.
+
+ =head1 SEE ALSO
+@@ -64,4 +62,13 @@ L<ssl(3)>, L<SSL_CTX_set_verify(3)>,
+ L<SSL_get_verify_result(3)>,
+ L<SSL_CTX_load_verify_locations(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_cipher_list.pod b/doc/ssl/SSL_CTX_set_cipher_list.pod
+index 512ca81..4e66917 100644
+--- a/doc/ssl/SSL_CTX_set_cipher_list.pod
++++ b/doc/ssl/SSL_CTX_set_cipher_list.pod
+@@ -62,4 +62,13 @@ L<SSL_CTX_use_certificate(3)>,
+ L<SSL_CTX_set_tmp_dh_callback(3)>,
+ L<ciphers(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_client_CA_list.pod b/doc/ssl/SSL_CTX_set_client_CA_list.pod
+index cc05d77..668fbbb 100644
+--- a/doc/ssl/SSL_CTX_set_client_CA_list.pod
++++ b/doc/ssl/SSL_CTX_set_client_CA_list.pod
+@@ -9,7 +9,7 @@ client certificate
+ =head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+-
++
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+@@ -42,7 +42,7 @@ This list must explicitly be set using SSL_CTX_set_client_CA_list() for
+ B<ctx> and SSL_set_client_CA_list() for the specific B<ssl>. The list
+ specified overrides the previous setting. The CAs listed do not become
+ trusted (B<list> only contains the names, not the complete certificates); use
+-L<SSL_CTX_load_verify_locations(3)>
++L<SSL_CTX_load_verify_locations(3)>
+ to additionally load them for verification.
+
+ If the list of acceptable CAs is compiled in a file, the
+@@ -91,4 +91,13 @@ L<SSL_get_client_CA_list(3)>,
+ L<SSL_load_client_CA_file(3)>,
+ L<SSL_CTX_load_verify_locations(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_client_cert_cb.pod b/doc/ssl/SSL_CTX_set_client_cert_cb.pod
+index 45cef75..aed7d4f 100644
+--- a/doc/ssl/SSL_CTX_set_client_cert_cb.pod
++++ b/doc/ssl/SSL_CTX_set_client_cert_cb.pod
+@@ -91,4 +91,13 @@ L<SSL_CTX_add_extra_chain_cert(3)>,
+ L<SSL_get_client_CA_list(3)>,
+ L<SSL_clear(3)>, L<SSL_free(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_ct_validation_callback.pod b/doc/ssl/SSL_CTX_set_ct_validation_callback.pod
+index ec51c75..2ff33f7 100644
+--- a/doc/ssl/SSL_CTX_set_ct_validation_callback.pod
++++ b/doc/ssl/SSL_CTX_set_ct_validation_callback.pod
+@@ -33,21 +33,29 @@ The behaviour of the callback is determined by the B<validation_mode> argument,
+ which can be either of B<SSL_CT_VALIDATION_PERMISSIVE> or
+ B<SSL_CT_VALIDATION_STRICT> as described below.
+
++If B<validation_mode> is equal to B<SSL_CT_VALIDATION_STRICT>, then in a full
++TLS handshake with the verification mode set to B<SSL_VERIFY_PEER>, if the peer
++presents no valid SCTs the handshake will be aborted.
++If the verification mode is B<SSL_VERIFY_NONE>, the handshake will continue
++despite lack of valid SCTs.
++However, in that case if the verification status before the built-in callback
++was B<X509_V_OK> it will be set to B<X509_V_ERR_NO_VALID_SCTS> after the
++callback.
++Applications can call L<SSL_get_verify_result(3)> to check the status at
++handshake completion, even after session resumption since the verification
++status is part of the saved session state.
++See L<SSL_set_verify(3)>, <SSL_get_verify_result(3)>, L<SSL_session_reused(3)>.
++
+ If B<validation_mode> is equal to B<SSL_CT_VALIDATION_PERMISSIVE>, then the
+-handshake continues regardless of the validation status of any SCTs.
+-The application can inspect the validation status of the SCTs at handshake
+-completion.
++handshake continues, and the verification status is not modified, regardless of
++the validation status of any SCTs.
++The application can still inspect the validation status of the SCTs at
++handshake completion.
+ Note that with session resumption there will not be any SCTs presented during
+ the handshake.
+ Therefore, in applications that delay SCT policy enforcement until after
+-handshake completion, SCT checks should only be performed when the session is
+-not reused.
+-See L<SSL_session_reused(3)>.
+-
+-If B<validation_mode> is equal to B<SSL_CT_VALIDATION_STRICT>, then in a full
+-TLS handshake with the verification mode set to B<SSL_VERIFY_PEER>, if the peer
+-presents no valid SCTs the handshake will be aborted.
+-See L<SSL_set_verify(3)>.
++handshake completion, such delayed SCT checks should only be performed when the
++session is not resumed.
+
+ SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback()
+ register a custom callback that may implement a different policy than either of
+@@ -112,9 +120,19 @@ callback) is set.
+ =head1 SEE ALSO
+
+ L<ssl(3)>,
++<SSL_get_verify_result(3)>,
+ L<SSL_session_reused(3)>,
+ L<SSL_set_verify(3)>,
+ L<SSL_CTX_set_verify(3)>,
+ L<ssl_ct_validation_cb(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_ctlog_list_file.pod b/doc/ssl/SSL_CTX_set_ctlog_list_file.pod
+index 9e5798f..737dea9 100644
+--- a/doc/ssl/SSL_CTX_set_ctlog_list_file.pod
++++ b/doc/ssl/SSL_CTX_set_ctlog_list_file.pod
+@@ -51,4 +51,13 @@ the case of an error, the log list may have been partially loaded.
+ L<ssl(3)>,
+ L<ssl_ct_validation_cb(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_custom_cli_ext.pod b/doc/ssl/SSL_CTX_set_custom_cli_ext.pod
+index 3fceef9..f179f83 100644
+--- a/doc/ssl/SSL_CTX_set_custom_cli_ext.pod
++++ b/doc/ssl/SSL_CTX_set_custom_cli_ext.pod
+@@ -9,41 +9,41 @@ SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext - custom TLS extens
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+- custom_ext_add_cb add_cb,
+- custom_ext_free_cb free_cb, void *add_arg,
+- custom_ext_parse_cb parse_cb,
+- void *parse_arg);
++ custom_ext_add_cb add_cb,
++ custom_ext_free_cb free_cb, void *add_arg,
++ custom_ext_parse_cb parse_cb,
++ void *parse_arg);
+
+ int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+- custom_ext_add_cb add_cb,
+- custom_ext_free_cb free_cb, void *add_arg,
+- custom_ext_parse_cb parse_cb,
+- void *parse_arg);
++ custom_ext_add_cb add_cb,
++ custom_ext_free_cb free_cb, void *add_arg,
++ custom_ext_parse_cb parse_cb,
++ void *parse_arg);
+
+ int SSL_extension_supported(unsigned int ext_type);
+
+ typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,
+- const unsigned char **out,
+- size_t *outlen, int *al,
+- void *add_arg);
++ const unsigned char **out,
++ size_t *outlen, int *al,
++ void *add_arg);
+
+ typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,
+- const unsigned char *out,
+- void *add_arg);
++ const unsigned char *out,
++ void *add_arg);
+
+ typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,
+- const unsigned char *in,
+- size_t inlen, int *al,
+- void *parse_arg);
++ const unsigned char *in,
++ size_t inlen, int *al,
++ void *parse_arg);
+
+
+ =head1 DESCRIPTION
+
+-SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS client
++SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS client
+ with extension type B<ext_type> and callbacks B<add_cb>, B<free_cb> and
+ B<parse_cb>.
+
+-SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS server
++SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS server
+ with extension type B<ext_type> and callbacks B<add_cb>, B<free_cb> and
+ B<parse_cb>.
+
+@@ -55,7 +55,7 @@ internally by OpenSSL and 0 otherwise.
+
+ =head1 EXTENSION CALLBACKS
+
+-The callback B<add_cb> is called to send custom extension data to be
++The callback B<add_cb> is called to send custom extension data to be
+ included in ClientHello for TLS clients or ServerHello for servers. The
+ B<ext_type> parameter is set to the extension type which will be added and
+ B<add_arg> to the value set when the extension handler was added.
+@@ -130,4 +130,13 @@ extension type handled internally by OpenSSL or if an internal error occurs
+ SSL_extension_supported() returns 1 if the extension B<ext_type> is handled
+ internally by OpenSSL and 0 otherwise.
+
++=head1 COPYRIGHT
++
++Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_default_passwd_cb.pod b/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
+index 45a4311..2d407bb 100644
+--- a/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
++++ b/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
+@@ -101,4 +101,13 @@ first added to OpenSSL 1.1.0
+ L<ssl(3)>,
+ L<SSL_CTX_use_certificate(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_generate_session_id.pod b/doc/ssl/SSL_CTX_set_generate_session_id.pod
+index e8459c9..95b7e9e 100644
+--- a/doc/ssl/SSL_CTX_set_generate_session_id.pod
++++ b/doc/ssl/SSL_CTX_set_generate_session_id.pod
+@@ -14,7 +14,7 @@ SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_s
+ int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb);
+ int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB, cb);
+ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+- unsigned int id_len);
++ unsigned int id_len);
+
+ =head1 DESCRIPTION
+
+@@ -123,4 +123,13 @@ same id is already in the cache.
+
+ L<ssl(3)>, L<SSL_get_version(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_info_callback.pod b/doc/ssl/SSL_CTX_set_info_callback.pod
+index 978ce26..b0e845d 100644
+--- a/doc/ssl/SSL_CTX_set_info_callback.pod
++++ b/doc/ssl/SSL_CTX_set_info_callback.pod
+@@ -110,44 +110,53 @@ The following example callback function prints state strings, information
+ about alerts being handled and error messages to the B<bio_err> BIO.
+
+ void apps_ssl_info_callback(SSL *s, int where, int ret)
+- {
+- const char *str;
+- int w;
+-
+- w=where& ~SSL_ST_MASK;
+-
+- if (w & SSL_ST_CONNECT) str="SSL_connect";
+- else if (w & SSL_ST_ACCEPT) str="SSL_accept";
+- else str="undefined";
+-
+- if (where & SSL_CB_LOOP)
+- {
+- BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
+- }
+- else if (where & SSL_CB_ALERT)
+- {
+- str=(where & SSL_CB_READ)?"read":"write";
+- BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
+- str,
+- SSL_alert_type_string_long(ret),
+- SSL_alert_desc_string_long(ret));
+- }
+- else if (where & SSL_CB_EXIT)
+- {
+- if (ret == 0)
+- BIO_printf(bio_err,"%s:failed in %s\n",
+- str,SSL_state_string_long(s));
+- else if (ret < 0)
+- {
+- BIO_printf(bio_err,"%s:error in %s\n",
+- str,SSL_state_string_long(s));
+- }
+- }
+- }
++ {
++ const char *str;
++ int w;
++
++ w=where& ~SSL_ST_MASK;
++
++ if (w & SSL_ST_CONNECT) str="SSL_connect";
++ else if (w & SSL_ST_ACCEPT) str="SSL_accept";
++ else str="undefined";
++
++ if (where & SSL_CB_LOOP)
++ {
++ BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
++ }
++ else if (where & SSL_CB_ALERT)
++ {
++ str=(where & SSL_CB_READ)?"read":"write";
++ BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
++ str,
++ SSL_alert_type_string_long(ret),
++ SSL_alert_desc_string_long(ret));
++ }
++ else if (where & SSL_CB_EXIT)
++ {
++ if (ret == 0)
++ BIO_printf(bio_err,"%s:failed in %s\n",
++ str,SSL_state_string_long(s));
++ else if (ret < 0)
++ {
++ BIO_printf(bio_err,"%s:error in %s\n",
++ str,SSL_state_string_long(s));
++ }
++ }
++ }
+
+ =head1 SEE ALSO
+
+ L<ssl(3)>, L<SSL_state_string(3)>,
+ L<SSL_alert_type_string(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_max_cert_list.pod b/doc/ssl/SSL_CTX_set_max_cert_list.pod
+index 080400c..482751e 100644
+--- a/doc/ssl/SSL_CTX_set_max_cert_list.pod
++++ b/doc/ssl/SSL_CTX_set_max_cert_list.pod
+@@ -70,4 +70,13 @@ set value.
+ L<ssl(3)>, L<SSL_new(3)>,
+ L<SSL_CTX_set_verify(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_min_proto_version.pod b/doc/ssl/SSL_CTX_set_min_proto_version.pod
+index 535ae83..8878514 100644
+--- a/doc/ssl/SSL_CTX_set_min_proto_version.pod
++++ b/doc/ssl/SSL_CTX_set_min_proto_version.pod
+@@ -17,7 +17,7 @@ and maximum supported protocol version
+
+ =head1 DESCRIPTION
+
+-The functions set the minimum and maximum supported portocol versions
++The functions set the minimum and maximum supported protocol versions
+ for the B<ctx> or B<ssl>.
+ This works in combination with the options set via
+ L<SSL_CTX_set_options(3)> that also make it possible to disable
+@@ -48,4 +48,13 @@ The functions were added in OpenSSL 1.1.0
+
+ L<SSL_CTX_set_options(3)>, L<SSL_CONF_cmd(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_mode.pod b/doc/ssl/SSL_CTX_set_mode.pod
+index d31c18c..1b3e783 100644
+--- a/doc/ssl/SSL_CTX_set_mode.pod
++++ b/doc/ssl/SSL_CTX_set_mode.pod
+@@ -102,4 +102,13 @@ L<ssl(3)>, L<SSL_read(3)>, L<SSL_write(3)>, L<SSL_get_error(3)>
+
+ SSL_MODE_ASYNC was first added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_msg_callback.pod b/doc/ssl/SSL_CTX_set_msg_callback.pod
+index 8f092da..9546e75 100644
+--- a/doc/ssl/SSL_CTX_set_msg_callback.pod
++++ b/doc/ssl/SSL_CTX_set_msg_callback.pod
+@@ -91,4 +91,13 @@ I<version> will be B<SSL3_VERSION>.
+
+ L<ssl(3)>, L<SSL_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_options.pod b/doc/ssl/SSL_CTX_set_options.pod
+index c132568..635b470 100644
+--- a/doc/ssl/SSL_CTX_set_options.pod
++++ b/doc/ssl/SSL_CTX_set_options.pod
+@@ -280,4 +280,13 @@ L<dhparam(1)>
+ The attempt to always try to use secure renegotiation was added in
+ Openssl 0.9.8m.
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_psk_client_callback.pod b/doc/ssl/SSL_CTX_set_psk_client_callback.pod
+index b7f574b..a417508 100644
+--- a/doc/ssl/SSL_CTX_set_psk_client_callback.pod
++++ b/doc/ssl/SSL_CTX_set_psk_client_callback.pod
+@@ -1,34 +1,5 @@
+ =pod
+
+-=begin comment
+-
+-Copyright 2005 Nokia. All rights reserved.
+-
+-The portions of the attached software ("Contribution") is developed by
+-Nokia Corporation and is licensed pursuant to the OpenSSL open source
+-license.
+-
+-The Contribution, originally written by Mika Kousa and Pasi Eronen of
+-Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+-support (see RFC 4279) to OpenSSL.
+-
+-No patent licenses or other rights except those expressly stated in
+-the OpenSSL open source license shall be deemed granted or received
+-expressly, by implication, estoppel, or otherwise.
+-
+-No assurances are provided by Nokia that the Contribution does not
+-infringe the patent or other intellectual property rights of any third
+-party or that the license provides you with all the necessary rights
+-to make use of the Contribution.
+-
+-THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+-ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+-SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+-OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+-OTHERWISE.
+-
+-=end comment
+-
+ =head1 NAME
+
+ SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback - set PSK client callback
+@@ -38,13 +9,13 @@ SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback - set PSK client ca
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+- unsigned int (*callback)(SSL *ssl, const char *hint,
+- char *identity, unsigned int max_identity_len,
+- unsigned char *psk, unsigned int max_psk_len));
++ unsigned int (*callback)(SSL *ssl, const char *hint,
++ char *identity, unsigned int max_identity_len,
++ unsigned char *psk, unsigned int max_psk_len));
+ void SSL_set_psk_client_callback(SSL *ssl,
+- unsigned int (*callback)(SSL *ssl, const char *hint,
+- char *identity, unsigned int max_identity_len,
+- unsigned char *psk, unsigned int max_psk_len));
++ unsigned int (*callback)(SSL *ssl, const char *hint,
++ char *identity, unsigned int max_identity_len,
++ unsigned char *psk, unsigned int max_psk_len));
+
+
+ =head1 DESCRIPTION
+@@ -78,4 +49,15 @@ the length (> 0) of B<psk> in bytes is returned.
+ Otherwise or on errors callback should return 0. In this case
+ the connection setup fails.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++Copyright 2005 Nokia.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_quiet_shutdown.pod b/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
+index 25bb664..d39d747 100644
+--- a/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
++++ b/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
+@@ -60,4 +60,13 @@ L<ssl(3)>, L<SSL_shutdown(3)>,
+ L<SSL_set_shutdown(3)>, L<SSL_new(3)>,
+ L<SSL_clear(3)>, L<SSL_free(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_read_ahead.pod b/doc/ssl/SSL_CTX_set_read_ahead.pod
+index 771d59d..e70db3c 100644
+--- a/doc/ssl/SSL_CTX_set_read_ahead.pod
++++ b/doc/ssl/SSL_CTX_set_read_ahead.pod
+@@ -50,4 +50,13 @@ and non zero otherwise.
+
+ L<ssl(3)>, L<SSL_pending(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_security_level.pod b/doc/ssl/SSL_CTX_set_security_level.pod
+index 2b56472..577b393 100644
+--- a/doc/ssl/SSL_CTX_set_security_level.pod
++++ b/doc/ssl/SSL_CTX_set_security_level.pod
+@@ -15,12 +15,12 @@ SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level,
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+- int (*cb)(SSL *s, SSL_CTX *ctx, int op, int bits, int nid,
+- void *other, void *ex));
++ int (*cb)(SSL *s, SSL_CTX *ctx, int op, int bits, int nid,
++ void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s,
+- int (*cb)(SSL *s, SSL_CTX *ctx, int op, int bits, int nid,
+- void *other, void *ex));
++ int (*cb)(SSL *s, SSL_CTX *ctx, int op, int bits, int nid,
++ void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex);
+@@ -105,7 +105,7 @@ shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.
+
+ =head1 APPLICATION DEFINED SECURITY CALLBACKS
+
+-TBA
++I<Documentation to be provided.>
+
+ =head1 NOTES
+
+@@ -153,12 +153,17 @@ key using SSL_CTX_use_certificate() at level 1. Applications which do not
+ check the return values for errors will misbehave: for example it might
+ appear that a certificate is not set at all because it had been rejected.
+
+-=head1 SEE ALSO
+-
+-TBA
+-
+ =head1 HISTORY
+
+ These functions were first added to OpenSSL 1.1.0
+
++=head1 COPYRIGHT
++
++Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_session_cache_mode.pod b/doc/ssl/SSL_CTX_set_session_cache_mode.pod
+index 4be9e24..a2e8266 100644
+--- a/doc/ssl/SSL_CTX_set_session_cache_mode.pod
++++ b/doc/ssl/SSL_CTX_set_session_cache_mode.pod
+@@ -26,7 +26,7 @@ SSL_CTX object is being maintained, the sessions are unique for each SSL_CTX
+ object.
+
+ In order to reuse a session, a client must send the session's id to the
+-server. It can only send exactly one id. The server then either
++server. It can only send exactly one id. The server then either
+ agrees to reuse the session or it starts a full handshake (to create a new
+ session).
+
+@@ -129,4 +129,13 @@ L<SSL_CTX_set_session_id_context(3)>,
+ L<SSL_CTX_set_timeout(3)>,
+ L<SSL_CTX_flush_sessions(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_session_id_context.pod b/doc/ssl/SSL_CTX_set_session_id_context.pod
+index 712b518..a873b03 100644
+--- a/doc/ssl/SSL_CTX_set_session_id_context.pod
++++ b/doc/ssl/SSL_CTX_set_session_id_context.pod
+@@ -80,4 +80,13 @@ The operation succeeded.
+
+ L<ssl(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_split_send_fragment.pod b/doc/ssl/SSL_CTX_set_split_send_fragment.pod
+index 9e7ab63..a1f42e2 100644
+--- a/doc/ssl/SSL_CTX_set_split_send_fragment.pod
++++ b/doc/ssl/SSL_CTX_set_split_send_fragment.pod
+@@ -58,7 +58,7 @@ explained further below. OpenSSL will only every use more than one pipeline if
+ a ciphersuite is negotiated that uses a pipeline capable cipher provided by an
+ engine.
+
+-Pipelining operates slighly differently for reading encrypted data compared to
++Pipelining operates slightly differently for reading encrypted data compared to
+ writing encrypted data. SSL_CTX_set_split_send_fragment() and
+ SSL_set_split_send_fragment() define how data is split up into pipelines when
+ writing encrypted data. The number of pipelines used will be determined by the
+@@ -124,4 +124,13 @@ functions were added in OpenSSL 1.1.0.
+
+ L<SSL_CTX_set_read_ahead(3)>, L<SSL_pending(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_ssl_version.pod b/doc/ssl/SSL_CTX_set_ssl_version.pod
+index 5bbc65e..22c0370 100644
+--- a/doc/ssl/SSL_CTX_set_ssl_version.pod
++++ b/doc/ssl/SSL_CTX_set_ssl_version.pod
+@@ -58,4 +58,13 @@ L<SSL_CTX_new(3)>, L<SSL_new(3)>,
+ L<SSL_clear(3)>, L<ssl(3)>,
+ L<SSL_set_connect_state(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_timeout.pod b/doc/ssl/SSL_CTX_set_timeout.pod
+index eb9f404..470efdf 100644
+--- a/doc/ssl/SSL_CTX_set_timeout.pod
++++ b/doc/ssl/SSL_CTX_set_timeout.pod
+@@ -56,4 +56,13 @@ L<SSL_SESSION_get_time(3)>,
+ L<SSL_CTX_flush_sessions(3)>,
+ L<SSL_get_default_timeout(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod b/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod
+index b8147ba..b403394 100644
+--- a/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod
++++ b/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod
+@@ -3,8 +3,9 @@
+ =head1 NAME
+
+ SSL_CTX_set_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg,
+-SSL_set_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp,
+-SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions
++SSL_CTX_set_tlsext_status_type, SSL_set_tlsext_status_type,
++SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP
++Certificate Status Request functions
+
+ =head1 SYNOPSIS
+
+@@ -14,6 +15,8 @@ SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions
+ int (*callback)(SSL *, void *));
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+
++ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
++
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+@@ -23,16 +26,19 @@ SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions
+
+ A client application may request that a server send back an OCSP status response
+ (also known as OCSP stapling). To do so the client should call the
+-SSL_set_tlsext_status_type() function prior to the start of the handshake.
++SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL
++objects. Alternatively an application can call the SSL_set_tlsext_status_type()
++function on an individual SSL object prior to the start of the handshake.
+ Currently the only supported type is B<TLSEXT_STATUSTYPE_ocsp>. This value
+-should be passed in the B<type> argument. The client should additionally provide
+-a callback function to decide what to do with the returned OCSP response by
+-calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine
+-whether the returned OCSP response is acceptable or not. The callback will be
+-passed as an argument the value previously set via a call to
+-SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in
+-the event of a handshake where session resumption occurs (because there are no
+-Certificates exchanged in such a handshake).
++should be passed in the B<type> argument.
++
++The client should additionally provide a callback function to decide what to do
++with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The
++callback function should determine whether the returned OCSP response is
++acceptable or not. The callback will be passed as an argument the value
++previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the
++callback will not be called in the event of a handshake where session resumption
++occurs (because there are no Certificates exchanged in such a handshake).
+
+ The response returned by the server can be obtained via a call to
+ SSL_get_tlsext_status_ocsp_resp(). The value B<*resp> will be updated to point
+@@ -64,10 +70,23 @@ returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has
+ occurred).
+
+ SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(),
+-SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on
+-error or 1 on success.
++SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and
++SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.
+
+ SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data
+ or -1 if there is no OCSP response data.
+
++=head1 HISTORY
++
++SSL_CTX_set_tlsext_status_type() was added in OpenSSL 1.1.0.
++
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod b/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
+index 3502c1c..5308ccc 100644
+--- a/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
++++ b/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
+@@ -10,13 +10,13 @@ SSL_CTX_set_tlsext_ticket_key_cb - set a callback for session ticket processing
+
+ long SSL_CTX_set_tlsext_ticket_key_cb(SSL_CTX sslctx,
+ int (*cb)(SSL *s, unsigned char key_name[16],
+- unsigned char iv[EVP_MAX_IV_LENGTH],
+- EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc));
++ unsigned char iv[EVP_MAX_IV_LENGTH],
++ EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc));
+
+ =head1 DESCRIPTION
+
+ SSL_CTX_set_tlsext_ticket_key_cb() sets a callback function I<cb> for handling
+-session tickets for the ssl context I<sslctx>. Session tickets, defined in
++session tickets for the ssl context I<sslctx>. Session tickets, defined in
+ RFC5077 provide an enhanced session resumption capability where the server
+ implementation is not required to maintain per session state. It only applies
+ to TLS and there is no SSLv3 implementation.
+@@ -26,9 +26,9 @@ session when session ticket extension is presented in the TLS hello
+ message. It is the responsibility of this function to create or retrieve the
+ cryptographic parameters and to maintain their state.
+
+-The OpenSSL library uses your callback function to help implement a common TLS
++The OpenSSL library uses your callback function to help implement a common TLS
+ ticket construction state according to RFC5077 Section 4 such that per session
+-state is unnecessary and a small set of cryptographic variables needs to be
++state is unnecessary and a small set of cryptographic variables needs to be
+ maintained by the callback function implementation.
+
+ In order to reuse a session, a TLS client must send the a session ticket
+@@ -56,7 +56,7 @@ I<ctx> should use the initialisation vector I<iv>. The cipher context can be
+ set using L<EVP_EncryptInit_ex(3)>. The hmac context can be set using
+ L<HMAC_Init_ex(3)>.
+
+-When the client presents a session ticket, the callback function with be called
++When the client presents a session ticket, the callback function with be called
+ with I<enc> set to 0 indicating that the I<cb> function should retrieve a set
+ of parameters. In this case I<name> and I<iv> have already been parsed out of
+ the session ticket. The OpenSSL library expects that the I<name> will be used
+@@ -76,7 +76,7 @@ further processing will occur. The following return values have meaning:
+
+ =item Z<>2
+
+-This indicates that the I<ctx> and I<hctx> have been set and the session can
++This indicates that the I<ctx> and I<hctx> have been set and the session can
+ continue on those parameters. Additionally it indicates that the session
+ ticket is in a renewal period and should be replaced. The OpenSSL library will
+ call I<cb> again with an enc argument of 1 to set the new ticket (see RFC5077
+@@ -84,12 +84,12 @@ call I<cb> again with an enc argument of 1 to set the new ticket (see RFC5077
+
+ =item Z<>1
+
+-This indicates that the I<ctx> and I<hctx> have been set and the session can
++This indicates that the I<ctx> and I<hctx> have been set and the session can
+ continue on those parameters.
+
+ =item Z<>0
+
+-This indicates that it was not possible to set/retrieve a session ticket and
++This indicates that it was not possible to set/retrieve a session ticket and
+ the SSL/TLS session will continue by negotiating a set of cryptographic
+ parameters or using the alternate SSL/TLS resumption mechanism, session ids.
+
+@@ -133,7 +133,7 @@ Reference Implementation:
+ if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) ) {
+ return -1; /* insufficient random */
+ }
+-
++
+ key = currentkey(); /* something that you need to implement */
+ if ( !key ) {
+ /* current key doesn't exist or isn't valid */
+@@ -146,19 +146,19 @@ Reference Implementation:
+ }
+ }
+ memcpy(key_name, key->name, 16);
+-
++
+ EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv);
+ HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
+-
++
+ return 1;
+-
++
+ } else { /* retrieve session */
+ key = findkey(name);
+-
++
+ if (!key || key->expire < now() ) {
+ return 0;
+ }
+-
++
+ HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
+ EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv );
+
+@@ -167,7 +167,7 @@ Reference Implementation:
+ return 2;
+ }
+ return 1;
+-
++
+ }
+ }
+
+@@ -186,4 +186,13 @@ L<SSL_CTX_sess_number(3)>,
+ L<SSL_CTX_sess_set_get_cb(3)>,
+ L<SSL_CTX_set_session_id_context(3)>,
+
++=head1 COPYRIGHT
++
++Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod b/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
+index 57bf211..b71450a 100644
+--- a/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
++++ b/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
+@@ -126,4 +126,13 @@ L<SSL_CTX_set_tmp_rsa_callback(3)>,
+ L<SSL_CTX_set_options(3)>,
+ L<ciphers(1)>, L<dhparam(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_set_verify.pod b/doc/ssl/SSL_CTX_set_verify.pod
+index d60bb6a..1afd548 100644
+--- a/doc/ssl/SSL_CTX_set_verify.pod
++++ b/doc/ssl/SSL_CTX_set_verify.pod
+@@ -208,7 +208,7 @@ L<SSL_get_ex_data_X509_STORE_CTX_idx(3)>).
+ preverify_ok = 0;
+ err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+ X509_STORE_CTX_set_error(ctx, err);
+- }
++ }
+ if (!preverify_ok) {
+ printf("verify error:num=%d:%s:depth=%d:%s\n", err,
+ X509_verify_cert_error_string(err), depth, buf);
+@@ -256,9 +256,9 @@ L<SSL_get_ex_data_X509_STORE_CTX_idx(3)>).
+ */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &mydata);
+-
++
+ ...
+- SSL_accept(ssl); /* check of success left out for clarity */
++ SSL_accept(ssl); /* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl))
+ {
+ if (SSL_get_verify_result(ssl) == X509_V_OK)
+@@ -278,4 +278,13 @@ L<SSL_CTX_set_cert_verify_callback(3)>,
+ L<SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
+ L<SSL_get_ex_new_index(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_use_certificate.pod b/doc/ssl/SSL_CTX_use_certificate.pod
+index 13bb277..3fd23a4 100644
+--- a/doc/ssl/SSL_CTX_use_certificate.pod
++++ b/doc/ssl/SSL_CTX_use_certificate.pod
+@@ -20,7 +20,7 @@ SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_f
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+- long len);
++ long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+@@ -67,12 +67,12 @@ SSL_use_certificate_file() loads the certificate from B<file> into B<ssl>.
+ See the NOTES section on why SSL_CTX_use_certificate_chain_file()
+ should be preferred.
+
+-SSL_CTX_use_certificate_chain_file() loads a certificate chain from
++SSL_CTX_use_certificate_chain_file() loads a certificate chain from
+ B<file> into B<ctx>. The certificates must be in PEM format and must
+ be sorted starting with the subject's certificate (actual client or server
+ certificate), followed by intermediate CA certificates if applicable, and
+ ending at the highest level (root) CA. SSL_use_certificate_chain_file() is
+-similar except it loads the cerificate chain into B<ssl>.
++similar except it loads the certificate chain into B<ssl>.
+
+ SSL_CTX_use_PrivateKey() adds B<pkey> as private key to B<ctx>.
+ SSL_CTX_use_RSAPrivateKey() adds the private key B<rsa> of type RSA
+@@ -82,7 +82,7 @@ If a certificate has already been set and the private does not belong
+ to the certificate an error is returned. To change a certificate, private
+ key pair the new certificate needs to be set with SSL_use_certificate()
+ or SSL_CTX_use_certificate() before setting the private key with
+-SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().
++SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().
+
+
+ SSL_CTX_use_PrivateKey_ASN1() adds the private key of type B<pk>
+@@ -109,14 +109,14 @@ the same check for B<ssl>. If no key/certificate was explicitly added for
+ this B<ssl>, the last item added into B<ctx> will be checked.
+
+ =head1 NOTES
+-
++
+ The internal certificate store of OpenSSL can hold several private
+ key/certificate pairs at a time. The certificate used depends on the
+ cipher selected, see also L<SSL_CTX_set_cipher_list(3)>.
+
+ When reading certificates and private keys from file, files of type
+ SSL_FILETYPE_ASN1 (also known as B<DER>, binary encoding) can only contain
+-one certificate or private key, consequently
++one certificate or private key, consequently
+ SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting.
+ Files of type SSL_FILETYPE_PEM can contain more than one item.
+
+@@ -124,7 +124,7 @@ SSL_CTX_use_certificate_chain_file() adds the first certificate found
+ in the file to the certificate store. The other certificates are added
+ to the store of chain certificates using L<SSL_CTX_add1_chain_cert(3)>. Note: versions of OpenSSL before 1.0.2 only had a single
+ certificate chain store for all certificate types, OpenSSL 1.0.2 and later
+-have a separate chain store for each type. SSL_CTX_use_certificate_chain_file()
++have a separate chain store for each type. SSL_CTX_use_certificate_chain_file()
+ should be used instead of the SSL_CTX_use_certificate_file() function in order
+ to allow the use of complete certificate chains even when no trusted CA
+ storage is used or when the CA issuing the certificate shall not be added to
+@@ -158,4 +158,13 @@ L<SSL_CTX_set_client_CA_list(3)>,
+ L<SSL_CTX_set_client_cert_cb(3)>,
+ L<SSL_CTX_add_extra_chain_cert(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_use_psk_identity_hint.pod b/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
+index 12db0da..753074a 100644
+--- a/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
++++ b/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
+@@ -1,41 +1,11 @@
+ =pod
+
+-=begin comment
+-
+-Copyright 2005 Nokia. All rights reserved.
+-
+-The portions of the attached software ("Contribution") is developed by
+-Nokia Corporation and is licensed pursuant to the OpenSSL open source
+-license.
+-
+-The Contribution, originally written by Mika Kousa and Pasi Eronen of
+-Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+-support (see RFC 4279) to OpenSSL.
+-
+-No patent licenses or other rights except those expressly stated in
+-the OpenSSL open source license shall be deemed granted or received
+-expressly, by implication, estoppel, or otherwise.
+-
+-No assurances are provided by Nokia that the Contribution does not
+-infringe the patent or other intellectual property rights of any third
+-party or that the license provides you with all the necessary rights
+-to make use of the Contribution.
+-
+-THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+-ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+-SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+-OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+-OTHERWISE.
+-
+-=end comment
+-
+ =head1 NAME
+
+ SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint,
+ SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback - set PSK
+ identity hint to use
+
+-
+ =head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+@@ -44,11 +14,11 @@ identity hint to use
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+- unsigned int (*callback)(SSL *ssl, const char *identity,
+- unsigned char *psk, int max_psk_len));
++ unsigned int (*callback)(SSL *ssl, const char *identity,
++ unsigned char *psk, int max_psk_len));
+ void SSL_set_psk_server_callback(SSL *ssl,
+- unsigned int (*callback)(SSL *ssl, const char *identity,
+- unsigned char *psk, int max_psk_len));
++ unsigned int (*callback)(SSL *ssl, const char *identity,
++ unsigned char *psk, int max_psk_len));
+
+
+ =head1 DESCRIPTION
+@@ -103,4 +73,15 @@ completely.
+
+ =back
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++Copyright 2005 Nokia.
++
+ =cut
+diff --git a/doc/ssl/SSL_CTX_use_serverinfo.pod b/doc/ssl/SSL_CTX_use_serverinfo.pod
+index 318e052..bd496ff 100644
+--- a/doc/ssl/SSL_CTX_use_serverinfo.pod
++++ b/doc/ssl/SSL_CTX_use_serverinfo.pod
+@@ -20,8 +20,8 @@ A "serverinfo" extension is returned in response to an empty ClientHello
+ Extension.
+
+ SSL_CTX_use_serverinfo() loads one or more serverinfo extensions from
+-a byte array into B<ctx>. The extensions must be concatenated into a
+-sequence of bytes. Each extension must consist of a 2-byte Extension Type,
++a byte array into B<ctx>. The extensions must be concatenated into a
++sequence of bytes. Each extension must consist of a 2-byte Extension Type,
+ a 2-byte length, and then length bytes of extension_data.
+
+ SSL_CTX_use_serverinfo_file() loads one or more serverinfo extensions from
+@@ -30,7 +30,13 @@ must consist of a 2-byte Extension Type, a 2-byte length, and then length
+ bytes of extension_data. Each PEM extension name must begin with the phrase
+ "BEGIN SERVERINFO FOR ".
+
+-=head1 NOTES
++If more than one certificate (RSA/DSA) is installed using
++SSL_CTX_use_certificate(), the serverinfo extension will be loaded into the
++last certificate installed. If e.g. the last item was a RSA certificate, the
++loaded serverinfo extension data will be loaded for that certificate. To
++use the serverinfo extension for multiple certificates,
++SSL_CTX_use_serverinfo() needs to be called multiple times, once B<after>
++each time a certificate is loaded.
+
+ =head1 RETURN VALUES
+
+@@ -38,9 +44,13 @@ On success, the functions return 1.
+ On failure, the functions return 0. Check out the error stack to find out
+ the reason.
+
+-=head1 SEE ALSO
++=head1 COPYRIGHT
+
+-=head1 HISTORY
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
+
+ =cut
+diff --git a/doc/ssl/SSL_SESSION_free.pod b/doc/ssl/SSL_SESSION_free.pod
+index 5791da1..1906510 100644
+--- a/doc/ssl/SSL_SESSION_free.pod
++++ b/doc/ssl/SSL_SESSION_free.pod
+@@ -53,4 +53,13 @@ L<SSL_CTX_set_session_cache_mode(3)>,
+ L<SSL_CTX_flush_sessions(3)>,
+ L<d2i_SSL_SESSION(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_SESSION_get_hostname.pod b/doc/ssl/SSL_SESSION_get_hostname.pod
+index 8b739e3..6fb12be 100644
+--- a/doc/ssl/SSL_SESSION_get_hostname.pod
++++ b/doc/ssl/SSL_SESSION_get_hostname.pod
+@@ -25,4 +25,13 @@ L<d2i_SSL_SESSION(3)>,
+ L<SSL_SESSION_get_time(3)>,
+ L<SSL_SESSION_free(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_SESSION_get_time.pod b/doc/ssl/SSL_SESSION_get_time.pod
+index dbbf7bf..1dd25da 100644
+--- a/doc/ssl/SSL_SESSION_get_time.pod
++++ b/doc/ssl/SSL_SESSION_get_time.pod
+@@ -52,7 +52,7 @@ valid values.
+
+ SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.
+
+-If any of the function is passed the NULL pointer for the session B<s>,
++If any of the function is passed the NULL pointer for the session B<s>,
+ 0 is returned.
+
+ =head1 SEE ALSO
+@@ -61,4 +61,13 @@ L<ssl(3)>,
+ L<SSL_CTX_set_timeout(3)>,
+ L<SSL_get_default_timeout(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_SESSION_has_ticket.pod b/doc/ssl/SSL_SESSION_has_ticket.pod
+index 92d261f..58f8e08 100644
+--- a/doc/ssl/SSL_SESSION_has_ticket.pod
++++ b/doc/ssl/SSL_SESSION_has_ticket.pod
+@@ -39,4 +39,13 @@ L<SSL_SESSION_free(3)>
+ SSL_SESSION_has_ticket, SSL_SESSION_get_ticket_lifetime_hint and
+ SSL_SESSION_get0_ticket were added in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_accept.pod b/doc/ssl/SSL_accept.pod
+index a827fb5..3248cac 100644
+--- a/doc/ssl/SSL_accept.pod
++++ b/doc/ssl/SSL_accept.pod
+@@ -18,7 +18,7 @@ B<ssl> by setting an underlying B<BIO>.
+
+ =head1 NOTES
+
+-The behaviour of SSL_accept() depends on the underlying BIO.
++The behaviour of SSL_accept() depends on the underlying BIO.
+
+ If the underlying BIO is B<blocking>, SSL_accept() will only return once the
+ handshake has been finished or an error occurred.
+@@ -70,4 +70,13 @@ L<SSL_set_connect_state(3)>,
+ L<SSL_do_handshake(3)>,
+ L<SSL_CTX_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_alert_type_string.pod b/doc/ssl/SSL_alert_type_string.pod
+index c61b61b..6e2768e 100644
+--- a/doc/ssl/SSL_alert_type_string.pod
++++ b/doc/ssl/SSL_alert_type_string.pod
+@@ -217,7 +217,7 @@ point. This message is always a warning.
+ =item "UP"/"unknown PSK identity"
+
+ Sent by the server to indicate that it does not recognize a PSK
+-identity or an SRP identity.
++identity or an SRP identity.
+
+ =item "UK"/"unknown"
+
+@@ -230,4 +230,13 @@ Probably B<value> does not contain a correct alert message.
+
+ L<ssl(3)>, L<SSL_CTX_set_info_callback(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_check_chain.pod b/doc/ssl/SSL_check_chain.pod
+index da6d8ab..8691994 100644
+--- a/doc/ssl/SSL_check_chain.pod
++++ b/doc/ssl/SSL_check_chain.pod
+@@ -82,4 +82,13 @@ for earlier versions of TLS or DTLS.
+ L<SSL_CTX_set_cert_cb(3)>,
+ L<ssl(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_clear.pod b/doc/ssl/SSL_clear.pod
+index 9a760b5..ed0ad60 100644
+--- a/doc/ssl/SSL_clear.pod
++++ b/doc/ssl/SSL_clear.pod
+@@ -72,4 +72,13 @@ L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,
+ L<SSL_CTX_set_options(3)>, L<ssl(3)>,
+ L<SSL_CTX_set_client_cert_cb(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_connect.pod b/doc/ssl/SSL_connect.pod
+index 8101d4d..df198f9 100644
+--- a/doc/ssl/SSL_connect.pod
++++ b/doc/ssl/SSL_connect.pod
+@@ -18,7 +18,7 @@ underlying B<BIO>.
+
+ =head1 NOTES
+
+-The behaviour of SSL_connect() depends on the underlying BIO.
++The behaviour of SSL_connect() depends on the underlying BIO.
+
+ If the underlying BIO is B<blocking>, SSL_connect() will only return once the
+ handshake has been finished or an error occurred.
+@@ -70,4 +70,13 @@ L<SSL_set_connect_state(3)>,
+ L<SSL_do_handshake(3)>,
+ L<SSL_CTX_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_do_handshake.pod b/doc/ssl/SSL_do_handshake.pod
+index 01b71ae..ffb71cc 100644
+--- a/doc/ssl/SSL_do_handshake.pod
++++ b/doc/ssl/SSL_do_handshake.pod
+@@ -69,4 +69,13 @@ L<SSL_get_error(3)>, L<SSL_connect(3)>,
+ L<SSL_accept(3)>, L<ssl(3)>, L<bio(3)>,
+ L<SSL_set_connect_state(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_free.pod b/doc/ssl/SSL_free.pod
+index 2715443..eb69a16 100644
+--- a/doc/ssl/SSL_free.pod
++++ b/doc/ssl/SSL_free.pod
+@@ -42,4 +42,13 @@ L<SSL_new(3)>, L<SSL_clear(3)>,
+ L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,
+ L<ssl(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get0_peer_scts.pod b/doc/ssl/SSL_get0_peer_scts.pod
+index f14ba17..05d39fe 100644
+--- a/doc/ssl/SSL_get0_peer_scts.pod
++++ b/doc/ssl/SSL_get0_peer_scts.pod
+@@ -33,4 +33,13 @@ SSL_get0_peer_scts() returns a list of SCTs found, or NULL if an error occurs.
+ L<ssl(3)>,
+ L<SSL_CTX_set_ct_validation_callback(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_SSL_CTX.pod b/doc/ssl/SSL_get_SSL_CTX.pod
+index ed3a3b2..98b9bc6 100644
+--- a/doc/ssl/SSL_get_SSL_CTX.pod
++++ b/doc/ssl/SSL_get_SSL_CTX.pod
+@@ -23,4 +23,13 @@ The pointer to the SSL_CTX object is returned.
+
+ L<ssl(3)>, L<SSL_new(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_all_async_fds.pod b/doc/ssl/SSL_get_all_async_fds.pod
+index a5064e2..deb81e1 100644
+--- a/doc/ssl/SSL_get_all_async_fds.pod
++++ b/doc/ssl/SSL_get_all_async_fds.pod
+@@ -62,4 +62,13 @@ L<SSL_get_error(3)>, L<SSL_CTX_set_mode(3)>
+ SSL_waiting_for_async(), SSL_get_all_async_fds() and SSL_get_changed_async_fds()
+ were first added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_ciphers.pod b/doc/ssl/SSL_get_ciphers.pod
+index a017392..190e679 100644
+--- a/doc/ssl/SSL_get_ciphers.pod
++++ b/doc/ssl/SSL_get_ciphers.pod
+@@ -70,4 +70,13 @@ See DESCRIPTION
+ L<ssl(3)>, L<SSL_CTX_set_cipher_list(3)>,
+ L<SSL_CIPHER_get_name(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_client_CA_list.pod b/doc/ssl/SSL_get_client_CA_list.pod
+index 62be122..b6092fe 100644
+--- a/doc/ssl/SSL_get_client_CA_list.pod
++++ b/doc/ssl/SSL_get_client_CA_list.pod
+@@ -9,7 +9,7 @@ SSL_get_client_CA_list, SSL_CTX_get_client_CA_list - get list of client CAs
+ #include <openssl/ssl.h>
+
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+- STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
++ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+
+ =head1 DESCRIPTION
+
+@@ -50,4 +50,13 @@ L<ssl(3)>,
+ L<SSL_CTX_set_client_CA_list(3)>,
+ L<SSL_CTX_set_client_cert_cb(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_client_random.pod b/doc/ssl/SSL_get_client_random.pod
+index 3db5a26..46a2aa3 100644
+--- a/doc/ssl/SSL_get_client_random.pod
++++ b/doc/ssl/SSL_get_client_random.pod
+@@ -41,7 +41,7 @@ details.
+
+ Despite the names of SSL_get_client_random() and SSL_get_server_random(), they
+ ARE NOT random number generators. Instead, they return the mostly-random values that
+-were already generated and used in the TLS protoccol. Using them
++were already generated and used in the TLS protocol. Using them
+ in place of RAND_bytes() would be grossly foolish.
+
+ The security of your TLS session depends on keeping the master key secret:
+@@ -76,4 +76,13 @@ L<RAND_bytes(3)>,
+ L<SSL_export_keying_material(3)>
+
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_current_cipher.pod b/doc/ssl/SSL_get_current_cipher.pod
+index 9151203..0fdf60f 100644
+--- a/doc/ssl/SSL_get_current_cipher.pod
++++ b/doc/ssl/SSL_get_current_cipher.pod
+@@ -27,7 +27,7 @@ the B<ssl> object.
+
+ SSL_get_cipher() and SSL_get_cipher_name() are identical macros to obtain the
+ name of the currently used cipher. SSL_get_cipher_bits() is a
+-macro to obtain the number of secret/algorithm bits used and
++macro to obtain the number of secret/algorithm bits used and
+ SSL_get_cipher_version() returns the protocol name.
+ See L<SSL_CIPHER_get_name(3)> for more details.
+
+@@ -40,4 +40,13 @@ no session has been established.
+
+ L<ssl(3)>, L<SSL_CIPHER_get_name(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_default_timeout.pod b/doc/ssl/SSL_get_default_timeout.pod
+index 9bde222..875d38a 100644
+--- a/doc/ssl/SSL_get_default_timeout.pod
++++ b/doc/ssl/SSL_get_default_timeout.pod
+@@ -38,4 +38,13 @@ L<SSL_SESSION_get_time(3)>,
+ L<SSL_CTX_flush_sessions(3)>,
+ L<SSL_get_default_timeout(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_error.pod b/doc/ssl/SSL_get_error.pod
+index 271f849..ddd72f7 100644
+--- a/doc/ssl/SSL_get_error.pod
++++ b/doc/ssl/SSL_get_error.pod
+@@ -95,9 +95,19 @@ using L<SSL_CTX_set_mode(3)> or L<SSL_set_mode(3)> and an asynchronous capable
+ engine is being used. An application can determine whether the engine has
+ completed its processing using select() or poll() on the asynchronous wait file
+ descriptor. This file descriptor is available by calling
+-L<SSL_get_async_wait_fd(3)>. The TLS/SSL I/O function should be called again
+-later. The function B<must> be called from the same thread that the original
+-call was made from.
++L<SSL_get_all_async_fds(3)> or L<SSL_get_changed_async_fds(3)>. The TLS/SSL I/O
++function should be called again later. The function B<must> be called from the
++same thread that the original call was made from.
++
++=item SSL_ERROR_WANT_ASYNC_JOB
++
++The asynchronous job could not be started because there were no async jobs
++available in the pool (see ASYNC_init_thread(3)). This will only occur if the
++mode has been set to SSL_MODE_ASYNC using L<SSL_CTX_set_mode(3)> or
++L<SSL_set_mode(3)> and a maximum limit has been set on the async job pool
++through a call to L<ASYNC_init_thread(3)>. The application should retry the
++operation after a currently executing asynchronous operation for the current
++thread has completed.
+
+ =item SSL_ERROR_SYSCALL
+
+@@ -123,4 +133,13 @@ L<ssl(3)>, L<err(3)>
+
+ SSL_ERROR_WANT_ASYNC was added in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_extms_support.pod b/doc/ssl/SSL_get_extms_support.pod
+index ecfd090..ba4de3a 100644
+--- a/doc/ssl/SSL_get_extms_support.pod
++++ b/doc/ssl/SSL_get_extms_support.pod
+@@ -28,4 +28,13 @@ was used.
+
+ L<ssl(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_fd.pod b/doc/ssl/SSL_get_fd.pod
+index 8895747..cd5b6ec 100644
+--- a/doc/ssl/SSL_get_fd.pod
++++ b/doc/ssl/SSL_get_fd.pod
+@@ -41,4 +41,13 @@ The file descriptor linked to B<ssl>.
+
+ L<SSL_set_fd(3)>, L<ssl(3)> , L<bio(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_peer_cert_chain.pod b/doc/ssl/SSL_get_peer_cert_chain.pod
+index 1320bcb..2e4f1e4 100644
+--- a/doc/ssl/SSL_get_peer_cert_chain.pod
++++ b/doc/ssl/SSL_get_peer_cert_chain.pod
+@@ -65,4 +65,13 @@ The return value points to the certificate chain presented by the peer.
+ L<ssl(3)>, L<SSL_get_peer_certificate(3)>, L<X509_up_ref(3)>,
+ L<X509_chain_up_ref(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_peer_certificate.pod b/doc/ssl/SSL_get_peer_certificate.pod
+index c605a7c..57ed272 100644
+--- a/doc/ssl/SSL_get_peer_certificate.pod
++++ b/doc/ssl/SSL_get_peer_certificate.pod
+@@ -52,4 +52,13 @@ The return value points to the certificate presented by the peer.
+ L<ssl(3)>, L<SSL_get_verify_result(3)>,
+ L<SSL_CTX_set_verify(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_psk_identity.pod b/doc/ssl/SSL_get_psk_identity.pod
+index fe62916..d330eee 100644
+--- a/doc/ssl/SSL_get_psk_identity.pod
++++ b/doc/ssl/SSL_get_psk_identity.pod
+@@ -1,39 +1,9 @@
+ =pod
+
+-=begin comment
+-
+-Copyright 2005 Nokia. All rights reserved.
+-
+-The portions of the attached software ("Contribution") is developed by
+-Nokia Corporation and is licensed pursuant to the OpenSSL open source
+-license.
+-
+-The Contribution, originally written by Mika Kousa and Pasi Eronen of
+-Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+-support (see RFC 4279) to OpenSSL.
+-
+-No patent licenses or other rights except those expressly stated in
+-the OpenSSL open source license shall be deemed granted or received
+-expressly, by implication, estoppel, or otherwise.
+-
+-No assurances are provided by Nokia that the Contribution does not
+-infringe the patent or other intellectual property rights of any third
+-party or that the license provides you with all the necessary rights
+-to make use of the Contribution.
+-
+-THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+-ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+-SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+-OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+-OTHERWISE.
+-
+-=end comment
+-
+ =head1 NAME
+
+ SSL_get_psk_identity, SSL_get_psk_identity_hint - get PSK client identity and hint
+
+-
+ =head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+@@ -60,4 +30,15 @@ no PSK identity hint was used during the connection setup.
+ Note that the return value is valid only during the lifetime of the
+ SSL object B<ssl>.
+
++=head1 COPYRIGHT
++
++Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++Copyright 2005 Nokia.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_rbio.pod b/doc/ssl/SSL_get_rbio.pod
+index 4e91ce0..5ac4ca2 100644
+--- a/doc/ssl/SSL_get_rbio.pod
++++ b/doc/ssl/SSL_get_rbio.pod
+@@ -37,4 +37,13 @@ The BIO linked to B<ssl>.
+
+ L<SSL_set_bio(3)>, L<ssl(3)> , L<bio(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_session.pod b/doc/ssl/SSL_get_session.pod
+index d8aa705..99936ad 100644
+--- a/doc/ssl/SSL_get_session.pod
++++ b/doc/ssl/SSL_get_session.pod
+@@ -70,4 +70,13 @@ L<ssl(3)>, L<SSL_free(3)>,
+ L<SSL_clear(3)>,
+ L<SSL_SESSION_free(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_shared_sigalgs.pod b/doc/ssl/SSL_get_shared_sigalgs.pod
+index ad305e6..6a70e90 100644
+--- a/doc/ssl/SSL_get_shared_sigalgs.pod
++++ b/doc/ssl/SSL_get_shared_sigalgs.pod
+@@ -65,7 +65,7 @@ The NIDs are OpenSSL equivalents. For example if the peer sent sha256(4) and
+ rsa(1) then B<*rhash> would be 4, B<*rsign> 1, B<*phash> NID_sha256, B<*psig>
+ NID_rsaEncryption and B<*psighash> NID_sha256WithRSAEncryption.
+
+-If a signature algorithm is not recognised the corresponsing NIDs
++If a signature algorithm is not recognised the corresponding NIDs
+ will be set to B<NID_undef>. This may be because the value is not supported
+ or is not an appropriate combination (for example MD5 and DSA).
+
+@@ -74,4 +74,13 @@ or is not an appropriate combination (for example MD5 and DSA).
+ L<SSL_CTX_set_cert_cb(3)>,
+ L<ssl(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_verify_result.pod b/doc/ssl/SSL_get_verify_result.pod
+index 8b25eb2..3b8b657 100644
+--- a/doc/ssl/SSL_get_verify_result.pod
++++ b/doc/ssl/SSL_get_verify_result.pod
+@@ -54,4 +54,13 @@ L<ssl(3)>, L<SSL_set_verify_result(3)>,
+ L<SSL_get_peer_certificate(3)>,
+ L<verify(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_get_version.pod b/doc/ssl/SSL_get_version.pod
+index e0c7034..8d4416f 100644
+--- a/doc/ssl/SSL_get_version.pod
++++ b/doc/ssl/SSL_get_version.pod
+@@ -47,4 +47,13 @@ This indicates that no version has been set (no connection established).
+
+ L<ssl(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_library_init.pod b/doc/ssl/SSL_library_init.pod
+index c872858..57b65d5 100644
+--- a/doc/ssl/SSL_library_init.pod
++++ b/doc/ssl/SSL_library_init.pod
+@@ -21,7 +21,7 @@ OpenSSL_add_ssl_algorithms() is a synonym for SSL_library_init().
+ =head1 NOTES
+
+ SSL_library_init() must be called before any other action takes place.
+-SSL_library_init() is not reentrant.
++SSL_library_init() is not reentrant.
+
+ =head1 WARNING
+
+@@ -43,4 +43,13 @@ L<RAND_add(3)>
+ The SSL_library_init() and OpenSSL_add_ssl_algorithms() functions were
+ deprecated in OpenSSL 1.1.0 by OPENSSL_init_ssl().
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_load_client_CA_file.pod b/doc/ssl/SSL_load_client_CA_file.pod
+index f9da0c2..cc6a19c 100644
+--- a/doc/ssl/SSL_load_client_CA_file.pod
++++ b/doc/ssl/SSL_load_client_CA_file.pod
+@@ -30,7 +30,7 @@ Load names of CAs from file and use it as a client CA list:
+ SSL_CTX *ctx;
+ STACK_OF(X509_NAME) *cert_names;
+
+- ...
++ ...
+ cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
+ if (cert_names != NULL)
+ SSL_CTX_set_client_CA_list(ctx, cert_names);
+@@ -59,4 +59,13 @@ Pointer to the subject names of the successfully read certificates.
+ L<ssl(3)>,
+ L<SSL_CTX_set_client_CA_list(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_new.pod b/doc/ssl/SSL_new.pod
+index f0e0795..a5a3ff9 100644
+--- a/doc/ssl/SSL_new.pod
++++ b/doc/ssl/SSL_new.pod
+@@ -9,7 +9,7 @@ SSL_new, SSL_up_ref - create a new SSL structure for a connection
+ #include <openssl/ssl.h>
+
+ SSL *SSL_new(SSL_CTX *ctx);
+- void SSL_up_ref(SSL *s);
++ int SSL_up_ref(SSL *s);
+
+ =head1 DESCRIPTION
+
+@@ -38,6 +38,8 @@ find out the reason.
+
+ The return value points to an allocated SSL structure.
+
++SSL_up_ref() returns 1 for success and 0 for failure.
++
+ =back
+
+ =head1 SEE ALSO
+@@ -47,4 +49,13 @@ L<SSL_CTX_set_options(3)>,
+ L<SSL_get_SSL_CTX(3)>,
+ L<ssl(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_pending.pod b/doc/ssl/SSL_pending.pod
+index d247fa3..f6ed565 100644
+--- a/doc/ssl/SSL_pending.pod
++++ b/doc/ssl/SSL_pending.pod
+@@ -56,4 +56,13 @@ L<SSL_CTX_set_split_send_fragment(3)>, L<ssl(3)>
+
+ The SSL_has_pending() function was added in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod
+index e0a9bd4..a3cbe4e 100644
+--- a/doc/ssl/SSL_read.pod
++++ b/doc/ssl/SSL_read.pod
+@@ -22,7 +22,7 @@ not already explicitly performed by L<SSL_connect(3)> or
+ L<SSL_accept(3)>. If the
+ peer requests a re-negotiation, it will be performed transparently during
+ the SSL_read() operation. The behaviour of SSL_read() depends on the
+-underlying BIO.
++underlying BIO.
+
+ For the transparent negotiation to succeed, the B<ssl> must have been
+ initialized to client or server mode. This is being done by calling
+@@ -47,7 +47,7 @@ record is complete and SSL_read() can succeed.
+
+ If the underlying BIO is B<blocking>, SSL_read() will only return, once the
+ read operation has been finished or an error occurred, except when a
+-renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur.
++renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur.
+ This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
+ L<SSL_CTX_set_mode(3)> call.
+
+@@ -116,4 +116,13 @@ L<SSL_pending(3)>,
+ L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,
+ L<ssl(3)>, L<bio(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_rstate_string.pod b/doc/ssl/SSL_rstate_string.pod
+index 7309483..7775913 100644
+--- a/doc/ssl/SSL_rstate_string.pod
++++ b/doc/ssl/SSL_rstate_string.pod
+@@ -56,4 +56,13 @@ The read state is unknown. This should never happen.
+
+ L<ssl(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_session_reused.pod b/doc/ssl/SSL_session_reused.pod
+index 4a738fa..eda66b2 100644
+--- a/doc/ssl/SSL_session_reused.pod
++++ b/doc/ssl/SSL_session_reused.pod
+@@ -42,4 +42,13 @@ A session was reused.
+ L<ssl(3)>, L<SSL_set_session(3)>,
+ L<SSL_CTX_set_session_cache_mode(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_set1_host.pod b/doc/ssl/SSL_set1_host.pod
+index 0ef2448..b77d41f 100644
+--- a/doc/ssl/SSL_set1_host.pod
++++ b/doc/ssl/SSL_set1_host.pod
+@@ -2,8 +2,8 @@
+
+ =head1 NAME
+
+- SSL_set1_host, SSL_add1_host, SSL_set_hostflags, SSL_get0_peername -
+- SSL server verification parameters
++SSL_set1_host, SSL_add1_host, SSL_set_hostflags, SSL_get0_peername -
++SSL server verification parameters
+
+ =head1 SYNOPSIS
+
+@@ -72,8 +72,6 @@ applicable (as with RFC7671 DANE-EE(3)), or no trusted peername was
+ matched. Otherwise, it returns the matched peername. To determine
+ whether verification succeeded call L<SSL_get_verify_result(3)>.
+
+-=head1 NOTES
+-
+ =head1 EXAMPLE
+
+ Suppose "smtp.example.com" is the MX host of the domain "example.com".
+@@ -112,4 +110,13 @@ L<SSL_dane_enable(3)>.
+
+ These functions were first added to OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_set_bio.pod b/doc/ssl/SSL_set_bio.pod
+index 3e87ee1..6d16233 100644
+--- a/doc/ssl/SSL_set_bio.pod
++++ b/doc/ssl/SSL_set_bio.pod
+@@ -40,4 +40,13 @@ L<SSL_shutdown(3)>, L<ssl(3)>, L<bio(3)>
+
+ SSL_set_rbio() and SSL_set_wbio() were added in OpenSSL 1.1.0.
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_set_connect_state.pod b/doc/ssl/SSL_set_connect_state.pod
+index 4c3626c..60c18a4 100644
+--- a/doc/ssl/SSL_set_connect_state.pod
++++ b/doc/ssl/SSL_set_connect_state.pod
+@@ -52,4 +52,13 @@ L<SSL_write(3)>, L<SSL_read(3)>,
+ L<SSL_do_handshake(3)>,
+ L<SSL_CTX_set_ssl_version(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_set_fd.pod b/doc/ssl/SSL_set_fd.pod
+index faf1d17..e1f9988 100644
+--- a/doc/ssl/SSL_set_fd.pod
++++ b/doc/ssl/SSL_set_fd.pod
+@@ -51,4 +51,13 @@ L<SSL_get_fd(3)>, L<SSL_set_bio(3)>,
+ L<SSL_connect(3)>, L<SSL_accept(3)>,
+ L<SSL_shutdown(3)>, L<ssl(3)> , L<bio(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_set_session.pod b/doc/ssl/SSL_set_session.pod
+index c9e31c4..0a8a208 100644
+--- a/doc/ssl/SSL_set_session.pod
++++ b/doc/ssl/SSL_set_session.pod
+@@ -54,4 +54,13 @@ L<SSL_get_session(3)>,
+ L<SSL_session_reused(3)>,
+ L<SSL_CTX_set_session_cache_mode(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_set_shutdown.pod b/doc/ssl/SSL_set_shutdown.pod
+index 91d7697..ecdf60c 100644
+--- a/doc/ssl/SSL_set_shutdown.pod
++++ b/doc/ssl/SSL_set_shutdown.pod
+@@ -69,4 +69,13 @@ L<ssl(3)>, L<SSL_shutdown(3)>,
+ L<SSL_CTX_set_quiet_shutdown(3)>,
+ L<SSL_clear(3)>, L<SSL_free(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_set_verify_result.pod b/doc/ssl/SSL_set_verify_result.pod
+index 2c6d0b4..8738d78 100644
+--- a/doc/ssl/SSL_set_verify_result.pod
++++ b/doc/ssl/SSL_set_verify_result.pod
+@@ -35,4 +35,13 @@ L<ssl(3)>, L<SSL_get_verify_result(3)>,
+ L<SSL_get_peer_certificate(3)>,
+ L<verify(1)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_shutdown.pod b/doc/ssl/SSL_shutdown.pod
+index 169079a..e8ec454 100644
+--- a/doc/ssl/SSL_shutdown.pod
++++ b/doc/ssl/SSL_shutdown.pod
+@@ -12,7 +12,7 @@ SSL_shutdown - shut down a TLS/SSL connection
+
+ =head1 DESCRIPTION
+
+-SSL_shutdown() shuts down an active TLS/SSL connection. It sends the
++SSL_shutdown() shuts down an active TLS/SSL connection. It sends the
+ "close notify" shutdown alert to the peer.
+
+ =head1 NOTES
+@@ -62,7 +62,7 @@ It is therefore recommended, to check the return value of SSL_shutdown()
+ and call SSL_shutdown() again, if the bidirectional shutdown is not yet
+ complete (return value of the first call is 0).
+
+-The behaviour of SSL_shutdown() additionally depends on the underlying BIO.
++The behaviour of SSL_shutdown() additionally depends on the underlying BIO.
+
+ If the underlying BIO is B<blocking>, SSL_shutdown() will only return once the
+ handshake step has been finished or an error occurred.
+@@ -120,4 +120,13 @@ L<SSL_CTX_set_quiet_shutdown(3)>,
+ L<SSL_clear(3)>, L<SSL_free(3)>,
+ L<ssl(3)>, L<bio(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_state_string.pod b/doc/ssl/SSL_state_string.pod
+index 0d2ba61..a2f59e8 100644
+--- a/doc/ssl/SSL_state_string.pod
++++ b/doc/ssl/SSL_state_string.pod
+@@ -42,4 +42,13 @@ Detailed description of possible states to be included later.
+
+ L<ssl(3)>, L<SSL_CTX_set_info_callback(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_want.pod b/doc/ssl/SSL_want.pod
+index e8b426c..e179d6b 100644
+--- a/doc/ssl/SSL_want.pod
++++ b/doc/ssl/SSL_want.pod
+@@ -2,7 +2,9 @@
+
+ =head1 NAME
+
+-SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup - obtain state information TLS/SSL I/O operation
++SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup,
++SSL_want_async, SSL_want_async_job - obtain state information TLS/SSL I/O
++operation
+
+ =head1 SYNOPSIS
+
+@@ -13,6 +15,8 @@ SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
++ int SSL_want_async(const SSL *ssl);
++ int SSL_want_async_job(const SSL *ssl);
+
+ =head1 DESCRIPTION
+
+@@ -65,13 +69,35 @@ SSL_CTX_set_client_cert_cb() has asked to be called again.
+ A call to L<SSL_get_error(3)> should return
+ SSL_ERROR_WANT_X509_LOOKUP.
+
++=item SSL_ASYNC_PAUSED
++
++An asynchronous operation partially completed and was then paused. See
++L<SSL_get_all_async_fds(3)>. A call to L<SSL_get_error(3)> should return
++SSL_ERROR_WANT_ASYNC.
++
++=item SSL_ASYNC_NO_JOBS
++
++The asynchronous job could not be started because there were no async jobs
++available in the pool (see ASYNC_init_thread(3)). A call to L<SSL_get_error(3)>
++should return SSL_ERROR_WANT_ASYNC_JOB.
++
+ =back
+
+-SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup()
+-return 1, when the corresponding condition is true or 0 otherwise.
++SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup(),
++SSL_want_async() and SSL_want_async_job() return 1, when the corresponding
++condition is true or 0 otherwise.
+
+ =head1 SEE ALSO
+
+ L<ssl(3)>, L<err(3)>, L<SSL_get_error(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod
+index 1fff854..671796b 100644
+--- a/doc/ssl/SSL_write.pod
++++ b/doc/ssl/SSL_write.pod
+@@ -22,7 +22,7 @@ not already explicitly performed by L<SSL_connect(3)> or
+ L<SSL_accept(3)>. If the
+ peer requests a re-negotiation, it will be performed transparently during
+ the SSL_write() operation. The behaviour of SSL_write() depends on the
+-underlying BIO.
++underlying BIO.
+
+ For the transparent negotiation to succeed, the B<ssl> must have been
+ initialized to client or server mode. This is being done by calling
+@@ -31,7 +31,7 @@ before the first call to an L<SSL_read(3)> or SSL_write() function.
+
+ If the underlying BIO is B<blocking>, SSL_write() will only return, once the
+ write operation has been finished or an error occurred, except when a
+-renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur.
++renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur.
+ This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
+ L<SSL_CTX_set_mode(3)> call.
+
+@@ -102,4 +102,13 @@ L<SSL_connect(3)>, L<SSL_accept(3)>
+ L<SSL_set_connect_state(3)>,
+ L<ssl(3)>, L<bio(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/d2i_SSL_SESSION.pod b/doc/ssl/d2i_SSL_SESSION.pod
+index 985d158..628c7e4 100644
+--- a/doc/ssl/d2i_SSL_SESSION.pod
++++ b/doc/ssl/d2i_SSL_SESSION.pod
+@@ -73,4 +73,13 @@ When the session is not valid, B<0> is returned and no operation is performed.
+ L<ssl(3)>, L<SSL_SESSION_free(3)>,
+ L<SSL_CTX_sess_set_get_cb(3)>
+
++=head1 COPYRIGHT
++
++Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
+ =cut
+diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod
+index 7e2cd85..ee14781 100644
+--- a/doc/ssl/ssl.pod
++++ b/doc/ssl/ssl.pod
+@@ -1,12 +1,9 @@
+-
+ =pod
+
+ =head1 NAME
+
+ SSL - OpenSSL SSL/TLS library
+
+-=head1 SYNOPSIS
+-
+ =head1 DESCRIPTION
+
+ The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and
+@@ -111,7 +108,7 @@ it's already included by ssl.h>.
+ Currently the OpenSSL B<ssl> library exports 214 API functions.
+ They are documented in the following:
+
+-=head2 DEALING WITH PROTOCOL METHODS
++=head2 Dealing with Protocol Methods
+
+ Here we document the various API functions which deal with the SSL/TLS
+ protocol methods defined in B<SSL_METHOD> structures.
+@@ -182,7 +179,7 @@ Constructor for the SSLv3 SSL_METHOD structure for servers.
+
+ =back
+
+-=head2 DEALING WITH CIPHERS
++=head2 Dealing with Ciphers
+
+ Here we document the various API functions which deal with the SSL/TLS
+ ciphers defined in B<SSL_CIPHER> structures.
+@@ -214,7 +211,7 @@ in the specification the first time).
+
+ =back
+
+-=head2 DEALING WITH PROTOCOL CONTEXTS
++=head2 Dealing with Protocol Contexts
+
+ Here we document the various API functions which deal with the SSL/TLS
+ protocol context defined in the B<SSL_CTX> structure.
+@@ -265,13 +262,13 @@ protocol context defined in the B<SSL_CTX> structure.
+
+ =item int B<SSL_CTX_get_verify_mode>(SSL_CTX *ctx);
+
+-=item int B<SSL_CTX_load_verify_locations>(SSL_CTX *ctx, char *CAfile, char *CApath);
++=item int B<SSL_CTX_load_verify_locations>(SSL_CTX *ctx, const char *CAfile, const char *CApath);
+
+ =item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx);
+
+ =item SSL_CTX *B<SSL_CTX_new>(const SSL_METHOD *meth);
+
+-=item void SSL_CTX_up_ref(SSL_CTX *ctx);
++=item int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ =item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c);
+
+@@ -380,19 +377,19 @@ Use the file path to locate trusted CA certificates.
+
+ =item int B<SSL_CTX_use_PrivateKey_ASN1>(int type, SSL_CTX *ctx, unsigned char *d, long len);
+
+-=item int B<SSL_CTX_use_PrivateKey_file>(SSL_CTX *ctx, char *file, int type);
++=item int B<SSL_CTX_use_PrivateKey_file>(SSL_CTX *ctx, const char *file, int type);
+
+ =item int B<SSL_CTX_use_RSAPrivateKey>(SSL_CTX *ctx, RSA *rsa);
+
+ =item int B<SSL_CTX_use_RSAPrivateKey_ASN1>(SSL_CTX *ctx, unsigned char *d, long len);
+
+-=item int B<SSL_CTX_use_RSAPrivateKey_file>(SSL_CTX *ctx, char *file, int type);
++=item int B<SSL_CTX_use_RSAPrivateKey_file>(SSL_CTX *ctx, const char *file, int type);
+
+ =item int B<SSL_CTX_use_certificate>(SSL_CTX *ctx, X509 *x);
+
+ =item int B<SSL_CTX_use_certificate_ASN1>(SSL_CTX *ctx, int len, unsigned char *d);
+
+-=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type);
++=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, const char *file, int type);
+
+ =item X509 *B<SSL_CTX_get0_certificate>(const SSL_CTX *ctx);
+
+@@ -405,11 +402,9 @@ Use the file path to locate trusted CA certificates.
+ =item void B<SSL_CTX_set_psk_server_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
+
+
+-
+-
+ =back
+
+-=head2 DEALING WITH SESSIONS
++=head2 Dealing with Sessions
+
+ Here we document the various API functions which deal with the SSL/TLS
+ sessions defined in the B<SSL_SESSION> structures.
+@@ -448,7 +443,7 @@ sessions defined in the B<SSL_SESSION> structures.
+
+ =back
+
+-=head2 DEALING WITH CONNECTIONS
++=head2 Dealing with Connections
+
+ Here we document the various API functions which deal with the SSL/TLS
+ connection defined in the B<SSL> structure.
+@@ -595,11 +590,11 @@ fresh handle for each connection.
+
+ =item int B<SSL_is_init_finished>(SSL *ssl);
+
+-=item STACK *B<SSL_load_client_CA_file>(char *file);
++=item STACK *B<SSL_load_client_CA_file>(const char *file);
+
+ =item SSL *B<SSL_new>(SSL_CTX *ctx);
+
+-=item void SSL_up_ref(SSL *s);
++=item int SSL_up_ref(SSL *s);
+
+ =item long B<SSL_num_renegotiations>(SSL *ssl);
+
+@@ -683,19 +678,19 @@ Returns the current handshake state.
+
+ =item int B<SSL_use_PrivateKey_ASN1>(int type, SSL *ssl, unsigned char *d, long len);
+
+-=item int B<SSL_use_PrivateKey_file>(SSL *ssl, char *file, int type);
++=item int B<SSL_use_PrivateKey_file>(SSL *ssl, const char *file, int type);
+
+ =item int B<SSL_use_RSAPrivateKey>(SSL *ssl, RSA *rsa);
+
+ =item int B<SSL_use_RSAPrivateKey_ASN1>(SSL *ssl, unsigned char *d, long len);
+
+-=item int B<SSL_use_RSAPrivateKey_file>(SSL *ssl, char *file, int type);
++=item int B<SSL_use_RSAPrivateKey_file>(SSL *ssl, const char *file, int type);
+
+ =item int B<SSL_use_certificate>(SSL *ssl, X509 *x);
+
+ =item int B<SSL_use_certificate_ASN1>(SSL *ssl, int len, unsigned char *d);
+
+-=item int B<SSL_use_certificate_file>(SSL *ssl, char *file, int type);
++=item int B<SSL_use_certificate_file>(SSL *ssl, const char *file, int type);
+
+ =item int B<SSL_version>(const SSL *ssl);
+
+@@ -808,5 +803,13 @@ in OpenSSL 1.1.0.
+ The return type of B<SSL_copy_session_id> was changed from void to int in
+ OpenSSL 1.1.0.
+
+-=cut
++=head1 COPYRIGHT
++
++Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++L<https://www.openssl.org/source/license.html>.
++
++=cut
+diff --git a/e_os.h b/e_os.h
+index 0124e5e..700d7d0 100644
+--- a/e_os.h
++++ b/e_os.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_E_OS_H
+@@ -151,6 +103,7 @@ extern "C" {
+ # define writesocket(s,b,n) send((s),(b),(n),0)
+ # elif defined(__DJGPP__)
+ # define WATT32
++# define WATT32_NO_OLDIES
+ # define get_last_socket_error() errno
+ # define clear_socket_error() errno=0
+ # define closesocket(s) close_s(s)
+@@ -185,11 +138,14 @@ extern "C" {
+ # include <unistd.h>
+ # include <sys/stat.h>
+ # include <sys/socket.h>
++# include <sys/un.h>
+ # include <tcp.h>
+ # include <netdb.h>
+ # define _setmode setmode
+ # define _O_TEXT O_TEXT
+ # define _O_BINARY O_BINARY
++# define HAS_LFN_SUPPORT(name) (pathconf((name), _PC_NAME_MAX) > 12)
++# undef DEVRANDOM_EGD /* Neither MS-DOS nor FreeDOS provide 'egd' sockets. */
+ # undef DEVRANDOM
+ # define DEVRANDOM "/dev/urandom\x24"
+ # endif /* __DJGPP__ */
+@@ -223,7 +179,7 @@ extern "C" {
+ */
+ # define _WIN32_WINNT 0x0501
+ # endif
+-# if !defined(OPENSSL_NO_SOCK) && (defined(_WIN32_WINNT) || defined(_WIN32_WCE))
++# if defined(_WIN32_WINNT) || defined(_WIN32_WCE)
+ /*
+ * Just like defining _WIN32_WINNT including winsock2.h implies
+ * certain "discipline" for maintaining [broad] binary compatibility.
+@@ -392,10 +348,6 @@ extern FILE *_imp___iob;
+
+ /*************/
+
+-# if defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_DGRAM)
+-# define OPENSSL_NO_DGRAM
+-# endif
+-
+ # ifdef USE_SOCKETS
+ # ifdef OPENSSL_NO_SOCK
+ # elif defined(WINDOWS) || defined(MSDOS)
+@@ -517,12 +469,15 @@ struct servent *PASCAL getservbyname(const char *, const char *);
+ # if defined(OPENSSL_SYS_WINDOWS)
+ # define strcasecmp _stricmp
+ # define strncasecmp _strnicmp
+-# elif defined(OPENSSL_SYS_VMS)
+-/* VMS below version 7.0 doesn't have strcasecmp() */
+-# include "internal/o_str.h"
+-# define strcasecmp OPENSSL_strcasecmp
+-# define strncasecmp OPENSSL_strncasecmp
+-# define OPENSSL_IMPLEMENTS_strncasecmp
++# if (_MSC_VER >= 1310)
++# define open _open
++# define fdopen _fdopen
++# define close _close
++# define strdup _strdup
++# define unlink _unlink
++# endif
++# else
++# include <strings.h>
+ # endif
+
+ /* vxworks */
+@@ -552,13 +507,6 @@ struct servent *getservbyname(const char *name, const char *proto);
+ # endif
+ /* end vxworks */
+
+-/* haiku */
+-# if defined(OPENSSL_SYS_HAIKU)
+-# include <sys/select.h>
+-# include <sys/time.h>
+-# endif
+-/* end haiku */
+-
+ #define OSSL_NELEM(x) (sizeof(x)/sizeof(x[0]))
+
+ #ifdef __cplusplus
+diff --git a/engines/Makefile.in b/engines/Makefile.in
+deleted file mode 100644
+index e37c4e2..0000000
+--- a/engines/Makefile.in
++++ /dev/null
+@@ -1,119 +0,0 @@
+-#
+-# OpenSSL/engines/Makefile
+-#
+-
+-DIR= engines
+-TOP= ..
+-CC= cc
+-INCLUDES= -I../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-RECURSIVE_MAKE= for i in $${ENGDIRS:-$(ENGDIRS)} ; do \
+- (cd $$i && echo "making $$target in $(DIR)/$$i..." && \
+- $(MAKE) -e TOP=../.. DIR=$$i $$target ) || exit 1; \
+- done;
+-
+-PADLOCK_ASM_OBJ=
+-
+-PLIB_LDFLAG=
+-EX_LIBS=
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-ASFLAGS= $(INCLUDES) $(ASFLAG) $(SHARED_CFLAG)
+-AFLAGS= $(ASFLAGS)
+-
+-GENERAL=Makefile engines.com install.com engine_vector.mar
+-
+-LIB=$(TOP)/libcrypto.a
+-LIBNAMES= padlock capi dasync
+-LIBSRC= \
+- e_padlock.c \
+- e_capi.c \
+- e_dasync.c
+-LIBOBJ= \
+- e_padlock.o \
+- e_capi.o \
+- e_dasync.o \
+- $(PADLOCK_ASM_OBJ)
+-
+-TESTLIBNAMES= ossltest
+-TESTLIBSRC= e_ossltest.c
+-TESTLIBOBJ= e_ossltest.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= \
+- e_capi_err.c e_capi_err.h \
+- e_ossltest_err.c e_ossltest_err.h \
+- e_dasync_err.c e_dasync_err.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ..; $(MAKE) DIRS=$(DIR) all)
+-
+-all: lib subdirs
+-
+-lib: $(LIBOBJ) $(TESTLIBOBJ)
+- @if [ "$(DYNAMIC_ENGINES)" = 1 ]; then \
+- set -e; \
+- for l in $(LIBNAMES) $(TESTLIBNAMES); do \
+- $(MAKE) -f ../Makefile.shared -e \
+- LIBNAME=$$l LIBEXTRAS="e_$$l*.o" \
+- LIBDEPS='$(PLIB_LDFLAG) -L.. -lcrypto $(EX_LIBS)' \
+- link_dso.$(SHLIB_TARGET); \
+- done; \
+- else \
+- $(AR) $(LIB) $(LIBOBJ); \
+- $(RANLIB) $(LIB) || echo Never mind.; \
+- fi; \
+- touch lib
+-
+-e_padlock-x86.s: asm/e_padlock-x86.pl
+- $(PERL) asm/e_padlock-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) $@
+-e_padlock-x86_64.s: asm/e_padlock-x86_64.pl
+- $(PERL) asm/e_padlock-x86_64.pl $(PERLASM_SCHEME) $@
+-
+-subdirs:
+- @target=all; $(RECURSIVE_MAKE)
+-
+-install:
+- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+- @if [ -n "$(SHARED_LIBS)" ]; then \
+- set -e; \
+- $(PERL) $(TOP)/util/mkdir-p.pl $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines; \
+- for l in $(LIBNAMES); do \
+- cp $${l}$(DSO_EXT) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$${l}$(DSO_EXT).new; \
+- chmod 555 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$${l}$(DSO_EXT).new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$${l}$(DSO_EXT).new $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$${l}$(DSO_EXT); \
+- done; \
+- fi
+- @target=install; $(RECURSIVE_MAKE)
+-
+-uninstall:
+- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+- @if [ -n "$(SHARED_LIBS)" ]; then \
+- set -e; \
+- for l in $(LIBNAMES); do \
+- $(RM) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$${l}$(DSO_EXT); \
+- done; \
+- fi
+- @target=install; $(RECURSIVE_MAKE)
+-
+-errors:
+- set -e; for l in $(LIBNAMES); do \
+- $(PERL) ../util/mkerr.pl -conf e_$$l.ec \
+- -nostatic -staticloader -write e_$$l.c; \
+- done
+-
+-depend:
+- @[ -z "$(THIS)" ] || $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC) $(TESTLIBSRC)
+- @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+- @target=clean; $(RECURSIVE_MAKE)
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/engines/afalg/Makefile.in b/engines/afalg/Makefile.in
+deleted file mode 100644
+index 8a7408f..0000000
+--- a/engines/afalg/Makefile.in
++++ /dev/null
+@@ -1,75 +0,0 @@
+-#
+-# OpenSSL/engines/afalg/Makefile
+-#
+-
+-DIR= afalg
+-TOP= ../..
+-CC= cc
+-INCLUDES= -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-LIB=$(TOP)/libcrypto.a
+-
+-LIBNAME=afalg
+-LIBSRC= e_afalg.c
+-LIBOBJ= e_afalg.o e_afalg_err.o
+-
+-SRC= $(LIBSRC)
+-
+-top:
+- (cd $(TOP); $(MAKE) DIRS=engines sub_all)
+-
+-all: errors lib
+-
+-errors:
+- $(PERL) $(TOP)/util/mkerr.pl -conf e_afalg.ec -nostatic -write $(SRC)
+-
+-lib: $(LIBOBJ)
+- @if [ "$(DYNAMIC_ENGINES)" = 1 ]; then \
+- $(MAKE) -f $(TOP)/Makefile.shared -e \
+- LIBNAME=$(LIBNAME) \
+- LIBEXTRAS='$(LIBOBJ)' \
+- LIBDEPS='-L$(TOP) -lcrypto' \
+- link_dso.$(SHLIB_TARGET); \
+- else \
+- $(AR) $(LIB) $(LIBOBJ); \
+- fi
+- @touch lib
+-
+-install:
+- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+- @if [ -n "$(SHARED_LIBS)" ]; then \
+- set -e; \
+- $(PERL) $(TOP)/util/mkdir-p.pl $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines; \
+- cp $(LIBNAME)$(DSO_EXT) $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$(LIBNAME)$(DSO_EXT).new; \
+- chmod 555 $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$(LIBNAME)$(DSO_EXT).new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$(LIBNAME)$(DSO_EXT).new $(DESTDIR)$(INSTALLTOP)/$(LIBDIR)/engines/$(LIBNAME)$(DSO_EXT); \
+- fi
+-
+-
+-depend:
+- @[ -z "$(THIS)" ] || $(TOP)/util/domd $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(TESTLIBSRC)
+-
+-clean:
+- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff *.so *.dll *.dylib
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+-e_afalg.o: e_afalg.c ../../include/openssl/engine.h \
+- ../../include/openssl/opensslconf.h ../../include/openssl/bn.h \
+- ../../include/openssl/e_os2.h ../../include/openssl/ossl_typ.h \
+- ../../include/openssl/crypto.h ../../include/openssl/stack.h \
+- ../../include/openssl/safestack.h ../../include/openssl/opensslv.h \
+- ../../include/openssl/symhacks.h ../../include/openssl/rsa.h \
+- ../../include/openssl/asn1.h ../../include/openssl/bio.h \
+- ../../include/openssl/dsa.h ../../include/openssl/dh.h \
+- ../../include/openssl/ec.h ../../include/openssl/rand.h \
+- ../../include/openssl/ui.h ../../include/openssl/err.h \
+- ../../include/openssl/lhash.h ../../include/openssl/x509.h \
+- ../../include/openssl/buffer.h ../../include/openssl/evp.h \
+- ../../include/openssl/objects.h ../../include/openssl/obj_mac.h \
+- ../../include/openssl/sha.h ../../include/openssl/x509_vfy.h \
+- ../../include/openssl/pkcs7.h ../../include/openssl/async.h e_afalg.h \
+- e_afalg_err.h
+diff --git a/engines/afalg/build.info b/engines/afalg/build.info
+index 5aba447..d096279 100644
+--- a/engines/afalg/build.info
++++ b/engines/afalg/build.info
+@@ -9,7 +9,7 @@ IF[{- !$disabled{"engine"} -}]
+ ENGINES=afalg
+ SOURCE[afalg]=e_afalg.c e_afalg_err.c
+ DEPEND[afalg]=../../libcrypto
+- INCLUDE[afalg]= {- rel2abs(catdir($builddir,"../../include")) -} ../../include
++ INCLUDE[afalg]= "{- rel2abs(catdir($builddir,"../../include")) -}" ../../include
+ ENDIF
+ ENDIF
+ ENDIF
+diff --git a/engines/afalg/e_afalg.c b/engines/afalg/e_afalg.c
+index d8599a1..ec2a57e 100644
+--- a/engines/afalg/e_afalg.c
++++ b/engines/afalg/e_afalg.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Required for vmsplice */
+@@ -131,7 +86,7 @@ static int afalg_chk_platform(void);
+
+ /* Engine Id and Name */
+ static const char *engine_afalg_id = "afalg";
+-static const char *engine_afalg_name = "AFLAG engine support";
++static const char *engine_afalg_name = "AFALG engine support";
+
+ static int afalg_cipher_nids[] = {
+ NID_aes_128_cbc
+diff --git a/engines/afalg/e_afalg.h b/engines/afalg/e_afalg.h
+index 8b589e4..8f4d2d1 100644
+--- a/engines/afalg/e_afalg.h
++++ b/engines/afalg/e_afalg.h
+@@ -1,59 +1,14 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+-#ifndef _E_AFALG_H_
+-# define _E_AFALG_H_
++#ifndef HEADER_AFALG_H
++# define HEADER_AFALG_H
+
+ # ifdef ALG_DEBUG
+ # define ALG_DGB(x, ...) fprintf(stderr, "ALG_DBG: " x, __VA_ARGS__)
+diff --git a/engines/afalg/e_afalg_err.c b/engines/afalg/e_afalg_err.c
+index 71c4a01..ca394ed 100644
+--- a/engines/afalg/e_afalg_err.c
++++ b/engines/afalg/e_afalg_err.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/engines/afalg/e_afalg_err.h b/engines/afalg/e_afalg_err.h
+index 64468c3..21abc97 100644
+--- a/engines/afalg/e_afalg_err.h
++++ b/engines/afalg/e_afalg_err.h
+@@ -1,55 +1,16 @@
+-/* ====================================================================
+- * Copyright (c) 2001-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
++ * NOTE: this file was auto generated by the mkerr.pl script: any changes
++ * made to it will be overwritten when the script next updates this file,
++ * only reason strings will be preserved.
+ */
+
+ #ifndef HEADER_AFALG_ERR_H
+@@ -60,10 +21,6 @@ extern "C" {
+ # endif
+
+ /* BEGIN ERROR CODES */
+-/*
+- * The following lines are auto generated by the script mkerr.pl. Any changes
+- * made after this point may be overwritten when the script is next run.
+- */
+ void ERR_load_AFALG_strings(void);
+ void ERR_unload_AFALG_strings(void);
+ void ERR_AFALG_error(int function, int reason, char *file, int line);
+diff --git a/engines/asm/e_padlock-x86.pl b/engines/asm/e_padlock-x86.pl
+index 1a22dc8..bf6b312 100644
+--- a/engines/asm/e_padlock-x86.pl
++++ b/engines/asm/e_padlock-x86.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/engines/asm/e_padlock-x86_64.pl b/engines/asm/e_padlock-x86_64.pl
+index 07c0a6d..bf57da7 100644
+--- a/engines/asm/e_padlock-x86_64.pl
++++ b/engines/asm/e_padlock-x86_64.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ # ====================================================================
+ # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+diff --git a/engines/build.info b/engines/build.info
+index 065d412..850ecac 100644
+--- a/engines/build.info
++++ b/engines/build.info
+@@ -12,19 +12,19 @@ IF[{- !$disabled{"engine"} -}]
+ ENGINES=padlock dasync ossltest
+ SOURCE[padlock]=e_padlock.c {- $target{padlock_asm_src} -}
+ DEPEND[padlock]=../libcrypto
+- INCLUDE[padlock]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[padlock]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ IF[{- !$disabled{capieng} -}]
+ ENGINES=capi
+ SOURCE[capi]=e_capi.c
+ DEPEND[capi]=../libcrypto
+- INCLUDE[capi]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[capi]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ ENDIF
+ SOURCE[dasync]=e_dasync.c
+ DEPEND[dasync]=../libcrypto
+- INCLUDE[dasync]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[dasync]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ SOURCE[ossltest]=e_ossltest.c
+ DEPEND[ossltest]=../libcrypto
+- INCLUDE[ossltest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[ossltest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ ENDIF
+
+ GENERATE[e_padlock-x86.s]=asm/e_padlock-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR)
+diff --git a/engines/e_capi.c b/engines/e_capi.c
+index 5bf0fe9..f2d5c3e 100644
+--- a/engines/e_capi.c
++++ b/engines/e_capi.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -176,9 +132,11 @@ static int capi_rsa_priv_dec(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+ static int capi_rsa_free(RSA *rsa);
+
++# ifndef OPENSSL_NO_DSA
+ static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
+ DSA *dsa);
+ static int capi_dsa_free(DSA *dsa);
++# endif
+
+ static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl,
+ STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
+@@ -337,6 +295,7 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+ int ret = 1;
+ CAPI_CTX *ctx;
+ BIO *out;
++ LPSTR tmpstr;
+ if (capi_idx == -1) {
+ CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_ENGINE_NOT_INITIALIZED);
+ return 0;
+@@ -365,9 +324,15 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+ break;
+
+ case CAPI_CMD_STORE_NAME:
+- OPENSSL_free(ctx->storename);
+- ctx->storename = OPENSSL_strdup(p);
+- CAPI_trace(ctx, "Setting store name to %s\n", p);
++ tmpstr = OPENSSL_strdup(p);
++ if (tmpstr != NULL) {
++ OPENSSL_free(ctx->storename);
++ ctx->storename = tmpstr;
++ CAPI_trace(ctx, "Setting store name to %s\n", p);
++ } else {
++ CAPIerr(CAPI_F_CAPI_CTRL, ERR_R_MALLOC_FAILURE);
++ ret = 0;
++ }
+ break;
+
+ case CAPI_CMD_STORE_FLAGS:
+@@ -387,8 +352,14 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+ break;
+
+ case CAPI_CMD_DEBUG_FILE:
+- ctx->debug_file = OPENSSL_strdup(p);
+- CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file);
++ tmpstr = OPENSSL_strdup(p);
++ if (tmpstr != NULL) {
++ ctx->debug_file = tmpstr;
++ CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file);
++ } else {
++ CAPIerr(CAPI_F_CAPI_CTRL, ERR_R_MALLOC_FAILURE);
++ ret = 0;
++ }
+ break;
+
+ case CAPI_CMD_KEYTYPE:
+@@ -432,7 +403,9 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+ }
+
+ static RSA_METHOD *capi_rsa_method = NULL;
++# ifndef OPENSSL_NO_DSA
+ static DSA_METHOD *capi_dsa_method = NULL;
++# endif
+
+ static int use_aes_csp = 0;
+
+@@ -440,7 +413,9 @@ static int capi_init(ENGINE *e)
+ {
+ CAPI_CTX *ctx;
+ const RSA_METHOD *ossl_rsa_meth;
++# ifndef OPENSSL_NO_DSA
+ const DSA_METHOD *ossl_dsa_meth;
++# endif
+ HCRYPTPROV hprov;
+
+ if (capi_idx < 0) {
+@@ -468,6 +443,7 @@ static int capi_init(ENGINE *e)
+ goto memerr;
+ }
+
++# ifndef OPENSSL_NO_DSA
+ /* Setup DSA Method */
+ dsa_capi_idx = DSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
+ ossl_dsa_meth = DSA_OpenSSL();
+@@ -481,6 +457,7 @@ static int capi_init(ENGINE *e)
+ DSA_meth_get_bn_mod_exp(ossl_dsa_meth))) {
+ goto memerr;
+ }
++# endif
+ }
+
+ ctx = capi_ctx_new();
+@@ -526,8 +503,10 @@ static int capi_destroy(ENGINE *e)
+ {
+ RSA_meth_free(capi_rsa_method);
+ capi_rsa_method = NULL;
++# ifndef OPENSSL_NO_DSA
+ DSA_meth_free(capi_dsa_method);
+ capi_dsa_method = NULL;
++# endif
+ ERR_unload_CAPI_strings();
+ return 1;
+ }
+@@ -560,9 +539,11 @@ static int bind_capi(ENGINE *e)
+ capi_rsa_method = RSA_meth_new("CryptoAPI RSA method", 0);
+ if (capi_rsa_method == NULL)
+ return 0;
++# ifndef OPENSSL_NO_DSA
+ capi_dsa_method = DSA_meth_new("CryptoAPI DSA method", 0);
+ if (capi_dsa_method == NULL)
+ goto memerr;
++# endif
+ if (!ENGINE_set_id(e, engine_capi_id)
+ || !ENGINE_set_name(e, engine_capi_name)
+ || !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL)
+@@ -570,7 +551,9 @@ static int bind_capi(ENGINE *e)
+ || !ENGINE_set_finish_function(e, capi_finish)
+ || !ENGINE_set_destroy_function(e, capi_destroy)
+ || !ENGINE_set_RSA(e, capi_rsa_method)
++# ifndef OPENSSL_NO_DSA
+ || !ENGINE_set_DSA(e, capi_dsa_method)
++# endif
+ || !ENGINE_set_load_privkey_function(e, capi_load_privkey)
+ || !ENGINE_set_load_ssl_client_cert_function(e,
+ capi_load_ssl_client_cert)
+@@ -583,8 +566,10 @@ static int bind_capi(ENGINE *e)
+ memerr:
+ RSA_meth_free(capi_rsa_method);
+ capi_rsa_method = NULL;
++# ifndef OPENSSL_NO_DSA
+ DSA_meth_free(capi_dsa_method);
+ capi_dsa_method = NULL;
++# endif
+ return 0;
+ }
+
+@@ -722,6 +707,7 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key)
+ EVP_PKEY_assign_RSA(ret, rkey);
+ rkey = NULL;
+
++# ifndef OPENSSL_NO_DSA
+ } else if (bh->aiKeyAlg == CALG_DSS_SIGN) {
+ DSSPUBKEY *dp;
+ DWORD dsa_plen;
+@@ -774,6 +760,7 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key)
+
+ EVP_PKEY_assign_DSA(ret, dkey);
+ dkey = NULL;
++# endif
+ } else {
+ char algstr[10];
+ BIO_snprintf(algstr, 10, "%ux", bh->aiKeyAlg);
+@@ -787,7 +774,9 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key)
+ OPENSSL_free(pubkey);
+ if (!ret) {
+ RSA_free(rkey);
++# ifndef OPENSSL_NO_DSA
+ DSA_free(dkey);
++# endif
+ }
+
+ return ret;
+@@ -990,6 +979,7 @@ static int capi_rsa_free(RSA *rsa)
+ return 1;
+ }
+
++# ifndef OPENSSL_NO_DSA
+ /* CryptoAPI DSA operations */
+
+ static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
+@@ -1068,6 +1058,7 @@ static int capi_dsa_free(DSA *dsa)
+ DSA_set_ex_data(dsa, dsa_capi_idx, 0);
+ return 1;
+ }
++# endif
+
+ static void capi_vtrace(CAPI_CTX * ctx, int level, char *format,
+ va_list argptr)
+@@ -1647,6 +1638,8 @@ static void capi_ctx_free(CAPI_CTX * ctx)
+ static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type,
+ int check)
+ {
++ LPSTR tmpcspname;
++
+ CAPI_trace(ctx, "capi_ctx_set_provname, name=%s, type=%d\n", pname, type);
+ if (check) {
+ HCRYPTPROV hprov;
+@@ -1670,8 +1663,13 @@ static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type,
+ }
+ CryptReleaseContext(hprov, 0);
+ }
++ tmpcspname = OPENSSL_strdup(pname);
++ if (tmpcspname == NULL) {
++ CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME, ERR_R_MALLOC_FAILURE);
++ return 0;
++ }
+ OPENSSL_free(ctx->cspname);
+- ctx->cspname = OPENSSL_strdup(pname);
++ ctx->cspname = tmpcspname;
+ ctx->csptype = type;
+ return 1;
+ }
+diff --git a/engines/e_capi_err.c b/engines/e_capi_err.c
+index 1de6f25..64e963a 100644
+--- a/engines/e_capi_err.c
++++ b/engines/e_capi_err.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/engines/e_capi_err.h b/engines/e_capi_err.h
+index 01ec2ef..bbaffad 100644
+--- a/engines/e_capi_err.h
++++ b/engines/e_capi_err.h
+@@ -1,55 +1,16 @@
+-/* ====================================================================
+- * Copyright (c) 2001-2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
++ * NOTE: this file was auto generated by the mkerr.pl script: any changes
++ * made to it will be overwritten when the script next updates this file,
++ * only reason strings will be preserved.
+ */
+
+ #ifndef HEADER_CAPI_ERR_H
+@@ -60,10 +21,6 @@ extern "C" {
+ #endif
+
+ /* BEGIN ERROR CODES */
+-/*
+- * The following lines are auto generated by the script mkerr.pl. Any changes
+- * made after this point may be overwritten when the script is next run.
+- */
+ static void ERR_load_CAPI_strings(void);
+ static void ERR_unload_CAPI_strings(void);
+ static void ERR_CAPI_error(int function, int reason, char *file, int line);
+diff --git a/engines/e_chil.c b/engines/e_chil.c
+index b09d525..0fb7aa4 100644
+--- a/engines/e_chil.c
++++ b/engines/e_chil.c
+@@ -1,60 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org), Geoff Thorpe
+- * (geoff at geoffthorpe.net) and Dr Stephen N Henson (steve at openssl.org) for
+- * the OpenSSL project 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -1262,7 +1212,7 @@ static int hwcrhk_insert_card(const char *prompt_info,
+ ui = UI_new_method(ui_method);
+
+ if (ui) {
+- char answer;
++ char answer = '\0';
+ char buf[BUFSIZ];
+ /*
+ * Despite what the documentation says wrong_info can be an empty
+diff --git a/engines/e_chil_err.c b/engines/e_chil_err.c
+index 2cfcab2..0058684 100644
+--- a/engines/e_chil_err.c
++++ b/engines/e_chil_err.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/engines/e_chil_err.h b/engines/e_chil_err.h
+index 3d961b9..42fdd19 100644
+--- a/engines/e_chil_err.h
++++ b/engines/e_chil_err.h
+@@ -1,55 +1,16 @@
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
++ * NOTE: this file was auto generated by the mkerr.pl script: any changes
++ * made to it will be overwritten when the script next updates this file,
++ * only reason strings will be preserved.
+ */
+
+ #ifndef HEADER_HWCRHK_ERR_H
+@@ -60,10 +21,6 @@ extern "C" {
+ #endif
+
+ /* BEGIN ERROR CODES */
+-/*
+- * The following lines are auto generated by the script mkerr.pl. Any changes
+- * made after this point may be overwritten when the script is next run.
+- */
+ static void ERR_load_HWCRHK_strings(void);
+ static void ERR_unload_HWCRHK_strings(void);
+ static void ERR_HWCRHK_error(int function, int reason, char *file, int line);
+diff --git a/engines/e_dasync.c b/engines/e_dasync.c
+index 27a5602..ed3f00a 100644
+--- a/engines/e_dasync.c
++++ b/engines/e_dasync.c
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -228,7 +185,7 @@ static int bind_dasync(ENGINE *e)
+ || RSA_meth_set_pub_enc(dasync_rsa_method, dasync_pub_enc) == 0
+ || RSA_meth_set_pub_dec(dasync_rsa_method, dasync_pub_dec) == 0
+ || RSA_meth_set_priv_enc(dasync_rsa_method, dasync_rsa_priv_enc) == 0
+- || RSA_meth_set_priv_enc(dasync_rsa_method, dasync_rsa_priv_dec) == 0
++ || RSA_meth_set_priv_dec(dasync_rsa_method, dasync_rsa_priv_dec) == 0
+ || RSA_meth_set_mod_exp(dasync_rsa_method, dasync_rsa_mod_exp) == 0
+ || RSA_meth_set_bn_mod_exp(dasync_rsa_method, BN_mod_exp_mont) == 0
+ || RSA_meth_set_init(dasync_rsa_method, dasync_rsa_init) == 0
+diff --git a/engines/e_dasync_err.c b/engines/e_dasync_err.c
+index 3b462ba..a9e7765 100644
+--- a/engines/e_dasync_err.c
++++ b/engines/e_dasync_err.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/engines/e_dasync_err.h b/engines/e_dasync_err.h
+index 304eeef..b01fead 100644
+--- a/engines/e_dasync_err.h
++++ b/engines/e_dasync_err.h
+@@ -1,55 +1,16 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
++ * NOTE: this file was auto generated by the mkerr.pl script: any changes
++ * made to it will be overwritten when the script next updates this file,
++ * only reason strings will be preserved.
+ */
+
+ #ifndef HEADER_DASYNC_ERR_H
+@@ -60,10 +21,6 @@ extern "C" {
+ #endif
+
+ /* BEGIN ERROR CODES */
+-/*
+- * The following lines are auto generated by the script mkerr.pl. Any changes
+- * made after this point may be overwritten when the script is next run.
+- */
+ static void ERR_load_DASYNC_strings(void);
+ static void ERR_unload_DASYNC_strings(void);
+ static void ERR_DASYNC_error(int function, int reason, char *file, int line);
+diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c
+index e641a44..b4c83cb 100644
+--- a/engines/e_ossltest.c
++++ b/engines/e_ossltest.c
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/engines/e_ossltest_err.c b/engines/e_ossltest_err.c
+index 5e5355d..71d0578 100644
+--- a/engines/e_ossltest_err.c
++++ b/engines/e_ossltest_err.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/engines/e_ossltest_err.h b/engines/e_ossltest_err.h
+index b30509d..a323c39 100644
+--- a/engines/e_ossltest_err.h
++++ b/engines/e_ossltest_err.h
+@@ -1,55 +1,16 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
++ * NOTE: this file was auto generated by the mkerr.pl script: any changes
++ * made to it will be overwritten when the script next updates this file,
++ * only reason strings will be preserved.
+ */
+
+ #ifndef HEADER_OSSLTEST_ERR_H
+@@ -60,10 +21,6 @@ extern "C" {
+ #endif
+
+ /* BEGIN ERROR CODES */
+-/*
+- * The following lines are auto generated by the script mkerr.pl. Any changes
+- * made after this point may be overwritten when the script is next run.
+- */
+ static void ERR_load_OSSLTEST_strings(void);
+ static void ERR_unload_OSSLTEST_strings(void);
+ static void ERR_OSSLTEST_error(int function, int reason, char *file, int line);
+diff --git a/engines/e_padlock.c b/engines/e_padlock.c
+index dab6c44..77cebe3 100644
+--- a/engines/e_padlock.c
++++ b/engines/e_padlock.c
+@@ -1,65 +1,10 @@
+-/*-
+- * Support for VIA PadLock Advanced Cryptography Engine (ACE)
+- * Written by Michal Ludvig <michal at logix.cz>
+- * http://www.logix.cz/michal
+- *
+- * Big thanks to Andy Polyakov for a help with optimization,
+- * assembler fixes, port to MS Windows and a lot of other
+- * valuable work on this engine!
+- */
+-
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -99,8 +44,7 @@
+ # if !defined(I386_ONLY) && !defined(OPENSSL_NO_ASM)
+ # if defined(__i386__) || defined(__i386) || \
+ defined(__x86_64__) || defined(__x86_64) || \
+- defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
+- defined(__INTEL__)
++ defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)
+ # define COMPILE_HW_PADLOCK
+ # ifdef OPENSSL_NO_DYNAMIC_ENGINE
+ static ENGINE *ENGINE_padlock(void);
+diff --git a/external/perl/transfer/Text/Template.pm b/external/perl/transfer/Text/Template.pm
+index d018e6b..7dbfe3f 100644
+--- a/external/perl/transfer/Text/Template.pm
++++ b/external/perl/transfer/Text/Template.pm
+@@ -1,4 +1,9 @@
+-#! /usr/bin/perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ # Quick transfer to the downloaded Text::Template
+
+diff --git a/fuzz/README.md b/fuzz/README.md
+new file mode 100644
+index 0000000..948590d
+--- /dev/null
++++ b/fuzz/README.md
+@@ -0,0 +1,47 @@
++# I Can Haz Fuzz?
++
++Or, how to fuzz OpenSSL with libfuzzer.
++
++Starting from a vanilla+OpenSSH server Ubuntu install.
++
++Use Chrome's handy recent build of clang. Older versions may also work.
++
++ $ sudo apt-get install git
++ $ mkdir git-work
++ $ git clone https://chromium.googlesource.com/chromium/src/tools/clang
++ $ clang/scripts/update.py
++
++You may want to git pull and re-run the update from time to time.
++
++Update your path:
++
++ $ PATH=~/third_party/llvm-build/Release+Asserts/bin/:$PATH
++
++Get and build libFuzzer (there is a git mirror at
++https://github.com/llvm-mirror/llvm/tree/master/lib/Fuzzer if you prefer):
++
++ $ cd
++ $ sudo apt-get install subversion
++ $ mkdir svn-work
++ $ cd svn-work
++ $ svn co http://llvm.org/svn/llvm-project/llvm/trunk/lib/Fuzzer
++ $ cd Fuzzer
++ $ clang++ -c -g -O2 -std=c++11 *.cpp
++ $ ar r libFuzzer.a *.o
++ $ ranlib libFuzzer.a
++
++Configure for fuzzing:
++
++ $ CC=clang ./config enable-fuzz enable-asan enable-ubsan no-shared
++ $ sudo apt-get install make
++ $ LDCMD=clang++ make -j
++ $ fuzz/helper.py <fuzzer> <arguments>
++
++Where `<fuzzer>` is one of the executables in `fuzz/`. Most fuzzers do not
++need any command line arguments, but, for example, `asn1` needs the name of a
++data type.
++
++If you get a crash, you should find a corresponding input file in
++`fuzz/corpora/<fuzzer>-crash/`. You can reproduce the crash with
++
++ $ fuzz/<fuzzer> <crashfile>
+diff --git a/fuzz/asn1.c b/fuzz/asn1.c
+new file mode 100644
+index 0000000..fc129a8
+--- /dev/null
++++ b/fuzz/asn1.c
+@@ -0,0 +1,86 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++/*
++ * Fuzz ASN.1 parsing for various data structures. Specify which on the
++ * command line:
++ *
++ * asn1 <data structure>
++ */
++
++#include <stdio.h>
++#include <string.h>
++#include <openssl/asn1.h>
++#include <openssl/asn1t.h>
++#include <openssl/ec.h>
++#include <openssl/ocsp.h>
++#include <openssl/pkcs12.h>
++#include <openssl/ts.h>
++#include <openssl/x509v3.h>
++#include "fuzzer.h"
++
++static const ASN1_ITEM *item_type;
++
++int LLVMFuzzerInitialize(int *argc, char ***argv) {
++ const char *cmd;
++ OPENSSL_assert(*argc > 1);
++
++ cmd = (*argv)[1];
++ (*argv)[1] = (*argv)[0];
++ ++*argv;
++ --*argc;
++
++ // TODO: make this work like d2i_test.c does, once its decided what the
++ // common scheme is!
++#define Y(t) if (!strcmp(cmd, #t)) item_type = ASN1_ITEM_rptr(t)
++#define X(t) else Y(t)
++
++ Y(ASN1_SEQUENCE);
++ X(AUTHORITY_INFO_ACCESS);
++ X(BIGNUM);
++ X(ECPARAMETERS);
++ X(ECPKPARAMETERS);
++ X(GENERAL_NAME);
++ X(GENERAL_SUBTREE);
++ X(NAME_CONSTRAINTS);
++ X(OCSP_BASICRESP);
++ X(OCSP_RESPONSE);
++ X(PKCS12);
++ X(PKCS12_AUTHSAFES);
++ X(PKCS12_SAFEBAGS);
++ X(PKCS7);
++ X(PKCS7_ATTR_SIGN);
++ X(PKCS7_ATTR_VERIFY);
++ X(PKCS7_DIGEST);
++ X(PKCS7_ENC_CONTENT);
++ X(PKCS7_ENCRYPT);
++ X(PKCS7_ENVELOPE);
++ X(PKCS7_RECIP_INFO);
++ X(PKCS7_SIGN_ENVELOPE);
++ X(PKCS7_SIGNED);
++ X(PKCS7_SIGNER_INFO);
++ X(POLICY_CONSTRAINTS);
++ X(POLICY_MAPPINGS);
++ X(SXNET);
++ //X(TS_RESP); want to do this, but type is hidden, however d2i exists...
++ X(X509);
++ X(X509_CRL);
++ else
++ OPENSSL_assert(!"Bad type");
++
++ return 0;
++}
++
++int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
++ const uint8_t *b = buf;
++ ASN1_VALUE *o = ASN1_item_d2i(NULL, &b, len, item_type);
++ ASN1_item_free(o, item_type);
++ return 0;
++}
+diff --git a/fuzz/asn1parse.c b/fuzz/asn1parse.c
+new file mode 100644
+index 0000000..63104fb
+--- /dev/null
++++ b/fuzz/asn1parse.c
+@@ -0,0 +1,29 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++/*
++ * Fuzz the parser used for dumping ASN.1 using "openssl asn1parse".
++ */
++
++#include <stdio.h>
++#include <openssl/asn1.h>
++#include <openssl/x509.h>
++#include <openssl/x509v3.h>
++#include "fuzzer.h"
++
++int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
++ static BIO *bio_out;
++
++ if (bio_out == NULL)
++ bio_out = BIO_new_file("/dev/null", "w");
++
++ (void)ASN1_parse_dump(bio_out, buf, len, 0, 0);
++ return 0;
++}
+diff --git a/fuzz/bignum.c b/fuzz/bignum.c
+new file mode 100644
+index 0000000..28a439e
+--- /dev/null
++++ b/fuzz/bignum.c
+@@ -0,0 +1,91 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++/*
++ * Confirm that a^b mod c agrees when calculated cleverly vs naively, for
++ * random a, b and c.
++ */
++
++#include <stdio.h>
++#include <openssl/bn.h>
++#include "fuzzer.h"
++
++int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
++ int success = 0;
++ static BN_CTX *ctx;
++ static BN_MONT_CTX *mont;
++ static BIGNUM *b1;
++ static BIGNUM *b2;
++ static BIGNUM *b3;
++ static BIGNUM *b4;
++ static BIGNUM *b5;
++
++ if (ctx == NULL) {
++ b1 = BN_new();
++ b2 = BN_new();
++ b3 = BN_new();
++ b4 = BN_new();
++ b5 = BN_new();
++ ctx = BN_CTX_new();
++ mont = BN_MONT_CTX_new();
++ }
++ // Divide the input into three parts, using the values of the first two
++ // bytes to choose lengths, which generate b1, b2 and b3. Use three bits
++ // of the third byte to choose signs for the three numbers.
++ size_t l1 = 0, l2 = 0, l3 = 0;
++ int s1 = 0, s2 = 0, s3 = 0;
++ if (len > 2) {
++ len -= 3;
++ l1 = (buf[0] * len) / 255;
++ ++buf;
++ l2 = (buf[0] * (len - l1)) / 255;
++ ++buf;
++ l3 = len - l1 - l2;
++
++ s1 = buf[0] & 1;
++ s2 = buf[0] & 2;
++ s3 = buf[0] & 4;
++ ++buf;
++ }
++ OPENSSL_assert(BN_bin2bn(buf, l1, b1) == b1);
++ BN_set_negative(b1, s1);
++ OPENSSL_assert(BN_bin2bn(buf + l1, l2, b2) == b2);
++ BN_set_negative(b2, s2);
++ OPENSSL_assert(BN_bin2bn(buf + l1 + l2, l3, b3) == b3);
++ BN_set_negative(b3, s3);
++
++ // mod 0 is undefined
++ if (BN_is_zero(b3)) {
++ success = 1;
++ goto done;
++ }
++
++ OPENSSL_assert(BN_mod_exp(b4, b1, b2, b3, ctx));
++ OPENSSL_assert(BN_mod_exp_simple(b5, b1, b2, b3, ctx));
++
++ success = BN_cmp(b4, b5) == 0;
++ if (!success) {
++ BN_print_fp(stdout, b1);
++ putchar('\n');
++ BN_print_fp(stdout, b2);
++ putchar('\n');
++ BN_print_fp(stdout, b3);
++ putchar('\n');
++ BN_print_fp(stdout, b4);
++ putchar('\n');
++ BN_print_fp(stdout, b5);
++ putchar('\n');
++ }
++
++ done:
++ OPENSSL_assert(success);
++
++ return 0;
++}
+diff --git a/fuzz/bndiv.c b/fuzz/bndiv.c
+new file mode 100644
+index 0000000..c897de9
+--- /dev/null
++++ b/fuzz/bndiv.c
+@@ -0,0 +1,101 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++/*
++ * Confirm that if (d, r) = a / b, then b * d + r == a, and that sign(d) ==
++ * sign(a), and 0 <= r <= b
++ */
++
++#include <stdio.h>
++#include <openssl/bn.h>
++#include "fuzzer.h"
++
++int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
++ int success = 0;
++ static BN_CTX *ctx;
++ static BIGNUM *b1;
++ static BIGNUM *b2;
++ static BIGNUM *b3;
++ static BIGNUM *b4;
++ static BIGNUM *b5;
++
++ if (ctx == NULL) {
++ b1 = BN_new();
++ b2 = BN_new();
++ b3 = BN_new();
++ b4 = BN_new();
++ b5 = BN_new();
++ ctx = BN_CTX_new();
++ }
++ // We are going to split the buffer in two, sizes l1 and l2, giving b1 and
++ // b2.
++ size_t l1 = 0, l2 = 0;
++ // s1 and s2 will be the signs for b1 and b2.
++ int s1 = 0, s2 = 0;
++ if (len > 0) {
++ --len;
++ // Use first byte to divide the remaining buffer into 3Fths. I admit
++ // this disallows some number sizes. If it matters, better ideas are
++ // welcome (Ben).
++ l1 = ((buf[0] & 0x3f) * len) / 0x3f;
++ s1 = buf[0] & 0x40;
++ s2 = buf[0] & 0x80;
++ ++buf;
++ l2 = len - l1;
++ }
++ OPENSSL_assert(BN_bin2bn(buf, l1, b1) == b1);
++ BN_set_negative(b1, s1);
++ OPENSSL_assert(BN_bin2bn(buf + l1, l2, b2) == b2);
++ BN_set_negative(b2, s2);
++
++ // divide by 0 is an error
++ if (BN_is_zero(b2)) {
++ success = 1;
++ goto done;
++ }
++
++ OPENSSL_assert(BN_div(b3, b4, b1, b2, ctx));
++ if (BN_is_zero(b1))
++ success = BN_is_zero(b3) && BN_is_zero(b4);
++ else if (BN_is_negative(b1))
++ success = (BN_is_negative(b3) != BN_is_negative(b2) || BN_is_zero(b3))
++ && (BN_is_negative(b4) || BN_is_zero(b4));
++ else
++ success = (BN_is_negative(b3) == BN_is_negative(b2) || BN_is_zero(b3))
++ && (!BN_is_negative(b4) || BN_is_zero(b4));
++ OPENSSL_assert(BN_mul(b5, b3, b2, ctx));
++ OPENSSL_assert(BN_add(b5, b5, b4));
++
++ success = success && BN_cmp(b5, b1) == 0;
++ if (!success) {
++ BN_print_fp(stdout, b1);
++ putchar('\n');
++ BN_print_fp(stdout, b2);
++ putchar('\n');
++ BN_print_fp(stdout, b3);
++ putchar('\n');
++ BN_print_fp(stdout, b4);
++ putchar('\n');
++ BN_print_fp(stdout, b5);
++ putchar('\n');
++ printf("%d %d %d %d %d %d %d\n", BN_is_negative(b1),
++ BN_is_negative(b2),
++ BN_is_negative(b3), BN_is_negative(b4), BN_is_zero(b4),
++ BN_is_negative(b3) != BN_is_negative(b2)
++ && (BN_is_negative(b4) || BN_is_zero(b4)),
++ BN_cmp(b5, b1));
++ puts("----\n");
++ }
++
++ done:
++ OPENSSL_assert(success);
++
++ return 0;
++}
+diff --git a/fuzz/build.info b/fuzz/build.info
+new file mode 100644
+index 0000000..29d14b3
+--- /dev/null
++++ b/fuzz/build.info
+@@ -0,0 +1,29 @@
++PROGRAMS=server asn1 asn1parse cms conf bignum bndiv
++
++SOURCE[server]=server.c
++INCLUDE[server]=../include ../../../svn-work/Fuzzer
++DEPEND[server]=../libcrypto ../libssl ../../../svn-work/Fuzzer/libFuzzer
++
++SOURCE[asn1]=asn1.c
++INCLUDE[asn1]=../include ../../../svn-work/Fuzzer
++DEPEND[asn1]=../libcrypto ../../../svn-work/Fuzzer/libFuzzer
++
++SOURCE[asn1parse]=asn1parse.c
++INCLUDE[asn1parse]=../include ../../../svn-work/Fuzzer
++DEPEND[asn1parse]=../libcrypto ../../../svn-work/Fuzzer/libFuzzer
++
++SOURCE[cms]=cms.c
++INCLUDE[cms]=../include ../../../svn-work/Fuzzer
++DEPEND[cms]=../libcrypto ../../../svn-work/Fuzzer/libFuzzer
++
++SOURCE[conf]=conf.c
++INCLUDE[conf]=../include ../../../svn-work/Fuzzer
++DEPEND[conf]=../libcrypto ../../../svn-work/Fuzzer/libFuzzer
++
++SOURCE[bignum]=bignum.c
++INCLUDE[bignum]=../include ../../../svn-work/Fuzzer
++DEPEND[bignum]=../libcrypto ../../../svn-work/Fuzzer/libFuzzer
++
++SOURCE[bndiv]=bndiv.c
++INCLUDE[bndiv]=../include ../../../svn-work/Fuzzer
++DEPEND[bndiv]=../libcrypto ../../../svn-work/Fuzzer/libFuzzer
+diff --git a/fuzz/cms.c b/fuzz/cms.c
+new file mode 100644
+index 0000000..7b4fc3d
+--- /dev/null
++++ b/fuzz/cms.c
+@@ -0,0 +1,26 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++/*
++ * Test CMS DER parsing.
++ */
++
++#include <openssl/bio.h>
++#include <openssl/cms.h>
++#include "fuzzer.h"
++
++int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
++ BIO *in = BIO_new(BIO_s_mem());
++ OPENSSL_assert((size_t)BIO_write(in, buf, len) == len);
++ CMS_ContentInfo *i = d2i_CMS_bio(in, NULL);
++ CMS_ContentInfo_free(i);
++ BIO_free(in);
++ return 0;
++}
+diff --git a/fuzz/conf.c b/fuzz/conf.c
+new file mode 100644
+index 0000000..3e3f7f1
+--- /dev/null
++++ b/fuzz/conf.c
+@@ -0,0 +1,30 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++/*
++ * Test configuration parsing.
++ */
++
++#include <openssl/conf.h>
++#include "fuzzer.h"
++
++int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
++ CONF *conf = NCONF_new(NULL);
++ BIO *in = BIO_new(BIO_s_mem());
++ long eline;
++
++ OPENSSL_assert((size_t)BIO_write(in, buf, len) == len);
++ NCONF_load_bio(conf, in, &eline);
++ //NCONF_dump_fp(conf, stdout);
++ NCONF_free(conf);
++ BIO_free(in);
++
++ return 0;
++}
+diff --git a/fuzz/fuzzer.h b/fuzz/fuzzer.h
+new file mode 100644
+index 0000000..b3c3428
+--- /dev/null
++++ b/fuzz/fuzzer.h
+@@ -0,0 +1,12 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len);
++int LLVMFuzzerInitialize(int *argc, char ***argv);
+diff --git a/fuzz/helper.py b/fuzz/helper.py
+new file mode 100755
+index 0000000..75a9e12
+--- /dev/null
++++ b/fuzz/helper.py
+@@ -0,0 +1,45 @@
++#!/usr/bin/python
++
++"""Fuzzing helper, creates and uses corpus/crash directories.
++
++fuzzer.py <fuzzer> <extra fuzzer arguments>
++"""
++
++import os
++import subprocess
++import sys
++
++FUZZER = sys.argv[1]
++
++THIS_DIR = os.path.abspath(os.path.dirname(__file__))
++CORPORA_DIR = os.path.abspath(os.path.join(THIS_DIR, "corpora"))
++
++FUZZER_DIR = os.path.abspath(os.path.join(CORPORA_DIR, FUZZER))
++if not os.path.isdir(FUZZER_DIR):
++ os.mkdir(FUZZER_DIR)
++
++corpora = []
++
++def _create(d):
++ dd = os.path.abspath(os.path.join(CORPORA_DIR, d))
++ if not os.path.isdir(dd):
++ os.mkdir(dd)
++ corpora.append(dd)
++
++def _add(d):
++ dd = os.path.abspath(os.path.join(CORPORA_DIR, d))
++ if os.path.isdir(dd):
++ corpora.append(dd)
++
++def main():
++ _create(FUZZER)
++ _create(FUZZER + "-crash")
++ _add(FUZZER + "-seed")
++
++ cmd = ([os.path.abspath(os.path.join(THIS_DIR, FUZZER))] + sys.argv[2:]
++ + ["-artifact_prefix=" + corpora[1] + "/"] + corpora)
++ print " ".join(cmd)
++ subprocess.call(cmd)
++
++if __name__ == "__main__":
++ main()
+diff --git a/fuzz/server.c b/fuzz/server.c
+new file mode 100644
+index 0000000..d3ed1ad
+--- /dev/null
++++ b/fuzz/server.c
+@@ -0,0 +1,237 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++// Shamelessly copied from BoringSSL and converted to C.
++
++// Test first part of SSL server handshake.
++
++
++#include <openssl/rand.h>
++#include <openssl/ssl.h>
++#include "fuzzer.h"
++
++static const uint8_t kCertificateDER[] = {
++ 0x30, 0x82, 0x02, 0xff, 0x30, 0x82, 0x01, 0xe7, 0xa0, 0x03, 0x02, 0x01,
++ 0x02, 0x02, 0x11, 0x00, 0xb1, 0x84, 0xee, 0x34, 0x99, 0x98, 0x76, 0xfb,
++ 0x6f, 0xb2, 0x15, 0xc8, 0x47, 0x79, 0x05, 0x9b, 0x30, 0x0d, 0x06, 0x09,
++ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30,
++ 0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x07,
++ 0x41, 0x63, 0x6d, 0x65, 0x20, 0x43, 0x6f, 0x30, 0x1e, 0x17, 0x0d, 0x31,
++ 0x35, 0x31, 0x31, 0x30, 0x37, 0x30, 0x30, 0x32, 0x34, 0x35, 0x36, 0x5a,
++ 0x17, 0x0d, 0x31, 0x36, 0x31, 0x31, 0x30, 0x36, 0x30, 0x30, 0x32, 0x34,
++ 0x35, 0x36, 0x5a, 0x30, 0x12, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
++ 0x04, 0x0a, 0x13, 0x07, 0x41, 0x63, 0x6d, 0x65, 0x20, 0x43, 0x6f, 0x30,
++ 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
++ 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30,
++ 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xce, 0x47, 0xcb, 0x11,
++ 0xbb, 0xd2, 0x9d, 0x8e, 0x9e, 0xd2, 0x1e, 0x14, 0xaf, 0xc7, 0xea, 0xb6,
++ 0xc9, 0x38, 0x2a, 0x6f, 0xb3, 0x7e, 0xfb, 0xbc, 0xfc, 0x59, 0x42, 0xb9,
++ 0x56, 0xf0, 0x4c, 0x3f, 0xf7, 0x31, 0x84, 0xbe, 0xac, 0x03, 0x9e, 0x71,
++ 0x91, 0x85, 0xd8, 0x32, 0xbd, 0x00, 0xea, 0xac, 0x65, 0xf6, 0x03, 0xc8,
++ 0x0f, 0x8b, 0xfd, 0x6e, 0x58, 0x88, 0x04, 0x41, 0x92, 0x74, 0xa6, 0x57,
++ 0x2e, 0x8e, 0x88, 0xd5, 0x3d, 0xda, 0x14, 0x3e, 0x63, 0x88, 0x22, 0xe3,
++ 0x53, 0xe9, 0xba, 0x39, 0x09, 0xac, 0xfb, 0xd0, 0x4c, 0xf2, 0x3c, 0x20,
++ 0xd6, 0x97, 0xe6, 0xed, 0xf1, 0x62, 0x1e, 0xe5, 0xc9, 0x48, 0xa0, 0xca,
++ 0x2e, 0x3c, 0x14, 0x5a, 0x82, 0xd4, 0xed, 0xb1, 0xe3, 0x43, 0xc1, 0x2a,
++ 0x59, 0xa5, 0xb9, 0xc8, 0x48, 0xa7, 0x39, 0x23, 0x74, 0xa7, 0x37, 0xb0,
++ 0x6f, 0xc3, 0x64, 0x99, 0x6c, 0xa2, 0x82, 0xc8, 0xf6, 0xdb, 0x86, 0x40,
++ 0xce, 0xd1, 0x85, 0x9f, 0xce, 0x69, 0xf4, 0x15, 0x2a, 0x23, 0xca, 0xea,
++ 0xb7, 0x7b, 0xdf, 0xfb, 0x43, 0x5f, 0xff, 0x7a, 0x49, 0x49, 0x0e, 0xe7,
++ 0x02, 0x51, 0x45, 0x13, 0xe8, 0x90, 0x64, 0x21, 0x0c, 0x26, 0x2b, 0x5d,
++ 0xfc, 0xe4, 0xb5, 0x86, 0x89, 0x43, 0x22, 0x4c, 0xf3, 0x3b, 0xf3, 0x09,
++ 0xc4, 0xa4, 0x10, 0x80, 0xf2, 0x46, 0xe2, 0x46, 0x8f, 0x76, 0x50, 0xbf,
++ 0xaf, 0x2b, 0x90, 0x1b, 0x78, 0xc7, 0xcf, 0xc1, 0x77, 0xd0, 0xfb, 0xa9,
++ 0xfb, 0xc9, 0x66, 0x5a, 0xc5, 0x9b, 0x31, 0x41, 0x67, 0x01, 0xbe, 0x33,
++ 0x10, 0xba, 0x05, 0x58, 0xed, 0x76, 0x53, 0xde, 0x5d, 0xc1, 0xe8, 0xbb,
++ 0x9f, 0xf1, 0xcd, 0xfb, 0xdf, 0x64, 0x7f, 0xd7, 0x18, 0xab, 0x0f, 0x94,
++ 0x28, 0x95, 0x4a, 0xcc, 0x6a, 0xa9, 0x50, 0xc7, 0x05, 0x47, 0x10, 0x41,
++ 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0e, 0x06,
++ 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x05,
++ 0xa0, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0c, 0x30, 0x0a,
++ 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x30, 0x0c,
++ 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00,
++ 0x30, 0x19, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x12, 0x30, 0x10, 0x82,
++ 0x0e, 0x66, 0x75, 0x7a, 0x7a, 0x2e, 0x62, 0x6f, 0x72, 0x69, 0x6e, 0x67,
++ 0x73, 0x73, 0x6c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
++ 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x92,
++ 0xde, 0xef, 0x96, 0x06, 0x7b, 0xff, 0x71, 0x7d, 0x4e, 0xa0, 0x7d, 0xae,
++ 0xb8, 0x22, 0xb4, 0x2c, 0xf7, 0x96, 0x9c, 0x37, 0x1d, 0x8f, 0xe7, 0xd9,
++ 0x47, 0xff, 0x3f, 0xe9, 0x35, 0x95, 0x0e, 0xdd, 0xdc, 0x7f, 0xc8, 0x8a,
++ 0x1e, 0x36, 0x1d, 0x38, 0x47, 0xfc, 0x76, 0xd2, 0x1f, 0x98, 0xa1, 0x36,
++ 0xac, 0xc8, 0x70, 0x38, 0x0a, 0x3d, 0x51, 0x8d, 0x0f, 0x03, 0x1b, 0xef,
++ 0x62, 0xa1, 0xcb, 0x2b, 0x4a, 0x8c, 0x12, 0x2b, 0x54, 0x50, 0x9a, 0x6b,
++ 0xfe, 0xaf, 0xd9, 0xf6, 0xbf, 0x58, 0x11, 0x58, 0x5e, 0xe5, 0x86, 0x1e,
++ 0x3b, 0x6b, 0x30, 0x7e, 0x72, 0x89, 0xe8, 0x6b, 0x7b, 0xb7, 0xaf, 0xef,
++ 0x8b, 0xa9, 0x3e, 0xb0, 0xcd, 0x0b, 0xef, 0xb0, 0x0c, 0x96, 0x2b, 0xc5,
++ 0x3b, 0xd5, 0xf1, 0xc2, 0xae, 0x3a, 0x60, 0xd9, 0x0f, 0x75, 0x37, 0x55,
++ 0x4d, 0x62, 0xd2, 0xed, 0x96, 0xac, 0x30, 0x6b, 0xda, 0xa1, 0x48, 0x17,
++ 0x96, 0x23, 0x85, 0x9a, 0x57, 0x77, 0xe9, 0x22, 0xa2, 0x37, 0x03, 0xba,
++ 0x49, 0x77, 0x40, 0x3b, 0x76, 0x4b, 0xda, 0xc1, 0x04, 0x57, 0x55, 0x34,
++ 0x22, 0x83, 0x45, 0x29, 0xab, 0x2e, 0x11, 0xff, 0x0d, 0xab, 0x55, 0xb1,
++ 0xa7, 0x58, 0x59, 0x05, 0x25, 0xf9, 0x1e, 0x3d, 0xb7, 0xac, 0x04, 0x39,
++ 0x2c, 0xf9, 0xaf, 0xb8, 0x68, 0xfb, 0x8e, 0x35, 0x71, 0x32, 0xff, 0x70,
++ 0xe9, 0x46, 0x6d, 0x5c, 0x06, 0x90, 0x88, 0x23, 0x48, 0x0c, 0x50, 0xeb,
++ 0x0a, 0xa9, 0xae, 0xe8, 0xfc, 0xbe, 0xa5, 0x76, 0x94, 0xd7, 0x64, 0x22,
++ 0x38, 0x98, 0x17, 0xa4, 0x3a, 0xa7, 0x59, 0x9f, 0x1d, 0x3b, 0x75, 0x90,
++ 0x1a, 0x81, 0xef, 0x19, 0xfb, 0x2b, 0xb7, 0xa7, 0x64, 0x61, 0x22, 0xa4,
++ 0x6f, 0x7b, 0xfa, 0x58, 0xbb, 0x8c, 0x4e, 0x77, 0x67, 0xd0, 0x5d, 0x58,
++ 0x76, 0x8a, 0xbb,
++};
++
++static const uint8_t kRSAPrivateKeyDER[] = {
++ 0x30, 0x82, 0x04, 0xa5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
++ 0xce, 0x47, 0xcb, 0x11, 0xbb, 0xd2, 0x9d, 0x8e, 0x9e, 0xd2, 0x1e, 0x14,
++ 0xaf, 0xc7, 0xea, 0xb6, 0xc9, 0x38, 0x2a, 0x6f, 0xb3, 0x7e, 0xfb, 0xbc,
++ 0xfc, 0x59, 0x42, 0xb9, 0x56, 0xf0, 0x4c, 0x3f, 0xf7, 0x31, 0x84, 0xbe,
++ 0xac, 0x03, 0x9e, 0x71, 0x91, 0x85, 0xd8, 0x32, 0xbd, 0x00, 0xea, 0xac,
++ 0x65, 0xf6, 0x03, 0xc8, 0x0f, 0x8b, 0xfd, 0x6e, 0x58, 0x88, 0x04, 0x41,
++ 0x92, 0x74, 0xa6, 0x57, 0x2e, 0x8e, 0x88, 0xd5, 0x3d, 0xda, 0x14, 0x3e,
++ 0x63, 0x88, 0x22, 0xe3, 0x53, 0xe9, 0xba, 0x39, 0x09, 0xac, 0xfb, 0xd0,
++ 0x4c, 0xf2, 0x3c, 0x20, 0xd6, 0x97, 0xe6, 0xed, 0xf1, 0x62, 0x1e, 0xe5,
++ 0xc9, 0x48, 0xa0, 0xca, 0x2e, 0x3c, 0x14, 0x5a, 0x82, 0xd4, 0xed, 0xb1,
++ 0xe3, 0x43, 0xc1, 0x2a, 0x59, 0xa5, 0xb9, 0xc8, 0x48, 0xa7, 0x39, 0x23,
++ 0x74, 0xa7, 0x37, 0xb0, 0x6f, 0xc3, 0x64, 0x99, 0x6c, 0xa2, 0x82, 0xc8,
++ 0xf6, 0xdb, 0x86, 0x40, 0xce, 0xd1, 0x85, 0x9f, 0xce, 0x69, 0xf4, 0x15,
++ 0x2a, 0x23, 0xca, 0xea, 0xb7, 0x7b, 0xdf, 0xfb, 0x43, 0x5f, 0xff, 0x7a,
++ 0x49, 0x49, 0x0e, 0xe7, 0x02, 0x51, 0x45, 0x13, 0xe8, 0x90, 0x64, 0x21,
++ 0x0c, 0x26, 0x2b, 0x5d, 0xfc, 0xe4, 0xb5, 0x86, 0x89, 0x43, 0x22, 0x4c,
++ 0xf3, 0x3b, 0xf3, 0x09, 0xc4, 0xa4, 0x10, 0x80, 0xf2, 0x46, 0xe2, 0x46,
++ 0x8f, 0x76, 0x50, 0xbf, 0xaf, 0x2b, 0x90, 0x1b, 0x78, 0xc7, 0xcf, 0xc1,
++ 0x77, 0xd0, 0xfb, 0xa9, 0xfb, 0xc9, 0x66, 0x5a, 0xc5, 0x9b, 0x31, 0x41,
++ 0x67, 0x01, 0xbe, 0x33, 0x10, 0xba, 0x05, 0x58, 0xed, 0x76, 0x53, 0xde,
++ 0x5d, 0xc1, 0xe8, 0xbb, 0x9f, 0xf1, 0xcd, 0xfb, 0xdf, 0x64, 0x7f, 0xd7,
++ 0x18, 0xab, 0x0f, 0x94, 0x28, 0x95, 0x4a, 0xcc, 0x6a, 0xa9, 0x50, 0xc7,
++ 0x05, 0x47, 0x10, 0x41, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
++ 0x01, 0x00, 0xa8, 0x47, 0xb9, 0x4a, 0x06, 0x47, 0x93, 0x71, 0x3d, 0xef,
++ 0x7b, 0xca, 0xb4, 0x7c, 0x0a, 0xe6, 0x82, 0xd0, 0xe7, 0x0d, 0xa9, 0x08,
++ 0xf6, 0xa4, 0xfd, 0xd8, 0x73, 0xae, 0x6f, 0x56, 0x29, 0x5e, 0x25, 0x72,
++ 0xa8, 0x30, 0x44, 0x73, 0xcf, 0x56, 0x26, 0xb9, 0x61, 0xde, 0x42, 0x81,
++ 0xf4, 0xf0, 0x1f, 0x5d, 0xcb, 0x47, 0xf2, 0x26, 0xe9, 0xe0, 0x93, 0x28,
++ 0xa3, 0x10, 0x3b, 0x42, 0x1e, 0x51, 0x11, 0x12, 0x06, 0x5e, 0xaf, 0xce,
++ 0xb0, 0xa5, 0x14, 0xdd, 0x82, 0x58, 0xa1, 0xa4, 0x12, 0xdf, 0x65, 0x1d,
++ 0x51, 0x70, 0x64, 0xd5, 0x58, 0x68, 0x11, 0xa8, 0x6a, 0x23, 0xc2, 0xbf,
++ 0xa1, 0x25, 0x24, 0x47, 0xb3, 0xa4, 0x3c, 0x83, 0x96, 0xb7, 0x1f, 0xf4,
++ 0x44, 0xd4, 0xd1, 0xe9, 0xfc, 0x33, 0x68, 0x5e, 0xe2, 0x68, 0x99, 0x9c,
++ 0x91, 0xe8, 0x72, 0xc9, 0xd7, 0x8c, 0x80, 0x20, 0x8e, 0x77, 0x83, 0x4d,
++ 0xe4, 0xab, 0xf9, 0x74, 0xa1, 0xdf, 0xd3, 0xc0, 0x0d, 0x5b, 0x05, 0x51,
++ 0xc2, 0x6f, 0xb2, 0x91, 0x02, 0xec, 0xc0, 0x02, 0x1a, 0x5c, 0x91, 0x05,
++ 0xf1, 0xe3, 0xfa, 0x65, 0xc2, 0xad, 0x24, 0xe6, 0xe5, 0x3c, 0xb6, 0x16,
++ 0xf1, 0xa1, 0x67, 0x1a, 0x9d, 0x37, 0x56, 0xbf, 0x01, 0xd7, 0x3b, 0x35,
++ 0x30, 0x57, 0x73, 0xf4, 0xf0, 0x5e, 0xa7, 0xe8, 0x0a, 0xc1, 0x94, 0x17,
++ 0xcf, 0x0a, 0xbd, 0xf5, 0x31, 0xa7, 0x2d, 0xf7, 0xf5, 0xd9, 0x8c, 0xc2,
++ 0x01, 0xbd, 0xda, 0x16, 0x8e, 0xb9, 0x30, 0x40, 0xa6, 0x6e, 0xbd, 0xcd,
++ 0x4d, 0x84, 0x67, 0x4e, 0x0b, 0xce, 0xd5, 0xef, 0xf8, 0x08, 0x63, 0x02,
++ 0xc6, 0xc7, 0xf7, 0x67, 0x92, 0xe2, 0x23, 0x9d, 0x27, 0x22, 0x1d, 0xc6,
++ 0x67, 0x5e, 0x66, 0xbf, 0x03, 0xb8, 0xa9, 0x67, 0xd4, 0x39, 0xd8, 0x75,
++ 0xfa, 0xe8, 0xed, 0x56, 0xb8, 0x81, 0x02, 0x81, 0x81, 0x00, 0xf7, 0x46,
++ 0x68, 0xc6, 0x13, 0xf8, 0xba, 0x0f, 0x83, 0xdb, 0x05, 0xa8, 0x25, 0x00,
++ 0x70, 0x9c, 0x9e, 0x8b, 0x12, 0x34, 0x0d, 0x96, 0xcf, 0x0d, 0x98, 0x9b,
++ 0x8d, 0x9c, 0x96, 0x78, 0xd1, 0x3c, 0x01, 0x8c, 0xb9, 0x35, 0x5c, 0x20,
++ 0x42, 0xb4, 0x38, 0xe3, 0xd6, 0x54, 0xe7, 0x55, 0xd6, 0x26, 0x8a, 0x0c,
++ 0xf6, 0x1f, 0xe0, 0x04, 0xc1, 0x22, 0x42, 0x19, 0x61, 0xc4, 0x94, 0x7c,
++ 0x07, 0x2e, 0x80, 0x52, 0xfe, 0x8d, 0xe6, 0x92, 0x3a, 0x91, 0xfe, 0x72,
++ 0x99, 0xe1, 0x2a, 0x73, 0x76, 0xb1, 0x24, 0x20, 0x67, 0xde, 0x28, 0xcb,
++ 0x0e, 0xe6, 0x52, 0xb5, 0xfa, 0xfb, 0x8b, 0x1e, 0x6a, 0x1d, 0x09, 0x26,
++ 0xb9, 0xa7, 0x61, 0xba, 0xf8, 0x79, 0xd2, 0x66, 0x57, 0x28, 0xd7, 0x31,
++ 0xb5, 0x0b, 0x27, 0x19, 0x1e, 0x6f, 0x46, 0xfc, 0x54, 0x95, 0xeb, 0x78,
++ 0x01, 0xb6, 0xd9, 0x79, 0x5a, 0x4d, 0x02, 0x81, 0x81, 0x00, 0xd5, 0x8f,
++ 0x16, 0x53, 0x2f, 0x57, 0x93, 0xbf, 0x09, 0x75, 0xbf, 0x63, 0x40, 0x3d,
++ 0x27, 0xfd, 0x23, 0x21, 0xde, 0x9b, 0xe9, 0x73, 0x3f, 0x49, 0x02, 0xd2,
++ 0x38, 0x96, 0xcf, 0xc3, 0xba, 0x92, 0x07, 0x87, 0x52, 0xa9, 0x35, 0xe3,
++ 0x0c, 0xe4, 0x2f, 0x05, 0x7b, 0x37, 0xa5, 0x40, 0x9c, 0x3b, 0x94, 0xf7,
++ 0xad, 0xa0, 0xee, 0x3a, 0xa8, 0xfb, 0x1f, 0x11, 0x1f, 0xd8, 0x9a, 0x80,
++ 0x42, 0x3d, 0x7f, 0xa4, 0xb8, 0x9a, 0xaa, 0xea, 0x72, 0xc1, 0xe3, 0xed,
++ 0x06, 0x60, 0x92, 0x37, 0xf9, 0xba, 0xfb, 0x9e, 0xed, 0x05, 0xa6, 0xd4,
++ 0x72, 0x68, 0x4f, 0x63, 0xfe, 0xd6, 0x10, 0x0d, 0x4f, 0x0a, 0x93, 0xc6,
++ 0xb9, 0xd7, 0xaf, 0xfd, 0xd9, 0x57, 0x7d, 0xcb, 0x75, 0xe8, 0x93, 0x2b,
++ 0xae, 0x4f, 0xea, 0xd7, 0x30, 0x0b, 0x58, 0x44, 0x82, 0x0f, 0x84, 0x5d,
++ 0x62, 0x11, 0x78, 0xea, 0x5f, 0xc5, 0x02, 0x81, 0x81, 0x00, 0x82, 0x0c,
++ 0xc1, 0xe6, 0x0b, 0x72, 0xf1, 0x48, 0x5f, 0xac, 0xbd, 0x98, 0xe5, 0x7d,
++ 0x09, 0xbd, 0x15, 0x95, 0x47, 0x09, 0xa1, 0x6c, 0x03, 0x91, 0xbf, 0x05,
++ 0x70, 0xc1, 0x3e, 0x52, 0x64, 0x99, 0x0e, 0xa7, 0x98, 0x70, 0xfb, 0xf6,
++ 0xeb, 0x9e, 0x25, 0x9d, 0x8e, 0x88, 0x30, 0xf2, 0xf0, 0x22, 0x6c, 0xd0,
++ 0xcc, 0x51, 0x8f, 0x5c, 0x70, 0xc7, 0x37, 0xc4, 0x69, 0xab, 0x1d, 0xfc,
++ 0xed, 0x3a, 0x03, 0xbb, 0xa2, 0xad, 0xb6, 0xea, 0x89, 0x6b, 0x67, 0x4b,
++ 0x96, 0xaa, 0xd9, 0xcc, 0xc8, 0x4b, 0xfa, 0x18, 0x21, 0x08, 0xb2, 0xa3,
++ 0xb9, 0x3e, 0x61, 0x99, 0xdc, 0x5a, 0x97, 0x9c, 0x73, 0x6a, 0xb9, 0xf9,
++ 0x68, 0x03, 0x24, 0x5f, 0x55, 0x77, 0x9c, 0xb4, 0xbe, 0x7a, 0x78, 0x53,
++ 0x68, 0x48, 0x69, 0x53, 0xc8, 0xb1, 0xf5, 0xbf, 0x98, 0x2d, 0x11, 0x1e,
++ 0x98, 0xa8, 0x36, 0x50, 0xa0, 0xb1, 0x02, 0x81, 0x81, 0x00, 0x90, 0x88,
++ 0x30, 0x71, 0xc7, 0xfe, 0x9b, 0x6d, 0x95, 0x37, 0x6d, 0x79, 0xfc, 0x85,
++ 0xe7, 0x44, 0x78, 0xbc, 0x79, 0x6e, 0x47, 0x86, 0xc9, 0xf3, 0xdd, 0xc6,
++ 0xec, 0xa9, 0x94, 0x9f, 0x40, 0xeb, 0x87, 0xd0, 0xdb, 0xee, 0xcd, 0x1b,
++ 0x87, 0x23, 0xff, 0x76, 0xd4, 0x37, 0x8a, 0xcd, 0xb9, 0x6e, 0xd1, 0x98,
++ 0xf6, 0x97, 0x8d, 0xe3, 0x81, 0x6d, 0xc3, 0x4e, 0xd1, 0xa0, 0xc4, 0x9f,
++ 0xbd, 0x34, 0xe5, 0xe8, 0x53, 0x4f, 0xca, 0x10, 0xb5, 0xed, 0xe7, 0x16,
++ 0x09, 0x54, 0xde, 0x60, 0xa7, 0xd1, 0x16, 0x6e, 0x2e, 0xb7, 0xbe, 0x7a,
++ 0xd5, 0x9b, 0x26, 0xef, 0xe4, 0x0e, 0x77, 0xfa, 0xa9, 0xdd, 0xdc, 0xb9,
++ 0x88, 0x19, 0x23, 0x70, 0xc7, 0xe1, 0x60, 0xaf, 0x8c, 0x73, 0x04, 0xf7,
++ 0x71, 0x17, 0x81, 0x36, 0x75, 0xbb, 0x97, 0xd7, 0x75, 0xb6, 0x8e, 0xbc,
++ 0xac, 0x9c, 0x6a, 0x9b, 0x24, 0x89, 0x02, 0x81, 0x80, 0x5a, 0x2b, 0xc7,
++ 0x6b, 0x8c, 0x65, 0xdb, 0x04, 0x73, 0xab, 0x25, 0xe1, 0x5b, 0xbc, 0x3c,
++ 0xcf, 0x5a, 0x3c, 0x04, 0xae, 0x97, 0x2e, 0xfd, 0xa4, 0x97, 0x1f, 0x05,
++ 0x17, 0x27, 0xac, 0x7c, 0x30, 0x85, 0xb4, 0x82, 0x3f, 0x5b, 0xb7, 0x94,
++ 0x3b, 0x7f, 0x6c, 0x0c, 0xc7, 0x16, 0xc6, 0xa0, 0xbd, 0x80, 0xb0, 0x81,
++ 0xde, 0xa0, 0x23, 0xa6, 0xf6, 0x75, 0x33, 0x51, 0x35, 0xa2, 0x75, 0x55,
++ 0x70, 0x4d, 0x42, 0xbb, 0xcf, 0x54, 0xe4, 0xdb, 0x2d, 0x88, 0xa0, 0x7a,
++ 0xf2, 0x17, 0xa7, 0xdd, 0x13, 0x44, 0x9f, 0x5f, 0x6b, 0x2c, 0x42, 0x42,
++ 0x8b, 0x13, 0x4d, 0xf9, 0x5b, 0xf8, 0x33, 0x42, 0xd9, 0x9e, 0x50, 0x1c,
++ 0x7c, 0xbc, 0xfa, 0x62, 0x85, 0x0b, 0xcf, 0x99, 0xda, 0x9e, 0x04, 0x90,
++ 0xb2, 0xc6, 0xb2, 0x0a, 0x2a, 0x7c, 0x6d, 0x6a, 0x40, 0xfc, 0xf5, 0x50,
++ 0x98, 0x46, 0x89, 0x82, 0x40,
++};
++
++static SSL_CTX *ctx;
++
++static void Init() {
++ ctx = SSL_CTX_new(SSLv23_method());
++ const uint8_t *bufp = kRSAPrivateKeyDER;
++ RSA *privkey = d2i_RSAPrivateKey(NULL, &bufp, sizeof(kRSAPrivateKeyDER));
++ OPENSSL_assert(privkey != NULL);
++ EVP_PKEY *pkey = EVP_PKEY_new();
++ EVP_PKEY_assign_RSA(pkey, privkey);
++ int ret = SSL_CTX_use_PrivateKey(ctx, pkey);
++ OPENSSL_assert(ret == 1);
++ EVP_PKEY_free(pkey);
++ bufp = kCertificateDER;
++ X509 *cert = d2i_X509(NULL, &bufp, sizeof(kCertificateDER));
++ OPENSSL_assert(cert != NULL);
++ ret = SSL_CTX_use_certificate(ctx, cert);
++ OPENSSL_assert(ret == 1);
++ X509_free(cert);
++ }
++
++int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
++ if (ctx == NULL)
++ Init();
++ // TODO: make this work for OpenSSL. There's a PREDICT define that may do
++ // the job.
++ // TODO: use the ossltest engine (optionally?) to disable crypto checks.
++ //RAND_reset_for_fuzzing();
++
++ // This only fuzzes the initial flow from the client so far.
++ SSL *server = SSL_new(ctx);
++ BIO *in = BIO_new(BIO_s_mem());
++ BIO *out = BIO_new(BIO_s_mem());
++ SSL_set_bio(server, in, out);
++ SSL_set_accept_state(server);
++ OPENSSL_assert((size_t)BIO_write(in, buf, len) == len);
++ if (SSL_do_handshake(server) == 1) {
++ // Keep reading application data until error or EOF.
++ uint8_t tmp[1024];
++ for (;;) {
++ if (SSL_read(server, tmp, sizeof(tmp)) <= 0) {
++ break;
++ }
++ }
++ }
++ SSL_free(server);
++ return 0;
++}
+diff --git a/include/internal/bio.h b/include/internal/bio.h
+index 31fe1aa..3b6a6ac 100644
+--- a/include/internal/bio.h
++++ b/include/internal/bio.h
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/bio.h>
+diff --git a/include/internal/comp.h b/include/internal/comp.h
+index 34bf147..ac6e38b 100644
+--- a/include/internal/comp.h
++++ b/include/internal/comp.h
+@@ -1,9 +1,10 @@
+ /*
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #include <openssl/comp.h>
+diff --git a/include/internal/conf.h b/include/internal/conf.h
+index 2d48daf..8f3e09c 100644
+--- a/include/internal/conf.h
++++ b/include/internal/conf.h
+@@ -1,40 +1,10 @@
+ /*
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_INTERNAL_CONF_H
+diff --git a/include/internal/constant_time_locl.h b/include/internal/constant_time_locl.h
+index 8141173..d27fb14 100644
+--- a/include/internal/constant_time_locl.h
++++ b/include/internal/constant_time_locl.h
+@@ -1,46 +1,10 @@
+-/*-
+- * Utilities for constant-time cryptography.
+- *
+- * Author: Emilia Kasper (emilia at openssl.org)
+- * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
+- * (Google).
+- * ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_CONSTANT_TIME_LOCL_H
+diff --git a/include/internal/dane.h b/include/internal/dane.h
+index 1672849..65bf244 100644
+--- a/include/internal/dane.h
++++ b/include/internal/dane.h
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Viktor Dukhovni (viktor at openssl.org) for the OpenSSL project
+- * 2015.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #ifndef HEADER_INTERNAL_DANE_H
+ #define HEADER_INTERNAL_DANE_H
+
+@@ -121,7 +73,8 @@ struct ssl_dane_st {
+ int pdpth; /* Depth of PKIX trust */
+ };
+
+-#define DANETLS_ENABLED(dane) ((dane) != NULL && ((dane)->trecs != NULL))
++#define DANETLS_ENABLED(dane) \
++ ((dane) != NULL && sk_danetls_record_num((dane)->trecs) > 0)
+
+ #define DANETLS_USAGE_BIT(u) (((uint32_t)1) << u)
+
+diff --git a/include/internal/dso.h b/include/internal/dso.h
+index eeb16b1..d371fbe 100644
+--- a/include/internal/dso.h
++++ b/include/internal/dso.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_DSO_H
+@@ -201,24 +152,18 @@ void *DSO_global_lookup(const char *name);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_DSO_strings(void);
+
+ /* Error codes for the DSO functions. */
+
+ /* Function codes. */
+-# define DSO_F_BEOS_BIND_FUNC 144
+-# define DSO_F_BEOS_BIND_VAR 145
+-# define DSO_F_BEOS_LOAD 146
+-# define DSO_F_BEOS_NAME_CONVERTER 147
+-# define DSO_F_BEOS_UNLOAD 148
+ # define DSO_F_DLFCN_BIND_FUNC 100
+-# define DSO_F_DLFCN_BIND_VAR 101
+ # define DSO_F_DLFCN_LOAD 102
+ # define DSO_F_DLFCN_MERGER 130
+ # define DSO_F_DLFCN_NAME_CONVERTER 123
+ # define DSO_F_DLFCN_UNLOAD 103
+ # define DSO_F_DL_BIND_FUNC 104
+-# define DSO_F_DL_BIND_VAR 105
+ # define DSO_F_DL_LOAD 106
+ # define DSO_F_DL_MERGER 131
+ # define DSO_F_DL_NAME_CONVERTER 124
+@@ -228,22 +173,18 @@ void ERR_load_DSO_strings(void);
+ # define DSO_F_DSO_CTRL 110
+ # define DSO_F_DSO_FREE 111
+ # define DSO_F_DSO_GET_FILENAME 127
+-# define DSO_F_DSO_GET_LOADED_FILENAME 128
+ # define DSO_F_DSO_GLOBAL_LOOKUP 139
+ # define DSO_F_DSO_LOAD 112
+ # define DSO_F_DSO_MERGE 132
+ # define DSO_F_DSO_NEW_METHOD 113
+ # define DSO_F_DSO_SET_FILENAME 129
+ # define DSO_F_DSO_UP_REF 114
+-# define DSO_F_GLOBAL_LOOKUP_FUNC 138
+ # define DSO_F_VMS_BIND_SYM 115
+ # define DSO_F_VMS_LOAD 116
+ # define DSO_F_VMS_MERGER 133
+ # define DSO_F_VMS_UNLOAD 117
+-# define DSO_F_WIN32_BIND_FUNC 118
+-# define DSO_F_WIN32_BIND_VAR 119
++# define DSO_F_WIN32_BIND_FUNC 101
+ # define DSO_F_WIN32_GLOBALLOOKUP 142
+-# define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
+ # define DSO_F_WIN32_JOINER 135
+ # define DSO_F_WIN32_LOAD 120
+ # define DSO_F_WIN32_MERGER 134
+@@ -262,7 +203,6 @@ void ERR_load_DSO_strings(void);
+ # define DSO_R_LOAD_FAILED 103
+ # define DSO_R_NAME_TRANSLATION_FAILED 109
+ # define DSO_R_NO_FILENAME 111
+-# define DSO_R_NO_FILE_SPECIFICATION 116
+ # define DSO_R_NULL_HANDLE 104
+ # define DSO_R_SET_FILENAME_FAILED 112
+ # define DSO_R_STACK_ERROR 105
+@@ -270,7 +210,7 @@ void ERR_load_DSO_strings(void);
+ # define DSO_R_UNLOAD_FAILED 107
+ # define DSO_R_UNSUPPORTED 108
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/internal/err.h b/include/internal/err.h
+index de2180b..d46b8bd 100644
+--- a/include/internal/err.h
++++ b/include/internal/err.h
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef INTERNAL_ERR_H
+diff --git a/include/internal/numbers.h b/include/internal/numbers.h
+index da06dab..31931df 100644
+--- a/include/internal/numbers.h
++++ b/include/internal/numbers.h
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_NUMBERS_H
+diff --git a/include/internal/o_dir.h b/include/internal/o_dir.h
+index 427b37f..178c2ed 100644
+--- a/include/internal/o_dir.h
++++ b/include/internal/o_dir.h
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Copied from Richard Levitte's (richard at levitte.org) LP library. All
+ * symbol names have been changed, with permission from the author.
+ */
+diff --git a/include/internal/o_str.h b/include/internal/o_str.h
+index 2db3485..86403c9 100644
+--- a/include/internal/o_str.h
++++ b/include/internal/o_str.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2003.
+- */
+-/* ====================================================================
+- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_O_STR_H
+@@ -61,8 +12,6 @@
+
+ # include <stddef.h> /* to get size_t */
+
+-int OPENSSL_strcasecmp(const char *str1, const char *str2);
+-int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n);
+ int OPENSSL_memcmp(const void *p1, const void *p2, size_t n);
+
+ #endif
+diff --git a/include/internal/threads.h b/include/internal/threads.h
+deleted file mode 100644
+index 7897728..0000000
+--- a/include/internal/threads.h
++++ /dev/null
+@@ -1,92 +0,0 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- */
+-
+-#ifndef HEADER_INTERNAL_THREADS_H
+-# define HEADER_INTERNAL_THREADS_H
+-
+-#include "e_os.h"
+-
+-# if !defined(OPENSSL_THREADS) || defined(CRYPTO_TDEBUG)
+-typedef unsigned int CRYPTO_ONCE;
+-typedef unsigned int CRYPTO_THREAD_LOCAL;
+-typedef unsigned int CRYPTO_THREAD_ID;
+-
+-# define CRYPTO_ONCE_STATIC_INIT 0
+-# elif defined(OPENSSL_SYS_WINDOWS)
+-# include <windows.h>
+-typedef DWORD CRYPTO_THREAD_LOCAL;
+-typedef DWORD CRYPTO_THREAD_ID;
+-
+-# if _WIN32_WINNT < 0x0600
+-typedef LONG CRYPTO_ONCE;
+-# define CRYPTO_ONCE_STATIC_INIT 0
+-# else
+-typedef INIT_ONCE CRYPTO_ONCE;
+-# define CRYPTO_ONCE_STATIC_INIT INIT_ONCE_STATIC_INIT
+-# endif
+-
+-# else
+-# include <pthread.h>
+-typedef pthread_once_t CRYPTO_ONCE;
+-typedef pthread_key_t CRYPTO_THREAD_LOCAL;
+-typedef pthread_t CRYPTO_THREAD_ID;
+-
+-# define CRYPTO_ONCE_STATIC_INIT PTHREAD_ONCE_INIT
+-# endif
+-
+-int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
+-
+-int CRYPTO_THREAD_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *));
+-void *CRYPTO_THREAD_get_local(CRYPTO_THREAD_LOCAL *key);
+-int CRYPTO_THREAD_set_local(CRYPTO_THREAD_LOCAL *key, void *val);
+-int CRYPTO_THREAD_cleanup_local(CRYPTO_THREAD_LOCAL *key);
+-
+-CRYPTO_THREAD_ID CRYPTO_THREAD_get_current_id(void);
+-int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b);
+-
+-#endif
+diff --git a/include/openssl/__DECC_INCLUDE_EPILOGUE.H b/include/openssl/__DECC_INCLUDE_EPILOGUE.H
+new file mode 100644
+index 0000000..c350018
+--- /dev/null
++++ b/include/openssl/__DECC_INCLUDE_EPILOGUE.H
+@@ -0,0 +1,16 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
++ * This file is only used by HP C on VMS, and is included automatically
++ * after each header file from this directory
++ */
++
++/* restore state. Must correspond to the save in __decc_include_prologue.h */
++#pragma names restore
+diff --git a/include/openssl/__DECC_INCLUDE_PROLOGUE.H b/include/openssl/__DECC_INCLUDE_PROLOGUE.H
+new file mode 100644
+index 0000000..9a9c777
+--- /dev/null
++++ b/include/openssl/__DECC_INCLUDE_PROLOGUE.H
+@@ -0,0 +1,20 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
++ * This file is only used by HP C on VMS, and is included automatically
++ * after each header file from this directory
++ */
++
++/* save state */
++#pragma names save
++/* have the compiler shorten symbols larger than 31 chars to 23 chars
++ * followed by a 8 hex char CRC
++ */
++#pragma names as_is,shortened
+diff --git a/include/openssl/__decc_include_epilogue.h b/include/openssl/__decc_include_epilogue.h
+deleted file mode 100644
+index 584384f..0000000
+--- a/include/openssl/__decc_include_epilogue.h
++++ /dev/null
+@@ -1,7 +0,0 @@
+-/*
+- * This file is only used by HP C on VMS, and is included automatically
+- * after each header file from this directory
+- */
+-
+-/* restore state. Must correspond to the save in __decc_include_prologue.h */
+-#pragma names restore
+diff --git a/include/openssl/__decc_include_prologue.h b/include/openssl/__decc_include_prologue.h
+deleted file mode 100644
+index 455181c..0000000
+--- a/include/openssl/__decc_include_prologue.h
++++ /dev/null
+@@ -1,11 +0,0 @@
+-/*
+- * This file is only used by HP C on VMS, and is included automatically
+- * after each header file from this directory
+- */
+-
+-/* save state */
+-#pragma names save
+-/* have the compiler shorten symbols larger than 31 chars to 23 chars
+- * followed by a 8 hex char CRC
+- */
+-#pragma names as_is,shortened
+diff --git a/include/openssl/aes.h b/include/openssl/aes.h
+index ee12540..245c552 100644
+--- a/include/openssl/aes.h
++++ b/include/openssl/aes.h
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_AES_H
+diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
+index 4c30a74..a596126 100644
+--- a/include/openssl/asn1.h
++++ b/include/openssl/asn1.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_ASN1_H
+@@ -458,6 +410,11 @@ typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
+ # define ASN1_STRFLGS_DUMP_DER 0x200
+
+ /*
++ * This flag specifies that RC2254 escaping shall be performed.
++ */
++#define ASN1_STRFLGS_ESC_2254 0x400
++
++/*
+ * All the string flags consistent with RFC2253, escaping control characters
+ * isn't essential in RFC2253 but it is advisable anyway.
+ */
+@@ -473,6 +430,8 @@ DEFINE_STACK_OF(ASN1_INTEGER)
+
+ DEFINE_STACK_OF(ASN1_GENERALSTRING)
+
++DEFINE_STACK_OF(ASN1_UTF8STRING)
++
+ typedef struct asn1_type_st {
+ int type;
+ union {
+@@ -907,20 +866,19 @@ int SMIME_text(BIO *in, BIO *out);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_ASN1_strings(void);
+
+ /* Error codes for the ASN1 functions. */
+
+ /* Function codes. */
+ # define ASN1_F_A2D_ASN1_OBJECT 100
+-# define ASN1_F_A2I_ASN1_ENUMERATED 101
+ # define ASN1_F_A2I_ASN1_INTEGER 102
+ # define ASN1_F_A2I_ASN1_STRING 103
+ # define ASN1_F_APPEND_EXP 176
+ # define ASN1_F_ASN1_BIT_STRING_SET_BIT 183
+ # define ASN1_F_ASN1_CB 177
+ # define ASN1_F_ASN1_CHECK_TLEN 104
+-# define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
+ # define ASN1_F_ASN1_COLLECT 106
+ # define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
+ # define ASN1_F_ASN1_D2I_FP 109
+@@ -928,21 +886,15 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_F_ASN1_DIGEST 184
+ # define ASN1_F_ASN1_DO_ADB 110
+ # define ASN1_F_ASN1_DUP 111
+-# define ASN1_F_ASN1_ENUMERATED_SET 112
+-# define ASN1_F_ASN1_ENUMERATED_TO_BN 113
+ # define ASN1_F_ASN1_EX_C2I 204
+ # define ASN1_F_ASN1_FIND_END 190
+ # define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
+-# define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
+ # define ASN1_F_ASN1_GENERATE_V3 178
+ # define ASN1_F_ASN1_GET_INT64 224
+ # define ASN1_F_ASN1_GET_OBJECT 114
+ # define ASN1_F_ASN1_GET_UINT64 225
+-# define ASN1_F_ASN1_HEADER_NEW 115
+ # define ASN1_F_ASN1_I2D_BIO 116
+ # define ASN1_F_ASN1_I2D_FP 117
+-# define ASN1_F_ASN1_INTEGER_SET 118
+-# define ASN1_F_ASN1_INTEGER_TO_BN 119
+ # define ASN1_F_ASN1_ITEM_D2I_FP 206
+ # define ASN1_F_ASN1_ITEM_DUP 191
+ # define ASN1_F_ASN1_ITEM_EMBED_D2I 120
+@@ -957,12 +909,8 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_F_ASN1_MBSTRING_NCOPY 122
+ # define ASN1_F_ASN1_OBJECT_NEW 123
+ # define ASN1_F_ASN1_OUTPUT_DATA 214
+-# define ASN1_F_ASN1_PACK_STRING 124
+ # define ASN1_F_ASN1_PCTX_NEW 205
+-# define ASN1_F_ASN1_PKCS5_PBE_SET 125
+ # define ASN1_F_ASN1_SCTX_NEW 221
+-# define ASN1_F_ASN1_SEQ_PACK 126
+-# define ASN1_F_ASN1_SEQ_UNPACK 127
+ # define ASN1_F_ASN1_SIGN 128
+ # define ASN1_F_ASN1_STR2TYPE 179
+ # define ASN1_F_ASN1_STRING_GET_INT64 227
+@@ -975,48 +923,27 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_F_ASN1_TEMPLATE_NEW 133
+ # define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
+ # define ASN1_F_ASN1_TIME_ADJ 217
+-# define ASN1_F_ASN1_TIME_SET 175
+ # define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
+ # define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
+-# define ASN1_F_ASN1_UNPACK_STRING 136
+ # define ASN1_F_ASN1_UTCTIME_ADJ 218
+-# define ASN1_F_ASN1_UTCTIME_SET 187
+ # define ASN1_F_ASN1_VERIFY 137
+ # define ASN1_F_B64_READ_ASN1 209
+ # define ASN1_F_B64_WRITE_ASN1 210
+ # define ASN1_F_BIO_NEW_NDEF 208
+ # define ASN1_F_BITSTR_CB 180
+-# define ASN1_F_BN_TO_ASN1_ENUMERATED 138
+-# define ASN1_F_BN_TO_ASN1_INTEGER 139
+ # define ASN1_F_BN_TO_ASN1_STRING 229
+ # define ASN1_F_C2I_ASN1_BIT_STRING 189
+ # define ASN1_F_C2I_ASN1_INTEGER 194
+ # define ASN1_F_C2I_ASN1_OBJECT 196
+ # define ASN1_F_C2I_IBUF 226
+ # define ASN1_F_COLLECT_DATA 140
+-# define ASN1_F_D2I_ASN1_BIT_STRING 141
+-# define ASN1_F_D2I_ASN1_BOOLEAN 142
+-# define ASN1_F_D2I_ASN1_BYTES 143
+-# define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144
+-# define ASN1_F_D2I_ASN1_HEADER 145
+-# define ASN1_F_D2I_ASN1_INTEGER 146
+ # define ASN1_F_D2I_ASN1_OBJECT 147
+-# define ASN1_F_D2I_ASN1_SET 148
+-# define ASN1_F_D2I_ASN1_TYPE_BYTES 149
+ # define ASN1_F_D2I_ASN1_UINTEGER 150
+-# define ASN1_F_D2I_ASN1_UTCTIME 151
+ # define ASN1_F_D2I_AUTOPRIVATEKEY 207
+-# define ASN1_F_D2I_NETSCAPE_RSA 152
+-# define ASN1_F_D2I_NETSCAPE_RSA_2 153
+ # define ASN1_F_D2I_PRIVATEKEY 154
+ # define ASN1_F_D2I_PUBLICKEY 155
+-# define ASN1_F_D2I_X509 156
+-# define ASN1_F_D2I_X509_CINF 157
+-# define ASN1_F_D2I_X509_PKEY 159
+ # define ASN1_F_DO_TCREATE 222
+ # define ASN1_F_I2D_ASN1_BIO_STREAM 211
+-# define ASN1_F_I2D_ASN1_SET 188
+-# define ASN1_F_I2D_ASN1_TIME 160
+ # define ASN1_F_I2D_DSA_PUBKEY 161
+ # define ASN1_F_I2D_EC_PUBKEY 181
+ # define ASN1_F_I2D_PRIVATEKEY 163
+@@ -1034,13 +961,11 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_F_SMIME_READ_ASN1 212
+ # define ASN1_F_SMIME_TEXT 213
+ # define ASN1_F_STBL_MODULE_INIT 223
+-# define ASN1_F_X509_CINF_NEW 168
+ # define ASN1_F_X509_CRL_ADD0_REVOKED 169
+ # define ASN1_F_X509_INFO_NEW 170
+ # define ASN1_F_X509_NAME_ENCODE 203
+ # define ASN1_F_X509_NAME_EX_D2I 158
+ # define ASN1_F_X509_NAME_EX_NEW 171
+-# define ASN1_F_X509_NEW 172
+ # define ASN1_F_X509_PKEY_NEW 173
+
+ /* Reason codes. */
+@@ -1048,10 +973,7 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_R_ASN1_PARSE_ERROR 203
+ # define ASN1_R_ASN1_SIG_PARSE_ERROR 204
+ # define ASN1_R_AUX_ERROR 100
+-# define ASN1_R_BAD_CLASS 101
+ # define ASN1_R_BAD_OBJECT_HEADER 102
+-# define ASN1_R_BAD_PASSWORD_READ 103
+-# define ASN1_R_BAD_TAG 104
+ # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
+ # define ASN1_R_BN_LIB 105
+ # define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
+@@ -1060,18 +982,14 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_R_CONTEXT_NOT_INITIALISED 217
+ # define ASN1_R_DATA_IS_WRONG 109
+ # define ASN1_R_DECODE_ERROR 110
+-# define ASN1_R_DECODING_ERROR 111
+ # define ASN1_R_DEPTH_EXCEEDED 174
+ # define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
+ # define ASN1_R_ENCODE_ERROR 112
+ # define ASN1_R_ERROR_GETTING_TIME 173
+ # define ASN1_R_ERROR_LOADING_SECTION 172
+-# define ASN1_R_ERROR_PARSING_SET_ELEMENT 113
+ # define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
+ # define ASN1_R_EXPECTING_AN_INTEGER 115
+ # define ASN1_R_EXPECTING_AN_OBJECT 116
+-# define ASN1_R_EXPECTING_A_BOOLEAN 117
+-# define ASN1_R_EXPECTING_A_TIME 118
+ # define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
+ # define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
+ # define ASN1_R_FIELD_MISSING 121
+@@ -1107,12 +1025,9 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_R_INVALID_SCRYPT_PARAMETERS 227
+ # define ASN1_R_INVALID_SEPARATOR 131
+ # define ASN1_R_INVALID_STRING_TABLE_VALUE 218
+-# define ASN1_R_INVALID_TIME_FORMAT 132
+ # define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
+ # define ASN1_R_INVALID_UTF8STRING 134
+ # define ASN1_R_INVALID_VALUE 219
+-# define ASN1_R_IV_TOO_LARGE 135
+-# define ASN1_R_LENGTH_ERROR 136
+ # define ASN1_R_LIST_ERROR 188
+ # define ASN1_R_MIME_NO_CONTENT_TYPE 206
+ # define ASN1_R_MIME_PARSE_ERROR 207
+@@ -1127,7 +1042,6 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_R_NOT_ASCII_FORMAT 190
+ # define ASN1_R_NOT_ENOUGH_DATA 142
+ # define ASN1_R_NO_CONTENT_TYPE 209
+-# define ASN1_R_NO_DEFAULT_DIGEST 201
+ # define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
+ # define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
+ # define ASN1_R_NO_MULTIPART_BOUNDARY 211
+@@ -1135,7 +1049,6 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_R_NULL_IS_WRONG_LENGTH 144
+ # define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
+ # define ASN1_R_ODD_NUMBER_OF_CHARS 145
+-# define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146
+ # define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
+ # define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
+ # define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
+@@ -1145,7 +1058,6 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_R_STREAMING_NOT_SUPPORTED 202
+ # define ASN1_R_STRING_TOO_LONG 151
+ # define ASN1_R_STRING_TOO_SHORT 152
+-# define ASN1_R_TAG_VALUE_TOO_HIGH 153
+ # define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
+ # define ASN1_R_TIME_NOT_ASCII_FORMAT 193
+ # define ASN1_R_TOO_LARGE 223
+@@ -1153,8 +1065,6 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_R_TOO_SMALL 224
+ # define ASN1_R_TYPE_NOT_CONSTRUCTED 156
+ # define ASN1_R_TYPE_NOT_PRIMITIVE 195
+-# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
+-# define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
+ # define ASN1_R_UNEXPECTED_EOC 159
+ # define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
+ # define ASN1_R_UNKNOWN_FORMAT 160
+@@ -1164,16 +1074,13 @@ void ERR_load_ASN1_strings(void);
+ # define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
+ # define ASN1_R_UNKNOWN_TAG 194
+ # define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
+-# define ASN1_R_UNSUPPORTED_CIPHER 165
+-# define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
+ # define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
+ # define ASN1_R_UNSUPPORTED_TYPE 196
+ # define ASN1_R_WRONG_INTEGER_TYPE 225
+ # define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
+ # define ASN1_R_WRONG_TAG 168
+-# define ASN1_R_WRONG_TYPE 169
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/asn1_mac.h b/include/openssl/asn1_mac.h
+new file mode 100644
+index 0000000..7ac1782
+--- /dev/null
++++ b/include/openssl/asn1_mac.h
+@@ -0,0 +1,10 @@
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++#error "This file is obsolete; please update your software."
+diff --git a/include/openssl/asn1t.h b/include/openssl/asn1t.h
+index b680dea..ad17bab 100644
+--- a/include/openssl/asn1t.h
++++ b/include/openssl/asn1t.h
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #ifndef HEADER_ASN1T_H
+ # define HEADER_ASN1T_H
+
+@@ -228,7 +180,7 @@ extern "C" {
+ ASN1_ITEM_end(tname)
+ # define static_ASN1_NDEF_SEQUENCE_END(tname) \
+ ;\
+- static_ASN1_ITEM_start(tname) \
++ static_ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_NDEF_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+@@ -240,7 +192,7 @@ extern "C" {
+
+ # define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
+ # define static_ASN1_BROKEN_SEQUENCE_END(stname) \
+- static_ASN1_SEQUENCE_END_ref(stname, stname)
++ static_ASN1_SEQUENCE_END_ref(stname, stname)
+
+ # define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+
+diff --git a/include/openssl/async.h b/include/openssl/async.h
+index 635855f..160766a 100644
+--- a/include/openssl/async.h
++++ b/include/openssl/async.h
+@@ -1,53 +1,10 @@
+ /*
+- * Written by Matt Caswell (matt at openssl.org) for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdlib.h>
+@@ -112,6 +69,7 @@ void ASYNC_unblock_pause(void);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_ASYNC_strings(void);
+
+ /* Error codes for the ASYNC functions. */
+@@ -125,14 +83,12 @@ void ERR_load_ASYNC_strings(void);
+ # define ASYNC_F_ASYNC_START_JOB 105
+
+ /* Reason codes. */
+-# define ASYNC_R_CANNOT_CREATE_WAIT_PIPE 100
+ # define ASYNC_R_FAILED_TO_SET_POOL 101
+ # define ASYNC_R_FAILED_TO_SWAP_CONTEXT 102
+ # define ASYNC_R_INIT_FAILED 105
+ # define ASYNC_R_INVALID_POOL_SIZE 103
+-# define ASYNC_R_POOL_ALREADY_INITED 104
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/bio.h b/include/openssl/bio.h
+index a168be0..4b6179f 100644
+--- a/include/openssl/bio.h
++++ b/include/openssl/bio.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_BIO_H
+@@ -284,10 +236,10 @@ void BIO_clear_flags(BIO *b, int flags);
+ # define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
+ # define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
+
+-long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
++long (*BIO_get_callback(const BIO *b)) (BIO *, int, const char *,
+ int, long, long);
+ void BIO_set_callback(BIO *b,
+- long (*callback) (struct bio_st *, int, const char *,
++ long (*callback) (BIO *, int, const char *,
+ int, long, long));
+ char *BIO_get_callback_arg(const BIO *b);
+ void BIO_set_callback_arg(BIO *b, char *arg);
+@@ -297,7 +249,7 @@ typedef struct bio_method_st BIO_METHOD;
+ const char *BIO_method_name(const BIO *b);
+ int BIO_method_type(const BIO *b);
+
+-typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
++typedef void bio_info_cb (BIO *, int, const char *, int, long,
+ long);
+
+ DEFINE_STACK_OF(BIO)
+@@ -400,48 +352,51 @@ struct bio_dgram_sctp_prinfo {
+ # define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
+ # define BIO_get_app_data(s) BIO_get_ex_data(s,0)
+
++# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
++
++# ifndef OPENSSL_NO_SOCK
+ /* IP families we support, for BIO_s_connect() and BIO_s_accept() */
+ /* Note: the underlying operating system may not support some of them */
+-# define BIO_FAMILY_IPV4 4
+-# define BIO_FAMILY_IPV6 6
+-# define BIO_FAMILY_IPANY 256
++# define BIO_FAMILY_IPV4 4
++# define BIO_FAMILY_IPV6 6
++# define BIO_FAMILY_IPANY 256
+
+ /* BIO_s_connect() */
+-# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
+-# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
+-# define BIO_set_conn_address(b,addr) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)addr)
+-# define BIO_set_conn_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,f)
+-# define BIO_get_conn_hostname(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0,NULL))
+-# define BIO_get_conn_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1,NULL))
+-# define BIO_get_conn_address(b) ((const BIO_ADDR *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2,NULL))
+-# define BIO_get_conn_ip_family(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)
+-# define BIO_set_conn_mode(b,n) BIO_ctrl(b,BIO_C_SET_CONNECT_MODE,(n),NULL)
+-
+-# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
++# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
++# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
++# define BIO_set_conn_address(b,addr) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)addr)
++# define BIO_set_conn_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,f)
++# define BIO_get_conn_hostname(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0,NULL))
++# define BIO_get_conn_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1,NULL))
++# define BIO_get_conn_address(b) ((const BIO_ADDR *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2,NULL))
++# define BIO_get_conn_ip_family(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)
++# define BIO_set_conn_mode(b,n) BIO_ctrl(b,BIO_C_SET_CONNECT_MODE,(n),NULL)
+
+ /* BIO_s_accept() */
+-# define BIO_set_accept_name(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
+-# define BIO_set_accept_port(b,port) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(char *)port)
+-# define BIO_get_accept_name(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0))
+-# define BIO_get_accept_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,1))
+-# define BIO_get_peer_name(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,2))
+-# define BIO_get_peer_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,3))
++# define BIO_set_accept_name(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
++# define BIO_set_accept_port(b,port) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(char *)port)
++# define BIO_get_accept_name(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0))
++# define BIO_get_accept_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,1))
++# define BIO_get_peer_name(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,2))
++# define BIO_get_peer_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,3))
+ /* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
+-# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(n)?(void *)"a":NULL)
+-# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,3,(char *)bio)
+-# define BIO_set_accept_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_ACCEPT,4,f)
+-# define BIO_get_accept_ip_family(b) BIO_ctrl(b,BIO_C_GET_ACCEPT,4,NULL)
++# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(n)?(void *)"a":NULL)
++# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,3,(char *)bio)
++# define BIO_set_accept_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_ACCEPT,4,f)
++# define BIO_get_accept_ip_family(b) BIO_ctrl(b,BIO_C_GET_ACCEPT,4,NULL)
+
+ /* Aliases kept for backward compatibility */
+-# define BIO_BIND_NORMAL 0
+-# define BIO_BIND_REUSEADDR BIO_SOCK_REUSEADDR
+-# define BIO_BIND_REUSEADDR_IF_UNUSED BIO_SOCK_REUSEADDR
+-# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
+-# define BIO_get_bind_mode(b) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
++# define BIO_BIND_NORMAL 0
++# define BIO_BIND_REUSEADDR BIO_SOCK_REUSEADDR
++# define BIO_BIND_REUSEADDR_IF_UNUSED BIO_SOCK_REUSEADDR
++# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
++# define BIO_get_bind_mode(b) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
+
+ /* BIO_s_accept() and BIO_s_connect() */
+-# define BIO_do_connect(b) BIO_do_handshake(b)
+-# define BIO_do_accept(b) BIO_do_handshake(b)
++# define BIO_do_connect(b) BIO_do_handshake(b)
++# define BIO_do_accept(b) BIO_do_handshake(b)
++# endif /* OPENSSL_NO_SOCK */
++
+ # define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+
+ /* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */
+@@ -598,8 +553,7 @@ int BIO_puts(BIO *bp, const char *buf);
+ int BIO_indent(BIO *b, int indent, int max);
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd,
+- void (*fp) (struct bio_st *, int, const char *, int,
+- long, long));
++ void (*fp) (BIO *, int, const char *, int, long, long));
+ void *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+ BIO *BIO_push(BIO *b, BIO *append);
+@@ -624,9 +578,11 @@ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+ const BIO_METHOD *BIO_s_mem(void);
+ const BIO_METHOD *BIO_s_secmem(void);
+ BIO *BIO_new_mem_buf(const void *buf, int len);
++# ifndef OPENSSL_NO_SOCK
+ const BIO_METHOD *BIO_s_socket(void);
+ const BIO_METHOD *BIO_s_connect(void);
+ const BIO_METHOD *BIO_s_accept(void);
++# endif
+ const BIO_METHOD *BIO_s_fd(void);
+ const BIO_METHOD *BIO_s_log(void);
+ const BIO_METHOD *BIO_s_bio(void);
+@@ -637,14 +593,26 @@ const BIO_METHOD *BIO_f_linebuffer(void);
+ const BIO_METHOD *BIO_f_nbio_test(void);
+ # ifndef OPENSSL_NO_DGRAM
+ const BIO_METHOD *BIO_s_datagram(void);
++int BIO_dgram_non_fatal_error(int error);
++BIO *BIO_new_dgram(int fd, int close_flag);
+ # ifndef OPENSSL_NO_SCTP
+ const BIO_METHOD *BIO_s_datagram_sctp(void);
++BIO *BIO_new_dgram_sctp(int fd, int close_flag);
++int BIO_dgram_is_sctp(BIO *bio);
++int BIO_dgram_sctp_notification_cb(BIO *b,
++ void (*handle_notifications) (BIO *bio,
++ void *context,
++ void *buf),
++ void *context);
++int BIO_dgram_sctp_wait_for_dry(BIO *b);
++int BIO_dgram_sctp_msg_waiting(BIO *b);
+ # endif
+ # endif
+
++# ifndef OPENSSL_NO_SOCK
+ int BIO_sock_should_retry(int i);
+ int BIO_sock_non_fatal_error(int error);
+-int BIO_dgram_non_fatal_error(int error);
++# endif
+
+ int BIO_fd_should_retry(int i);
+ int BIO_fd_non_fatal_error(int error);
+@@ -661,6 +629,7 @@ int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
+ int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
+ int datalen);
+
++# ifndef OPENSSL_NO_SOCK
+ BIO_ADDR *BIO_ADDR_new(void);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+ const void *where, size_t wherelen, unsigned short port);
+@@ -695,9 +664,9 @@ int BIO_sock_error(int sock);
+ int BIO_socket_ioctl(int fd, long type, void *arg);
+ int BIO_socket_nbio(int fd, int mode);
+ int BIO_sock_init(void);
+-#if OPENSSL_API_COMPAT < 0x10100000L
+-# define BIO_sock_cleanup() while(0) continue
+-#endif
++# if OPENSSL_API_COMPAT < 0x10100000L
++# define BIO_sock_cleanup() while(0) continue
++# endif
+ int BIO_set_tcp_ndelay(int sock, int turn_on);
+
+ DEPRECATEDIN_1_1_0(struct hostent *BIO_gethostbyname(const char *name))
+@@ -715,11 +684,11 @@ enum BIO_sock_info_type {
+ int BIO_sock_info(int sock,
+ enum BIO_sock_info_type type, union BIO_sock_info_u *info);
+
+-# define BIO_SOCK_REUSEADDR 0x01
+-# define BIO_SOCK_V6_ONLY 0x02
+-# define BIO_SOCK_KEEPALIVE 0x04
+-# define BIO_SOCK_NONBLOCK 0x08
+-# define BIO_SOCK_NODELAY 0x10
++# define BIO_SOCK_REUSEADDR 0x01
++# define BIO_SOCK_V6_ONLY 0x02
++# define BIO_SOCK_KEEPALIVE 0x04
++# define BIO_SOCK_NONBLOCK 0x08
++# define BIO_SOCK_NODELAY 0x10
+
+ int BIO_socket(int domain, int socktype, int protocol, int options);
+ int BIO_connect(int sock, const BIO_ADDR *addr, int options);
+@@ -728,22 +697,11 @@ int BIO_accept_ex(int accept_sock, BIO_ADDR *addr, int options);
+ int BIO_closesocket(int sock);
+
+ BIO *BIO_new_socket(int sock, int close_flag);
+-BIO *BIO_new_dgram(int fd, int close_flag);
+-# ifndef OPENSSL_NO_SCTP
+-BIO *BIO_new_dgram_sctp(int fd, int close_flag);
+-int BIO_dgram_is_sctp(BIO *bio);
+-int BIO_dgram_sctp_notification_cb(BIO *b,
+- void (*handle_notifications) (BIO *bio,
+- void
+- *context,
+- void *buf),
+- void *context);
+-int BIO_dgram_sctp_wait_for_dry(BIO *b);
+-int BIO_dgram_sctp_msg_waiting(BIO *b);
+-# endif
+-BIO *BIO_new_fd(int fd, int close_flag);
+ BIO *BIO_new_connect(const char *host_port);
+ BIO *BIO_new_accept(const char *host_port);
++# endif /* OPENSSL_NO_SOCK*/
++
++BIO *BIO_new_fd(int fd, int close_flag);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
+ BIO **bio2, size_t writebuf2);
+@@ -807,6 +765,7 @@ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_BIO_strings(void);
+
+ /* Error codes for the BIO functions. */
+@@ -816,13 +775,11 @@ void ERR_load_BIO_strings(void);
+ # define BIO_F_ADDR_STRINGS 134
+ # define BIO_F_BIO_ACCEPT 101
+ # define BIO_F_BIO_ACCEPT_EX 137
+-# define BIO_F_BIO_BER_GET_HEADER 102
++# define BIO_F_BIO_ADDR_NEW 144
+ # define BIO_F_BIO_CALLBACK_CTRL 131
+ # define BIO_F_BIO_CONNECT 138
+ # define BIO_F_BIO_CTRL 103
+-# define BIO_F_BIO_GETHOSTBYNAME 120
+ # define BIO_F_BIO_GETS 104
+-# define BIO_F_BIO_GET_ACCEPT_SOCKET 105
+ # define BIO_F_BIO_GET_HOST_IP 106
+ # define BIO_F_BIO_GET_PORT 107
+ # define BIO_F_BIO_LISTEN 139
+@@ -838,6 +795,7 @@ void ERR_load_BIO_strings(void);
+ # define BIO_F_BIO_PARSE_HOSTSERV 136
+ # define BIO_F_BIO_PUTS 110
+ # define BIO_F_BIO_READ 111
++# define BIO_F_BIO_SET 143
+ # define BIO_F_BIO_SOCKET 140
+ # define BIO_F_BIO_SOCKET_NBIO 142
+ # define BIO_F_BIO_SOCK_INFO 141
+@@ -851,45 +809,32 @@ void ERR_load_BIO_strings(void);
+ # define BIO_F_FILE_CTRL 116
+ # define BIO_F_FILE_READ 130
+ # define BIO_F_LINEBUFFER_CTRL 129
+-# define BIO_F_MEM_READ 128
+ # define BIO_F_MEM_WRITE 117
+ # define BIO_F_SSL_NEW 118
+-# define BIO_F_WSASTARTUP 119
+
+ /* Reason codes. */
+ # define BIO_R_ACCEPT_ERROR 100
+ # define BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET 141
+ # define BIO_R_AMBIGUOUS_HOST_OR_SERVICE 129
+ # define BIO_R_BAD_FOPEN_MODE 101
+-# define BIO_R_BAD_HOSTNAME_LOOKUP 102
+ # define BIO_R_BROKEN_PIPE 124
+ # define BIO_R_CONNECT_ERROR 103
+-# define BIO_R_EOF_ON_MEMORY_BIO 127
+-# define BIO_R_ERROR_SETTING_NBIO 104
+-# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
+-# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
+ # define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
+ # define BIO_R_GETSOCKNAME_ERROR 132
+ # define BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS 133
+ # define BIO_R_GETTING_SOCKTYPE 134
+ # define BIO_R_INVALID_ARGUMENT 125
+-# define BIO_R_INVALID_IP_ADDRESS 108
+ # define BIO_R_INVALID_SOCKET 135
+ # define BIO_R_IN_USE 123
+-# define BIO_R_KEEPALIVE 109
+ # define BIO_R_LISTEN_V6_ONLY 136
+ # define BIO_R_LOOKUP_RETURNED_NOTHING 142
+ # define BIO_R_MALFORMED_HOST_OR_SERVICE 130
+ # define BIO_R_NBIO_CONNECT_ERROR 110
+ # define BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED 143
+-# define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
+ # define BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED 144
+-# define BIO_R_NO_HOSTNAME_SPECIFIED 112
+ # define BIO_R_NO_PORT_DEFINED 113
+-# define BIO_R_NO_SERVICE_SPECIFIED 114
+ # define BIO_R_NO_SUCH_FILE 128
+ # define BIO_R_NULL_PARAMETER 115
+-# define BIO_R_TAG_MISMATCH 116
+ # define BIO_R_UNABLE_TO_BIND_SOCKET 117
+ # define BIO_R_UNABLE_TO_CREATE_SOCKET 118
+ # define BIO_R_UNABLE_TO_KEEPALIVE 137
+@@ -905,7 +850,7 @@ void ERR_load_BIO_strings(void);
+ # define BIO_R_WRITE_TO_READ_ONLY_BIO 126
+ # define BIO_R_WSASTARTUP 122
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/blowfish.h b/include/openssl/blowfish.h
+index 5e0af53..cd3e460 100644
+--- a/include/openssl/blowfish.h
++++ b/include/openssl/blowfish.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_BLOWFISH_H
+diff --git a/include/openssl/bn.h b/include/openssl/bn.h
+index d4aef37..e0f656a 100644
+--- a/include/openssl/bn.h
++++ b/include/openssl/bn.h
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -587,6 +487,7 @@ int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_BN_strings(void);
+
+ /* Error codes for the BN functions. */
+@@ -605,10 +506,8 @@ void ERR_load_BN_strings(void);
+ # define BN_F_BN_CTX_NEW 106
+ # define BN_F_BN_CTX_START 129
+ # define BN_F_BN_DIV 107
+-# define BN_F_BN_DIV_NO_BRANCH 138
+ # define BN_F_BN_DIV_RECP 130
+ # define BN_F_BN_EXP 123
+-# define BN_F_BN_EXPAND2 108
+ # define BN_F_BN_EXPAND_INTERNAL 120
+ # define BN_F_BN_GENCB_NEW 143
+ # define BN_F_BN_GENERATE_DSA_NONCE 140
+@@ -630,7 +529,6 @@ void ERR_load_BN_strings(void);
+ # define BN_F_BN_MOD_INVERSE 110
+ # define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
+ # define BN_F_BN_MOD_LSHIFT_QUICK 119
+-# define BN_F_BN_MOD_MUL_RECIPROCAL 111
+ # define BN_F_BN_MOD_SQRT 121
+ # define BN_F_BN_MPI2BN 112
+ # define BN_F_BN_NEW 113
+@@ -662,7 +560,7 @@ void ERR_load_BN_strings(void);
+ # define BN_R_TOO_MANY_ITERATIONS 113
+ # define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/buffer.h b/include/openssl/buffer.h
+index f5b46dd..88409fd 100644
+--- a/include/openssl/buffer.h
++++ b/include/openssl/buffer.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_BUFFER_H
+@@ -106,6 +58,7 @@ void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_BUF_strings(void);
+
+ /* Error codes for the BUF functions. */
+@@ -117,7 +70,7 @@ void ERR_load_BUF_strings(void);
+
+ /* Reason codes. */
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/camellia.h b/include/openssl/camellia.h
+index d05b392..151f3c1 100644
+--- a/include/openssl/camellia.h
++++ b/include/openssl/camellia.h
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_CAMELLIA_H
+diff --git a/include/openssl/cast.h b/include/openssl/cast.h
+index c54d3c9..2cc89ae 100644
+--- a/include/openssl/cast.h
++++ b/include/openssl/cast.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_CAST_H
+diff --git a/include/openssl/cmac.h b/include/openssl/cmac.h
+index a621923..3535a9a 100644
+--- a/include/openssl/cmac.h
++++ b/include/openssl/cmac.h
+@@ -1,59 +1,17 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
++ * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_CMAC_H
+ # define HEADER_CMAC_H
+
++# ifndef OPENSSL_NO_CMAC
++
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+@@ -78,4 +36,6 @@ int CMAC_resume(CMAC_CTX *ctx);
+ #ifdef __cplusplus
+ }
+ #endif
++
++# endif
+ #endif
+diff --git a/include/openssl/cms.h b/include/openssl/cms.h
+index 5ae701e..57c877d 100644
+--- a/include/openssl/cms.h
++++ b/include/openssl/cms.h
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_CMS_H
+@@ -378,6 +334,7 @@ int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_CMS_strings(void);
+
+ /* Error codes for the CMS functions. */
+@@ -483,7 +440,6 @@ void ERR_load_CMS_strings(void);
+ # define CMS_R_CTRL_ERROR 110
+ # define CMS_R_CTRL_FAILURE 111
+ # define CMS_R_DECRYPT_ERROR 112
+-# define CMS_R_DIGEST_ERROR 161
+ # define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
+ # define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
+ # define CMS_R_ERROR_SETTING_KEY 115
+@@ -549,9 +505,8 @@ void ERR_load_CMS_strings(void);
+ # define CMS_R_VERIFICATION_FAILURE 158
+ # define CMS_R_WRAP_ERROR 159
+
+-# ifdef __cplusplus
++# ifdef __cplusplus
+ }
++# endif
+ # endif
+-# endif
+-
+ #endif
+diff --git a/include/openssl/comp.h b/include/openssl/comp.h
+index d2537f8..520d709 100644
+--- a/include/openssl/comp.h
++++ b/include/openssl/comp.h
+@@ -1,58 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+-
+ #ifndef HEADER_COMP_H
+ # define HEADER_COMP_H
+
+@@ -95,6 +49,7 @@ const BIO_METHOD *BIO_f_zlib(void);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_COMP_strings(void);
+
+ /* Error codes for the COMP functions. */
+@@ -110,9 +65,8 @@ void ERR_load_COMP_strings(void);
+ # define COMP_R_ZLIB_INFLATE_ERROR 100
+ # define COMP_R_ZLIB_NOT_SUPPORTED 101
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
++# endif
+ # endif
+-# endif
+-
+ #endif
+diff --git a/include/openssl/conf.h b/include/openssl/conf.h
+index 5f7f547..147d27b 100644
+--- a/include/openssl/conf.h
++++ b/include/openssl/conf.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_CONF_H
+@@ -215,6 +167,7 @@ void OPENSSL_load_builtin_modules(void);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_CONF_strings(void);
+
+ /* Error codes for the CONF functions. */
+@@ -222,9 +175,7 @@ void ERR_load_CONF_strings(void);
+ /* Function codes. */
+ # define CONF_F_CONF_DUMP_FP 104
+ # define CONF_F_CONF_LOAD 100
+-# define CONF_F_CONF_LOAD_BIO 102
+ # define CONF_F_CONF_LOAD_FP 103
+-# define CONF_F_CONF_MODULES_LOAD 116
+ # define CONF_F_CONF_PARSE_LIST 119
+ # define CONF_F_DEF_LOAD 120
+ # define CONF_F_DEF_LOAD_BIO 121
+@@ -233,7 +184,6 @@ void ERR_load_CONF_strings(void);
+ # define CONF_F_MODULE_RUN 118
+ # define CONF_F_NCONF_DUMP_BIO 105
+ # define CONF_F_NCONF_DUMP_FP 106
+-# define CONF_F_NCONF_GET_NUMBER 107
+ # define CONF_F_NCONF_GET_NUMBER_E 112
+ # define CONF_F_NCONF_GET_SECTION 108
+ # define CONF_F_NCONF_GET_STRING 109
+@@ -248,7 +198,6 @@ void ERR_load_CONF_strings(void);
+ # define CONF_R_LIST_CANNOT_BE_NULL 115
+ # define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
+ # define CONF_R_MISSING_EQUAL_SIGN 101
+-# define CONF_R_MISSING_FINISH_FUNCTION 111
+ # define CONF_R_MISSING_INIT_FUNCTION 112
+ # define CONF_R_MODULE_INITIALIZATION_ERROR 109
+ # define CONF_R_NO_CLOSE_BRACE 102
+@@ -261,7 +210,7 @@ void ERR_load_CONF_strings(void);
+ # define CONF_R_UNKNOWN_MODULE_NAME 113
+ # define CONF_R_VARIABLE_HAS_NO_VALUE 104
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/conf_api.h b/include/openssl/conf_api.h
+index fd6f32e..a0275ad 100644
+--- a/include/openssl/conf_api.h
++++ b/include/openssl/conf_api.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_CONF_API_H
+diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
+index 968b1b3..c4b31d9 100644
+--- a/include/openssl/crypto.h
++++ b/include/openssl/crypto.h
+@@ -1,112 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+@@ -188,9 +88,6 @@ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);
+ # define CRYPTO_MEM_CHECK_ENABLE 0x2 /* Control and mode bit */
+ # define CRYPTO_MEM_CHECK_DISABLE 0x3 /* Control only */
+
+-/* predec of the BIO type */
+-typedef struct bio_st BIO_dummy;
+-
+ struct crypto_ex_data_st {
+ STACK_OF(void) *sk;
+ };
+@@ -374,7 +271,7 @@ void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num,
+ const char *file, int line);
+
+ int CRYPTO_secure_malloc_init(size_t sz, int minsize);
+-void CRYPTO_secure_malloc_done(void);
++int CRYPTO_secure_malloc_done(void);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+ void CRYPTO_secure_free(void *ptr, const char *file, int line);
+@@ -409,14 +306,14 @@ void CRYPTO_mem_debug_free(void *addr, int flag,
+ # ifndef OPENSSL_NO_STDIO
+ int CRYPTO_mem_leaks_fp(FILE *);
+ # endif
+-int CRYPTO_mem_leaks(struct bio_st *bio);
++int CRYPTO_mem_leaks(BIO *bio);
+ # endif
+
+ /* die if we have to */
++ossl_noreturn void OPENSSL_die(const char *assertion, const char *file, int line);
+ # if OPENSSL_API_COMPAT < 0x10100000L
+ # define OpenSSLDie(f,l,a) OPENSSL_die((a),(f),(l))
+ # endif
+-void OPENSSL_die(const char *assertion, const char *file, int line);
+ # define OPENSSL_assert(e) \
+ (void)((e) ? 0 : (OPENSSL_die("assertion failed: " #e, OPENSSL_FILE, OPENSSL_LINE), 1))
+
+@@ -483,16 +380,50 @@ void OPENSSL_thread_stop(void);
+ /* Low-level control of initialization */
+ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+ #ifndef OPENSSL_NO_STDIO
+-void OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
+- const char *config_file);
++int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
++ const char *config_file);
+ #endif
+ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *settings);
+
++# if !defined(OPENSSL_THREADS) || defined(CRYPTO_TDEBUG)
++typedef unsigned int CRYPTO_ONCE;
++typedef unsigned int CRYPTO_THREAD_LOCAL;
++typedef unsigned int CRYPTO_THREAD_ID;
++
++# define CRYPTO_ONCE_STATIC_INIT 0
++# elif defined(OPENSSL_SYS_WINDOWS)
++# include <windows.h>
++typedef DWORD CRYPTO_THREAD_LOCAL;
++typedef DWORD CRYPTO_THREAD_ID;
++
++typedef LONG CRYPTO_ONCE;
++# define CRYPTO_ONCE_STATIC_INIT 0
++
++# else
++# include <pthread.h>
++typedef pthread_once_t CRYPTO_ONCE;
++typedef pthread_key_t CRYPTO_THREAD_LOCAL;
++typedef pthread_t CRYPTO_THREAD_ID;
++
++# define CRYPTO_ONCE_STATIC_INIT PTHREAD_ONCE_INIT
++# endif
++
++int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
++
++int CRYPTO_THREAD_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *));
++void *CRYPTO_THREAD_get_local(CRYPTO_THREAD_LOCAL *key);
++int CRYPTO_THREAD_set_local(CRYPTO_THREAD_LOCAL *key, void *val);
++int CRYPTO_THREAD_cleanup_local(CRYPTO_THREAD_LOCAL *key);
++
++CRYPTO_THREAD_ID CRYPTO_THREAD_get_current_id(void);
++int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b);
++
+ /* BEGIN ERROR CODES */
+ /*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_CRYPTO_strings(void);
+
+ /* Error codes for the CRYPTO functions. */
+@@ -501,29 +432,21 @@ void ERR_load_CRYPTO_strings(void);
+ # define CRYPTO_F_CRYPTO_DUP_EX_DATA 110
+ # define CRYPTO_F_CRYPTO_FREE_EX_DATA 111
+ # define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
+-# define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103
+-# define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101
+ # define CRYPTO_F_CRYPTO_MEMDUP 115
+ # define CRYPTO_F_CRYPTO_NEW_EX_DATA 112
+ # define CRYPTO_F_CRYPTO_SET_EX_DATA 102
+-# define CRYPTO_F_DEF_ADD_INDEX 104
+-# define CRYPTO_F_DEF_GET_CLASS 105
+ # define CRYPTO_F_FIPS_MODE_SET 109
+ # define CRYPTO_F_GET_AND_LOCK 113
+-# define CRYPTO_F_INT_DUP_EX_DATA 106
+-# define CRYPTO_F_INT_FREE_EX_DATA 107
+-# define CRYPTO_F_INT_NEW_EX_DATA 108
+ # define CRYPTO_F_OPENSSL_BUF2HEXSTR 117
+-# define CRYPTO_F_OPENSSL_INIT_CRYPTO 116
+-# define CRYPTO_F_OPENSSL_MEMDUP 114
+ # define CRYPTO_F_OPENSSL_HEXSTR2BUF 118
++# define CRYPTO_F_OPENSSL_INIT_CRYPTO 116
+
+ /* Reason codes. */
+ # define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
+ # define CRYPTO_R_ILLEGAL_HEX_DIGIT 102
+ # define CRYPTO_R_ODD_NUMBER_OF_DIGITS 103
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/ct.h b/include/openssl/ct.h
+index f12ca92..f9586dc 100644
+--- a/include/openssl/ct.h
++++ b/include/openssl/ct.h
+@@ -1,55 +1,11 @@
+ /*
+-* Public API for Certificate Transparency (CT).
+-* Written by Rob Percival (robpercival at google.com) for the OpenSSL project.
+-*/
+-/* ====================================================================
+-* Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+-*
+-* Redistribution and use in source and binary forms, with or without
+-* modification, are permitted provided that the following conditions
+-* are met:
+-*
+-* 1. Redistributions of source code must retain the above copyright
+-* notice, this list of conditions and the following disclaimer.
+-*
+-* 2. Redistributions in binary form must reproduce the above copyright
+-* notice, this list of conditions and the following disclaimer in
+-* the documentation and/or other materials provided with the
+-* distribution.
+-*
+-* 3. All advertising materials mentioning features or use of this
+-* software must display the following acknowledgment:
+-* "This product includes software developed by the OpenSSL Project
+-* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+-*
+-* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-* endorse or promote products derived from this software without
+-* prior written permission. For written permission, please contact
+-* licensing at OpenSSL.org.
+-*
+-* 5. Products derived from this software may not be called "OpenSSL"
+-* nor may "OpenSSL" appear in their names without prior written
+-* permission of the OpenSSL Project.
+-*
+-* 6. Redistributions of any form whatsoever must retain the following
+-* acknowledgment:
+-* "This product includes software developed by the OpenSSL Project
+-* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+-*
+-* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-* OF THE POSSIBILITY OF SUCH DAMAGE.
+-* ====================================================================
+-*/
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ #ifndef HEADER_CT_H
+ # define HEADER_CT_H
+@@ -357,7 +313,7 @@ __owur int SCT_LIST_validate(const STACK_OF(SCT) *scts,
+ * for data that caller is responsible for freeing (only if function returns
+ * successfully).
+ * If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring
+- * that "*pp" is large enough to accept all of the serializied data.
++ * that "*pp" is large enough to accept all of the serialized data.
+ * Returns < 0 on error, >= 0 indicating bytes written (or would have been)
+ * on success.
+ */
+@@ -384,7 +340,7 @@ STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
+ * for data that caller is responsible for freeing (only if function returns
+ * successfully).
+ * If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring
+- * that "*pp" is large enough to accept all of the serializied data.
++ * that "*pp" is large enough to accept all of the serialized data.
+ * Returns < 0 on error, >= 0 indicating bytes written (or would have been)
+ * on success.
+ */
+@@ -418,7 +374,7 @@ __owur int i2o_SCT(const SCT *sct, unsigned char **out);
+ * Parses an SCT in TLS format and returns it.
+ * If |psct| is not null, it will end up pointing to the parsed SCT. If it
+ * already points to a non-null pointer, the pointer will be free'd.
+- * |in| should be a pointer to a string contianing the TLS-format SCT.
++ * |in| should be a pointer to a string containing the TLS-format SCT.
+ * |in| will be advanced to the end of the SCT if parsing succeeds.
+ * |len| should be the length of the SCT in |in|.
+ * Returns NULL if an error occurs.
+@@ -439,7 +395,7 @@ __owur int i2o_SCT_signature(const SCT *sct, unsigned char **out);
+
+ /*
+ * Parses an SCT signature in TLS format and populates the |sct| with it.
+-* |in| should be a pointer to a string contianing the TLS-format signature.
++* |in| should be a pointer to a string containing the TLS-format signature.
+ * |in| will be advanced to the end of the signature if parsing succeeds.
+ * |len| should be the length of the signature in |in|.
+ * Returns the number of bytes parsed, or a negative integer if an error occurs.
+@@ -523,6 +479,7 @@ __owur int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_CT_strings(void);
+
+ /* Error codes for the CT functions. */
+@@ -532,20 +489,11 @@ void ERR_load_CT_strings(void);
+ # define CT_F_CTLOG_NEW_FROM_BASE64 118
+ # define CT_F_CTLOG_NEW_FROM_CONF 119
+ # define CT_F_CTLOG_NEW_NULL 120
+-# define CT_F_CTLOG_STORE_GET0_LOG_BY_ID 121
+ # define CT_F_CTLOG_STORE_LOAD_CTX_NEW 122
+ # define CT_F_CTLOG_STORE_LOAD_FILE 123
+ # define CT_F_CT_BASE64_DECODE 124
+-# define CT_F_CT_POLICY_EVAL_CTX_GET0_CERT 130
+-# define CT_F_CT_POLICY_EVAL_CTX_GET0_ISSUER 131
+-# define CT_F_CT_POLICY_EVAL_CTX_GET0_LOG_STORE 132
+ # define CT_F_CT_POLICY_EVAL_CTX_NEW 133
+-# define CT_F_CT_POLICY_EVAL_CTX_SET0_CERT 134
+-# define CT_F_CT_POLICY_EVAL_CTX_SET0_ISSUER 135
+-# define CT_F_CT_POLICY_EVAL_CTX_SET0_LOG_STORE 136
+ # define CT_F_CT_V1_LOG_ID_FROM_PKEY 125
+-# define CT_F_D2I_SCT_LIST 105
+-# define CT_F_I2D_SCT_LIST 106
+ # define CT_F_I2O_SCT 107
+ # define CT_F_I2O_SCT_LIST 108
+ # define CT_F_I2O_SCT_SIGNATURE 109
+@@ -553,7 +501,6 @@ void ERR_load_CT_strings(void);
+ # define CT_F_O2I_SCT_LIST 111
+ # define CT_F_O2I_SCT_SIGNATURE 112
+ # define CT_F_SCT_CTX_NEW 126
+-# define CT_F_SCT_LIST_VALIDATE 139
+ # define CT_F_SCT_NEW 100
+ # define CT_F_SCT_NEW_FROM_BASE64 127
+ # define CT_F_SCT_SET0_LOG_ID 101
+@@ -563,8 +510,6 @@ void ERR_load_CT_strings(void);
+ # define CT_F_SCT_SET_LOG_ENTRY_TYPE 102
+ # define CT_F_SCT_SET_SIGNATURE_NID 103
+ # define CT_F_SCT_SET_VERSION 104
+-# define CT_F_SCT_SIGNATURE_IS_VALID 113
+-# define CT_F_SCT_VALIDATE 140
+ # define CT_F_SCT_VERIFY 128
+ # define CT_F_SCT_VERIFY_V1 129
+
+@@ -576,21 +521,18 @@ void ERR_load_CT_strings(void);
+ # define CT_R_LOG_CONF_MISSING_DESCRIPTION 111
+ # define CT_R_LOG_CONF_MISSING_KEY 112
+ # define CT_R_LOG_KEY_INVALID 113
+-# define CT_R_NOT_ENOUGH_SCTS 116
+ # define CT_R_SCT_INVALID 104
+ # define CT_R_SCT_INVALID_SIGNATURE 107
+ # define CT_R_SCT_LIST_INVALID 105
+ # define CT_R_SCT_LOG_ID_MISMATCH 114
+ # define CT_R_SCT_NOT_SET 106
+ # define CT_R_SCT_UNSUPPORTED_VERSION 115
+-# define CT_R_SCT_VALIDATION_STATUS_NOT_SET 117
+ # define CT_R_UNRECOGNIZED_SIGNATURE_NID 101
+ # define CT_R_UNSUPPORTED_ENTRY_TYPE 102
+ # define CT_R_UNSUPPORTED_VERSION 103
+
+-# ifdef __cplusplus
++# ifdef __cplusplus
+ }
++# endif
+ # endif
+-# endif
+-
+ #endif
+diff --git a/include/openssl/des.h b/include/openssl/des.h
+index 633d070..be4abbd 100644
+--- a/include/openssl/des.h
++++ b/include/openssl/des.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_DES_H
+@@ -113,8 +65,6 @@ typedef struct DES_ks {
+
+ OPENSSL_DECLARE_GLOBAL(int, DES_check_key); /* defaults to false */
+ # define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
+-OPENSSL_DECLARE_GLOBAL(int, DES_rw_mode); /* defaults to DES_PCBC_MODE */
+-# define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
+
+ const char *DES_options(void);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+@@ -182,10 +132,6 @@ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num);
+-int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
+- DES_cblock *iv);
+-int DES_enc_write(int fd, const void *buf, int len, DES_key_schedule *sched,
+- DES_cblock *iv);
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+@@ -218,12 +164,6 @@ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int *num);
+
+-#ifndef OPENSSL_NO_UI
+-int DES_read_password(DES_cblock *key, const char *prompt, int verify);
+-int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
+- const char *prompt, int verify);
+-#endif
+-
+ # define DES_fixup_key_parity DES_set_odd_parity
+
+ # ifdef __cplusplus
+diff --git a/include/openssl/dh.h b/include/openssl/dh.h
+index d78bac9..beb0f9f 100644
+--- a/include/openssl/dh.h
++++ b/include/openssl/dh.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_DH_H
+@@ -85,7 +37,7 @@ extern "C" {
+ /*
+ * If this flag is set the DH method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+- * sets this flag in its own methods it is its reposibility to ensure the
++ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+@@ -335,6 +287,7 @@ int DH_meth_set_generate_params(DH_METHOD *dhm,
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_DH_strings(void);
+
+ /* Error codes for the DH functions. */
+@@ -346,6 +299,9 @@ void ERR_load_DH_strings(void);
+ # define DH_F_DH_CMS_DECRYPT 114
+ # define DH_F_DH_CMS_SET_PEERKEY 115
+ # define DH_F_DH_CMS_SET_SHARED_INFO 116
++# define DH_F_DH_METH_DUP 117
++# define DH_F_DH_METH_NEW 118
++# define DH_F_DH_METH_SET1_NAME 119
+ # define DH_F_DH_NEW_METHOD 105
+ # define DH_F_DH_PARAM_DECODE 107
+ # define DH_F_DH_PRIV_DECODE 110
+@@ -354,7 +310,6 @@ void ERR_load_DH_strings(void);
+ # define DH_F_DH_PUB_ENCODE 109
+ # define DH_F_DO_DH_PRINT 100
+ # define DH_F_GENERATE_KEY 103
+-# define DH_F_GENERATE_PARAMETERS 104
+ # define DH_F_PKEY_DH_DERIVE 112
+ # define DH_F_PKEY_DH_KEYGEN 113
+
+@@ -366,7 +321,6 @@ void ERR_load_DH_strings(void);
+ # define DH_R_INVALID_PUBKEY 102
+ # define DH_R_KDF_PARAMETER_ERROR 112
+ # define DH_R_KEYS_NOT_SET 108
+-# define DH_R_KEY_SIZE_TOO_SMALL 110
+ # define DH_R_MODULUS_TOO_LARGE 103
+ # define DH_R_NO_PARAMETERS_SET 107
+ # define DH_R_NO_PRIVATE_VALUE 100
+@@ -374,9 +328,8 @@ void ERR_load_DH_strings(void);
+ # define DH_R_PEER_KEY_ERROR 111
+ # define DH_R_SHARED_INFO_ERROR 113
+
+-# ifdef __cplusplus
++# ifdef __cplusplus
+ }
++# endif
+ # endif
+-# endif
+-
+ #endif
+diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
+index 1b04584..f65ee5d 100644
+--- a/include/openssl/dsa.h
++++ b/include/openssl/dsa.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+@@ -96,7 +48,7 @@ extern "C" {
+ /*
+ * If this flag is set the DSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+- * sets this flag in its own methods it is its reposibility to ensure the
++ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+@@ -276,20 +228,21 @@ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen) (DSA *));
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_DSA_strings(void);
+
+ /* Error codes for the DSA functions. */
+
+ /* Function codes. */
+-# define DSA_F_D2I_DSA_SIG 110
+-# define DSA_F_DO_DSA_PRINT 104
+ # define DSA_F_DSAPARAMS_PRINT 100
+ # define DSA_F_DSAPARAMS_PRINT_FP 101
+-# define DSA_F_DSA_BUILTIN_KEYGEN 124
+ # define DSA_F_DSA_BUILTIN_PARAMGEN 125
+ # define DSA_F_DSA_BUILTIN_PARAMGEN2 126
+ # define DSA_F_DSA_DO_SIGN 112
+ # define DSA_F_DSA_DO_VERIFY 113
++# define DSA_F_DSA_METH_DUP 127
++# define DSA_F_DSA_METH_NEW 128
++# define DSA_F_DSA_METH_SET1_NAME 129
+ # define DSA_F_DSA_NEW_METHOD 103
+ # define DSA_F_DSA_PARAM_DECODE 119
+ # define DSA_F_DSA_PRINT_FP 105
+@@ -299,34 +252,25 @@ void ERR_load_DSA_strings(void);
+ # define DSA_F_DSA_PUB_ENCODE 118
+ # define DSA_F_DSA_SIGN 106
+ # define DSA_F_DSA_SIGN_SETUP 107
+-# define DSA_F_DSA_SIG_NEW 109
+-# define DSA_F_DSA_SIG_PRINT 123
+-# define DSA_F_DSA_VERIFY 108
+-# define DSA_F_I2D_DSA_SIG 111
+ # define DSA_F_OLD_DSA_PRIV_DECODE 122
+ # define DSA_F_PKEY_DSA_CTRL 120
+ # define DSA_F_PKEY_DSA_KEYGEN 121
+-# define DSA_F_SIG_CB 114
+
+ /* Reason codes. */
+ # define DSA_R_BAD_Q_VALUE 102
+ # define DSA_R_BN_DECODE_ERROR 108
+ # define DSA_R_BN_ERROR 109
+-# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
+ # define DSA_R_DECODE_ERROR 104
+ # define DSA_R_INVALID_DIGEST_TYPE 106
+ # define DSA_R_INVALID_PARAMETERS 112
+-# define DSA_R_KEY_SIZE_TOO_SMALL 111
+ # define DSA_R_MISSING_PARAMETERS 101
+ # define DSA_R_MODULUS_TOO_LARGE 103
+-# define DSA_R_NEED_NEW_SETUP_VALUES 110
+ # define DSA_R_NO_PARAMETERS_SET 107
+ # define DSA_R_PARAMETER_ENCODING_ERROR 105
+ # define DSA_R_Q_NOT_PRIME 113
+
+-# ifdef __cplusplus
++# ifdef __cplusplus
+ }
++# endif
+ # endif
+-# endif
+-
+ #endif
+diff --git a/include/openssl/dtls1.h b/include/openssl/dtls1.h
+index 16df652..f4769f8 100644
+--- a/include/openssl/dtls1.h
++++ b/include/openssl/dtls1.h
+@@ -1,59 +1,10 @@
+ /*
+- * DTLS implementation written by Nagendra Modadugu
+- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_DTLS1_H
+diff --git a/include/openssl/e_os2.h b/include/openssl/e_os2.h
+index bbd6116..e0a5e46 100644
+--- a/include/openssl/e_os2.h
++++ b/include/openssl/e_os2.h
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_E_OS2_H
+@@ -338,6 +293,14 @@ typedef unsigned __int64 uint64_t;
+ # define ossl_inline inline
+ # endif
+
++# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
++# define ossl_noreturn _Noreturn
++# elif defined(__GNUC__) && __GNUC__ >= 2
++# define ossl_noreturn __attribute__((noreturn))
++# else
++# define ossl_noreturn
++# endif
++
+ #ifdef __cplusplus
+ }
+ #endif
+diff --git a/include/openssl/ebcdic.h b/include/openssl/ebcdic.h
+index e75b609..8696c7a 100644
+--- a/include/openssl/ebcdic.h
++++ b/include/openssl/ebcdic.h
+@@ -1,3 +1,11 @@
++/*
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ #ifndef HEADER_EBCDIC_H
+ # define HEADER_EBCDIC_H
+diff --git a/include/openssl/ec.h b/include/openssl/ec.h
+index 892239d..9c74053 100644
+--- a/include/openssl/ec.h
++++ b/include/openssl/ec.h
+@@ -1,59 +1,12 @@
+ /*
+- * Originally written by Bodo Moeller for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -241,7 +194,7 @@ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+
+-/** Gets the number of bits of ther order of an EC_GROUP
++/** Gets the number of bits of the order of an EC_GROUP
+ * \param group EC_GROUP object
+ * \return number of bits of group order.
+ */
+@@ -438,7 +391,7 @@ typedef struct {
+
+ /*
+ * EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number of all
+- * available curves or zero if a error occurred. In case r ist not zero
++ * available curves or zero if a error occurred. In case r is not zero,
+ * nitems EC_builtin_curve structures are filled with the data of the first
+ * nitems internal groups
+ */
+@@ -711,7 +664,7 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result
+ * \param n BIGNUM with the multiplier for the group generator (optional)
+- * \param num number futher summands
++ * \param num number further summands
+ * \param p array of size num of EC_POINT objects
+ * \param m array of size num of BIGNUM objects
+ * \param ctx BN_CTX object (optional)
+@@ -918,7 +871,7 @@ int EC_KEY_check_key(const EC_KEY *key);
+ */
+ int EC_KEY_can_sign(const EC_KEY *eckey);
+
+-/** Sets a public key from affine coordindates performing
++/** Sets a public key from affine coordinates performing
+ * necessary NIST PKV tests.
+ * \param key the EC_KEY object
+ * \param x public key x coordinate
+@@ -1142,7 +1095,7 @@ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param kinv BIGNUM with a pre-computed inverse k (optional)
+- * \param rp BIGNUM with a pre-computed rp value (optioanl),
++ * \param rp BIGNUM with a pre-computed rp value (optional),
+ * see ECDSA_sign_setup
+ * \param eckey EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+@@ -1193,7 +1146,7 @@ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+ * \param sig buffer to hold the DER encoded signature
+ * \param siglen pointer to the length of the returned signature
+ * \param kinv BIGNUM with a pre-computed inverse k (optional)
+- * \param rp BIGNUM with a pre-computed rp value (optioanl),
++ * \param rp BIGNUM with a pre-computed rp value (optional),
+ * see ECDSA_sign_setup
+ * \param eckey EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
+@@ -1404,13 +1357,13 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_EC_strings(void);
+
+ /* Error codes for the EC functions. */
+
+ /* Function codes. */
+ # define EC_F_BN_TO_FELEM 224
+-# define EC_F_COMPUTE_WNAF 143
+ # define EC_F_D2I_ECPARAMETERS 144
+ # define EC_F_D2I_ECPKPARAMETERS 145
+ # define EC_F_D2I_ECPRIVATEKEY 146
+@@ -1440,17 +1393,8 @@ void ERR_load_EC_strings(void);
+ # define EC_F_ECP_NISTZ256_POINTS_MUL 241
+ # define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244
+ # define EC_F_ECP_NISTZ256_WINDOWED_MUL 242
+-# define EC_F_ECP_NIST_MOD_192 203
+-# define EC_F_ECP_NIST_MOD_224 204
+-# define EC_F_ECP_NIST_MOD_256 205
+-# define EC_F_ECP_NIST_MOD_521 206
+ # define EC_F_EC_ASN1_GROUP2CURVE 153
+ # define EC_F_EC_ASN1_GROUP2FIELDID 154
+-# define EC_F_EC_ASN1_GROUP2PARAMETERS 155
+-# define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156
+-# define EC_F_EC_ASN1_PARAMETERS2GROUP 157
+-# define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158
+-# define EC_F_EC_EX_DATA_SET_DATA 211
+ # define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208
+ # define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159
+ # define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195
+@@ -1465,7 +1409,6 @@ void ERR_load_EC_strings(void);
+ # define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209
+ # define EC_F_EC_GFP_MONT_FIELD_SQR 132
+ # define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
+-# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135
+ # define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225
+ # define EC_F_EC_GFP_NISTP224_POINTS_MUL 228
+ # define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
+@@ -1480,29 +1423,21 @@ void ERR_load_EC_strings(void);
+ # define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
+ # define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165
+ # define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166
+-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100
+-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101
+ # define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102
+ # define EC_F_EC_GFP_SIMPLE_OCT2POINT 103
+ # define EC_F_EC_GFP_SIMPLE_POINT2OCT 104
+ # define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137
+ # define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167
+-# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
+ # define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168
+-# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
+ # define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169
+-# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
+ # define EC_F_EC_GROUP_CHECK 170
+ # define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171
+ # define EC_F_EC_GROUP_COPY 106
+-# define EC_F_EC_GROUP_GET0_GENERATOR 139
+-# define EC_F_EC_GROUP_GET_COFACTOR 140
+ # define EC_F_EC_GROUP_GET_CURVE_GF2M 172
+ # define EC_F_EC_GROUP_GET_CURVE_GFP 130
+ # define EC_F_EC_GROUP_GET_DEGREE 173
+ # define EC_F_EC_GROUP_GET_ECPARAMETERS 261
+ # define EC_F_EC_GROUP_GET_ECPKPARAMETERS 262
+-# define EC_F_EC_GROUP_GET_ORDER 141
+ # define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193
+ # define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194
+ # define EC_F_EC_GROUP_NEW 108
+@@ -1510,10 +1445,8 @@ void ERR_load_EC_strings(void);
+ # define EC_F_EC_GROUP_NEW_FROM_DATA 175
+ # define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS 263
+ # define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS 264
+-# define EC_F_EC_GROUP_PRECOMPUTE_MULT 142
+ # define EC_F_EC_GROUP_SET_CURVE_GF2M 176
+ # define EC_F_EC_GROUP_SET_CURVE_GFP 109
+-# define EC_F_EC_GROUP_SET_EXTRA_DATA 110
+ # define EC_F_EC_GROUP_SET_GENERATOR 111
+ # define EC_F_EC_KEY_CHECK_KEY 177
+ # define EC_F_EC_KEY_COPY 178
+@@ -1540,7 +1473,6 @@ void ERR_load_EC_strings(void);
+ # define EC_F_EC_POINT_IS_AT_INFINITY 118
+ # define EC_F_EC_POINT_IS_ON_CURVE 119
+ # define EC_F_EC_POINT_MAKE_AFFINE 120
+-# define EC_F_EC_POINT_MUL 184
+ # define EC_F_EC_POINT_NEW 121
+ # define EC_F_EC_POINT_OCT2POINT 122
+ # define EC_F_EC_POINT_POINT2OCT 123
+@@ -1550,7 +1482,6 @@ void ERR_load_EC_strings(void);
+ # define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125
+ # define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126
+ # define EC_F_EC_POINT_SET_TO_INFINITY 127
+-# define EC_F_EC_PRE_COMP_DUP 207
+ # define EC_F_EC_PRE_COMP_NEW 196
+ # define EC_F_EC_WNAF_MUL 187
+ # define EC_F_EC_WNAF_PRECOMPUTE_MULT 188
+@@ -1575,7 +1506,6 @@ void ERR_load_EC_strings(void);
+
+ /* Reason codes. */
+ # define EC_R_ASN1_ERROR 115
+-# define EC_R_ASN1_UNKNOWN_FIELD 116
+ # define EC_R_BAD_SIGNATURE 156
+ # define EC_R_BIGNUM_OUT_OF_RANGE 144
+ # define EC_R_BUFFER_TOO_SMALL 100
+@@ -1605,17 +1535,14 @@ void ERR_load_EC_strings(void);
+ # define EC_R_INVALID_PENTANOMIAL_BASIS 132
+ # define EC_R_INVALID_PRIVATE_KEY 123
+ # define EC_R_INVALID_TRINOMIAL_BASIS 137
+-# define EC_R_KDF_FAILED 153
+ # define EC_R_KDF_PARAMETER_ERROR 148
+ # define EC_R_KEYS_NOT_SET 140
+ # define EC_R_MISSING_PARAMETERS 124
+ # define EC_R_MISSING_PRIVATE_KEY 125
+ # define EC_R_NEED_NEW_SETUP_VALUES 157
+ # define EC_R_NOT_A_NIST_PRIME 135
+-# define EC_R_NOT_A_SUPPORTED_NIST_PRIME 136
+ # define EC_R_NOT_IMPLEMENTED 126
+ # define EC_R_NOT_INITIALIZED 111
+-# define EC_R_NO_FIELD_MOD 133
+ # define EC_R_NO_PARAMETERS_SET 139
+ # define EC_R_NO_PRIVATE_VALUE 154
+ # define EC_R_OPERATION_NOT_SUPPORTED 152
+@@ -1636,9 +1563,8 @@ void ERR_load_EC_strings(void);
+ # define EC_R_WRONG_CURVE_PARAMETERS 145
+ # define EC_R_WRONG_ORDER 130
+
+-# ifdef __cplusplus
++# ifdef __cplusplus
+ }
++# endif
+ # endif
+-# endif
+-
+ #endif
+diff --git a/include/openssl/ecdh.h b/include/openssl/ecdh.h
+index 6a4a7b1..681f3d5 100644
+--- a/include/openssl/ecdh.h
++++ b/include/openssl/ecdh.h
+@@ -1 +1,10 @@
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <openssl/ec.h>
+diff --git a/include/openssl/ecdsa.h b/include/openssl/ecdsa.h
+index 6a4a7b1..681f3d5 100644
+--- a/include/openssl/ecdsa.h
++++ b/include/openssl/ecdsa.h
+@@ -1 +1,10 @@
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <openssl/ec.h>
+diff --git a/include/openssl/engine.h b/include/openssl/engine.h
+index 3123ad3..e9d3ab2 100644
+--- a/include/openssl/engine.h
++++ b/include/openssl/engine.h
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+@@ -802,6 +754,7 @@ void ENGINE_setup_bsd_cryptodev(void);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_ENGINE_strings(void);
+
+ /* Error codes for the ENGINE functions. */
+@@ -818,9 +771,7 @@ void ERR_load_ENGINE_strings(void);
+ # define ENGINE_F_ENGINE_CTRL_CMD 178
+ # define ENGINE_F_ENGINE_CTRL_CMD_STRING 171
+ # define ENGINE_F_ENGINE_FINISH 107
+-# define ENGINE_F_ENGINE_FREE_UTIL 108
+ # define ENGINE_F_ENGINE_GET_CIPHER 185
+-# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
+ # define ENGINE_F_ENGINE_GET_DIGEST 186
+ # define ENGINE_F_ENGINE_GET_NEXT 115
+ # define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
+@@ -835,17 +786,14 @@ void ERR_load_ENGINE_strings(void);
+ # define ENGINE_F_ENGINE_NEW 122
+ # define ENGINE_F_ENGINE_REMOVE 123
+ # define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
+-# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126
+ # define ENGINE_F_ENGINE_SET_ID 129
+ # define ENGINE_F_ENGINE_SET_NAME 130
+ # define ENGINE_F_ENGINE_TABLE_REGISTER 184
+-# define ENGINE_F_ENGINE_UNLOAD_KEY 152
+ # define ENGINE_F_ENGINE_UNLOCKED_FINISH 191
+ # define ENGINE_F_ENGINE_UP_REF 190
+ # define ENGINE_F_INT_CTRL_HELPER 172
+ # define ENGINE_F_INT_ENGINE_CONFIGURE 188
+ # define ENGINE_F_INT_ENGINE_MODULE_INIT 187
+-# define ENGINE_F_LOG_MESSAGE 141
+
+ /* Reason codes. */
+ # define ENGINE_R_ALREADY_LOADED 100
+@@ -855,8 +803,6 @@ void ERR_load_ENGINE_strings(void);
+ # define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
+ # define ENGINE_R_CONFLICTING_ENGINE_ID 103
+ # define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
+-# define ENGINE_R_DH_NOT_IMPLEMENTED 139
+-# define ENGINE_R_DSA_NOT_IMPLEMENTED 140
+ # define ENGINE_R_DSO_FAILURE 104
+ # define ENGINE_R_DSO_NOT_FOUND 132
+ # define ENGINE_R_ENGINES_SECTION_ERROR 148
+@@ -866,7 +812,6 @@ void ERR_load_ENGINE_strings(void);
+ # define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
+ # define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
+ # define ENGINE_R_FINISH_FAILED 106
+-# define ENGINE_R_GET_HANDLE_FAILED 107
+ # define ENGINE_R_ID_OR_NAME_MISSING 108
+ # define ENGINE_R_INIT_FAILED 109
+ # define ENGINE_R_INTERNAL_LIST_ERROR 110
+@@ -882,17 +827,13 @@ void ERR_load_ENGINE_strings(void);
+ # define ENGINE_R_NO_LOAD_FUNCTION 125
+ # define ENGINE_R_NO_REFERENCE 130
+ # define ENGINE_R_NO_SUCH_ENGINE 116
+-# define ENGINE_R_NO_UNLOAD_FUNCTION 126
+-# define ENGINE_R_PROVIDE_PARAMETERS 113
+-# define ENGINE_R_RSA_NOT_IMPLEMENTED 141
+ # define ENGINE_R_UNIMPLEMENTED_CIPHER 146
+ # define ENGINE_R_UNIMPLEMENTED_DIGEST 147
+ # define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
+ # define ENGINE_R_VERSION_INCOMPATIBILITY 145
+
+-# ifdef __cplusplus
++# ifdef __cplusplus
+ }
++# endif
+ # endif
+-# endif
+-
+ #endif
+diff --git a/include/openssl/err.h b/include/openssl/err.h
+index ccf2ff7..b019d0e 100644
+--- a/include/openssl/err.h
++++ b/include/openssl/err.h
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_ERR_H
+@@ -235,11 +134,10 @@ typedef struct err_state_st {
+ # define KDFerr(f,r) ERR_PUT_error(ERR_LIB_KDF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
+
+ # define ERR_PACK(l,f,r) \
+- ( (((l) & 0x0FF) << 24L) | (((f) & 0xFFF) << 12L) | ((r) & 0xFFF) )
++ ( ((unsigned int)((l) & 0x0FF) << 24L) | (((f) & 0xFFF) << 12L) | ((r) & 0xFFF) )
+ # define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL)
+ # define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL)
+ # define ERR_GET_REASON(l) (int)((l)&0xfffL)
+-# define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
+
+ /* OS functions */
+ # define SYS_F_FOPEN 1
+@@ -272,30 +170,14 @@ typedef struct err_state_st {
+ # define ERR_R_DSA_LIB ERR_LIB_DSA/* 10 */
+ # define ERR_R_X509_LIB ERR_LIB_X509/* 11 */
+ # define ERR_R_ASN1_LIB ERR_LIB_ASN1/* 13 */
+-# define ERR_R_CONF_LIB ERR_LIB_CONF/* 14 */
+-# define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO/* 15 */
+ # define ERR_R_EC_LIB ERR_LIB_EC/* 16 */
+-# define ERR_R_SSL_LIB ERR_LIB_SSL/* 20 */
+ # define ERR_R_BIO_LIB ERR_LIB_BIO/* 32 */
+ # define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
+ # define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */
+-# define ERR_R_PKCS12_LIB ERR_LIB_PKCS12/* 35 */
+-# define ERR_R_RAND_LIB ERR_LIB_RAND/* 36 */
+-# define ERR_R_DSO_LIB ERR_LIB_DSO/* 37 */
+ # define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
+-# define ERR_R_OCSP_LIB ERR_LIB_OCSP/* 39 */
+-# define ERR_R_UI_LIB ERR_LIB_UI/* 40 */
+-# define ERR_R_COMP_LIB ERR_LIB_COMP/* 41 */
+ # define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
+-# define ERR_R_ECDH_LIB ERR_LIB_ECDH/* 43 */
+-# define ERR_R_STORE_LIB ERR_LIB_STORE/* 44 */
+-# define ERR_R_TS_LIB ERR_LIB_TS/* 45 */
+
+ # define ERR_R_NESTED_ASN1_ERROR 58
+-# define ERR_R_BAD_ASN1_OBJECT_HEADER 59
+-# define ERR_R_BAD_GET_ASN1_OBJECT_CALL 60
+-# define ERR_R_EXPECTING_AN_ASN1_SEQUENCE 61
+-# define ERR_R_ASN1_LENGTH_MISMATCH 62
+ # define ERR_R_MISSING_ASN1_EOS 63
+
+ /* fatal error */
+@@ -359,9 +241,8 @@ void ERR_load_ERR_strings(void);
+ # define ERR_free_strings() while(0) continue
+ #endif
+
+-void ERR_remove_thread_state(void);
+-DEPRECATEDIN_1_0_0(void ERR_remove_state(unsigned long pid)) /* if zero we
+- * look it up */
++DEPRECATEDIN_1_1_0(void ERR_remove_thread_state(void *))
++DEPRECATEDIN_1_0_0(void ERR_remove_state(unsigned long pid))
+ ERR_STATE *ERR_get_state(void);
+
+ LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
+diff --git a/include/openssl/evp.h b/include/openssl/evp.h
+index 250730f..796f4cc 100644
+--- a/include/openssl/evp.h
++++ b/include/openssl/evp.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_ENVELOPE_H
+@@ -976,7 +928,7 @@ struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+ # endif
+
+ EVP_PKEY *EVP_PKEY_new(void);
+-void EVP_PKEY_up_ref(EVP_PKEY *pkey);
++int EVP_PKEY_up_ref(EVP_PKEY *pkey);
+ void EVP_PKEY_free(EVP_PKEY *pkey);
+
+ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+@@ -1486,28 +1438,20 @@ void EVP_add_alg_module(void);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_EVP_strings(void);
+
+ /* Error codes for the EVP functions. */
+
+ /* Function codes. */
+ # define EVP_F_AESNI_INIT_KEY 165
+-# define EVP_F_AESNI_XTS_CIPHER 176
+ # define EVP_F_AES_INIT_KEY 133
+ # define EVP_F_AES_T4_INIT_KEY 178
+-# define EVP_F_AES_XTS 172
+-# define EVP_F_AES_XTS_CIPHER 175
+ # define EVP_F_ALG_MODULE_INIT 177
+ # define EVP_F_CAMELLIA_INIT_KEY 159
+ # define EVP_F_CHACHA20_POLY1305_CTRL 182
+-# define EVP_F_CMAC_INIT 173
+ # define EVP_F_CMLL_T4_INIT_KEY 179
+-# define EVP_F_D2I_PKEY 100
+ # define EVP_F_DO_SIGVER_INIT 161
+-# define EVP_F_DSAPKEY2PKCS8 134
+-# define EVP_F_DSA_PKEY2PKCS8 135
+-# define EVP_F_ECDSA_PKEY2PKCS8 129
+-# define EVP_F_ECKEY_PKEY2PKCS8 132
+ # define EVP_F_EVP_CIPHERINIT_EX 123
+ # define EVP_F_EVP_CIPHER_CTX_COPY 163
+ # define EVP_F_EVP_CIPHER_CTX_CTRL 124
+@@ -1539,7 +1483,6 @@ void ERR_load_EVP_strings(void);
+ # define EVP_F_EVP_PKEY_ENCRYPT_OLD 152
+ # define EVP_F_EVP_PKEY_GET0_DH 119
+ # define EVP_F_EVP_PKEY_GET0_DSA 120
+-# define EVP_F_EVP_PKEY_GET0_ECDSA 130
+ # define EVP_F_EVP_PKEY_GET0_EC_KEY 131
+ # define EVP_F_EVP_PKEY_GET0_RSA 121
+ # define EVP_F_EVP_PKEY_KEYGEN 146
+@@ -1553,35 +1496,20 @@ void ERR_load_EVP_strings(void);
+ # define EVP_F_EVP_PKEY_VERIFY_INIT 143
+ # define EVP_F_EVP_PKEY_VERIFY_RECOVER 144
+ # define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
+-# define EVP_F_EVP_RIJNDAEL 126
+ # define EVP_F_EVP_SIGNFINAL 107
+ # define EVP_F_EVP_VERIFYFINAL 108
+-# define EVP_F_FIPS_CIPHERINIT 166
+-# define EVP_F_FIPS_CIPHER_CTX_COPY 170
+-# define EVP_F_FIPS_CIPHER_CTX_CTRL 167
+-# define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
+-# define EVP_F_FIPS_DIGESTINIT 168
+-# define EVP_F_FIPS_MD_CTX_COPY 169
+-# define EVP_F_HMAC_INIT_EX 174
+ # define EVP_F_INT_CTX_NEW 157
+ # define EVP_F_PKCS5_PBE_KEYIVGEN 117
+ # define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
+ # define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
+ # define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 180
+-# define EVP_F_PKCS8_SET_BROKEN 112
+ # define EVP_F_PKEY_SET_TYPE 158
+ # define EVP_F_RC2_MAGIC_TO_METH 109
+ # define EVP_F_RC5_CTRL 125
+
+ /* Reason codes. */
+-# define EVP_R_AES_IV_SETUP_FAILED 162
+ # define EVP_R_AES_KEY_SETUP_FAILED 143
+-# define EVP_R_ASN1_LIB 140
+-# define EVP_R_BAD_BLOCK_LENGTH 136
+ # define EVP_R_BAD_DECRYPT 100
+-# define EVP_R_BAD_KEY_LENGTH 137
+-# define EVP_R_BN_DECODE_ERROR 112
+-# define EVP_R_BN_PUBKEY_ERROR 113
+ # define EVP_R_BUFFER_TOO_SMALL 155
+ # define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
+ # define EVP_R_CIPHER_PARAMETER_ERROR 122
+@@ -1593,15 +1521,11 @@ void ERR_load_EVP_strings(void);
+ # define EVP_R_DECODE_ERROR 114
+ # define EVP_R_DIFFERENT_KEY_TYPES 101
+ # define EVP_R_DIFFERENT_PARAMETERS 153
+-# define EVP_R_DISABLED_FOR_FIPS 163
+-# define EVP_R_ENCODE_ERROR 115
+ # define EVP_R_ERROR_LOADING_SECTION 165
+ # define EVP_R_ERROR_SETTING_FIPS_MODE 166
+-# define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
+ # define EVP_R_EXPECTING_AN_RSA_KEY 127
+ # define EVP_R_EXPECTING_A_DH_KEY 128
+ # define EVP_R_EXPECTING_A_DSA_KEY 129
+-# define EVP_R_EXPECTING_A_ECDSA_KEY 141
+ # define EVP_R_EXPECTING_A_EC_KEY 142
+ # define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
+ # define EVP_R_ILLEGAL_SCRYPT_PARAMETERS 171
+@@ -1611,7 +1535,6 @@ void ERR_load_EVP_strings(void);
+ # define EVP_R_INVALID_FIPS_MODE 168
+ # define EVP_R_INVALID_KEY_LENGTH 130
+ # define EVP_R_INVALID_OPERATION 148
+-# define EVP_R_IV_TOO_LARGE 102
+ # define EVP_R_KEYGEN_FAILURE 120
+ # define EVP_R_MEMORY_LIMIT_EXCEEDED 172
+ # define EVP_R_MESSAGE_DIGEST_IS_NULL 159
+@@ -1620,18 +1543,13 @@ void ERR_load_EVP_strings(void);
+ # define EVP_R_NO_CIPHER_SET 131
+ # define EVP_R_NO_DEFAULT_DIGEST 158
+ # define EVP_R_NO_DIGEST_SET 139
+-# define EVP_R_NO_DSA_PARAMETERS 116
+ # define EVP_R_NO_KEY_SET 154
+ # define EVP_R_NO_OPERATION_SET 149
+-# define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
+-# define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
+ # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
+ # define EVP_R_OPERATON_NOT_INITIALIZED 151
+-# define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
+ # define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
+ # define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
+ # define EVP_R_PUBLIC_KEY_NOT_RSA 106
+-# define EVP_R_TOO_LARGE 164
+ # define EVP_R_UNKNOWN_CIPHER 160
+ # define EVP_R_UNKNOWN_DIGEST 161
+ # define EVP_R_UNKNOWN_OPTION 169
+@@ -1647,9 +1565,8 @@ void ERR_load_EVP_strings(void);
+ # define EVP_R_UNSUPPORTED_SALT_TYPE 126
+ # define EVP_R_WRAP_MODE_NOT_ALLOWED 170
+ # define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
+-# define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h
+index 71d7d65..809ca34 100644
+--- a/include/openssl/hmac.h
++++ b/include/openssl/hmac.h
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #ifndef HEADER_HMAC_H
+ # define HEADER_HMAC_H
+
+@@ -67,7 +20,7 @@
+ extern "C" {
+ #endif
+
+-size_t HMAC_size(HMAC_CTX *e);
++size_t HMAC_size(const HMAC_CTX *e);
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+diff --git a/include/openssl/idea.h b/include/openssl/idea.h
+index 65e0b44..d527675 100644
+--- a/include/openssl/idea.h
++++ b/include/openssl/idea.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_IDEA_H
+diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h
+index e61a9a6..3078b56 100644
+--- a/include/openssl/kdf.h
++++ b/include/openssl/kdf.h
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_KDF_H
+@@ -99,6 +55,7 @@ extern "C" {
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_KDF_strings(void);
+
+ /* Error codes for the KDF functions. */
+@@ -112,7 +69,7 @@ void ERR_load_KDF_strings(void);
+ # define KDF_R_MISSING_PARAMETER 101
+ # define KDF_R_VALUE_MISSING 102
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/lhash.h b/include/openssl/lhash.h
+index 8b8822b..e2ccb65 100644
+--- a/include/openssl/lhash.h
++++ b/include/openssl/lhash.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+@@ -69,16 +21,12 @@
+ extern "C" {
+ #endif
+
+-typedef struct lhash_node_st {
+- void *data;
+- struct lhash_node_st *next;
+- unsigned long hash;
+-} LHASH_NODE;
+-
+-typedef int (*LHASH_COMP_FN_TYPE) (const void *, const void *);
+-typedef unsigned long (*LHASH_HASH_FN_TYPE) (const void *);
+-typedef void (*LHASH_DOALL_FN_TYPE) (void *);
+-typedef void (*LHASH_DOALL_ARG_FN_TYPE) (void *, void *);
++typedef struct lhash_node_st OPENSSL_LH_NODE;
++typedef int (*OPENSSL_LH_COMPFUNC) (const void *, const void *);
++typedef unsigned long (*OPENSSL_LH_HASHFUNC) (const void *);
++typedef void (*OPENSSL_LH_DOALL_FUNC) (void *);
++typedef void (*OPENSSL_LH_DOALL_FUNCARG) (void *, void *);
++typedef struct lhash_st OPENSSL_LHASH;
+
+ /*
+ * Macros for declaring and implementing type-safe wrappers for LHASH
+@@ -118,62 +66,53 @@ typedef void (*LHASH_DOALL_ARG_FN_TYPE) (void *, void *);
+ name##_doall_arg(a, b); }
+ # define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
+
+-typedef struct lhash_st {
+- LHASH_NODE **b;
+- LHASH_COMP_FN_TYPE comp;
+- LHASH_HASH_FN_TYPE hash;
+- unsigned int num_nodes;
+- unsigned int num_alloc_nodes;
+- unsigned int p;
+- unsigned int pmax;
+- unsigned long up_load; /* load times 256 */
+- unsigned long down_load; /* load times 256 */
+- unsigned long num_items;
+- unsigned long num_expands;
+- unsigned long num_expand_reallocs;
+- unsigned long num_contracts;
+- unsigned long num_contract_reallocs;
+- unsigned long num_hash_calls;
+- unsigned long num_comp_calls;
+- unsigned long num_insert;
+- unsigned long num_replace;
+- unsigned long num_delete;
+- unsigned long num_no_delete;
+- unsigned long num_retrieve;
+- unsigned long num_retrieve_miss;
+- unsigned long num_hash_comps;
+- int error;
+-} _LHASH; /* Do not use _LHASH directly, use LHASH_OF
+- * and friends */
+
+ # define LH_LOAD_MULT 256
+
+-/*
+- * Indicates a malloc() error in the last call, this is only bad in
+- * lh_insert().
+- */
+-int lh_error(_LHASH *lh);
+-
+-_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
+-void lh_free(_LHASH *lh);
+-void *lh_insert(_LHASH *lh, void *data);
+-void *lh_delete(_LHASH *lh, const void *data);
+-void *lh_retrieve(_LHASH *lh, const void *data);
+-void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
+-void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
+-unsigned long lh_strhash(const char *c);
+-unsigned long lh_num_items(const _LHASH *lh);
+-unsigned long lh_get_down_load(const _LHASH *lh);
+-void lh_set_down_load(_LHASH *lh, unsigned long down_load);
++int OPENSSL_LH_error(OPENSSL_LHASH *lh);
++OPENSSL_LHASH *OPENSSL_LH_new(OPENSSL_LH_HASHFUNC h, OPENSSL_LH_COMPFUNC c);
++void OPENSSL_LH_free(OPENSSL_LHASH *lh);
++void *OPENSSL_LH_insert(OPENSSL_LHASH *lh, void *data);
++void *OPENSSL_LH_delete(OPENSSL_LHASH *lh, const void *data);
++void *OPENSSL_LH_retrieve(OPENSSL_LHASH *lh, const void *data);
++void OPENSSL_LH_doall(OPENSSL_LHASH *lh, OPENSSL_LH_DOALL_FUNC func);
++void OPENSSL_LH_doall_arg(OPENSSL_LHASH *lh, OPENSSL_LH_DOALL_FUNCARG func, void *arg);
++unsigned long OPENSSL_LH_strhash(const char *c);
++unsigned long OPENSSL_LH_num_items(const OPENSSL_LHASH *lh);
++unsigned long OPENSSL_LH_get_down_load(const OPENSSL_LHASH *lh);
++void OPENSSL_LH_set_down_load(OPENSSL_LHASH *lh, unsigned long down_load);
+
+ # ifndef OPENSSL_NO_STDIO
+-void lh_stats(const _LHASH *lh, FILE *fp);
+-void lh_node_stats(const _LHASH *lh, FILE *fp);
+-void lh_node_usage_stats(const _LHASH *lh, FILE *fp);
++void OPENSSL_LH_stats(const OPENSSL_LHASH *lh, FILE *fp);
++void OPENSSL_LH_node_stats(const OPENSSL_LHASH *lh, FILE *fp);
++void OPENSSL_LH_node_usage_stats(const OPENSSL_LHASH *lh, FILE *fp);
++# endif
++void OPENSSL_LH_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
++void OPENSSL_LH_node_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
++void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
++
++# if OPENSSL_API_COMPAT < 0x10100000L
++# define _LHASH OPENSSL_LHASH
++# define LHASH_NODE OPENSSL_LH_NODE
++# define lh_error OPENSSL_LH_error
++# define lh_new OPENSSL_lh_new
++# define lh_free OPENSSL_LH_free
++# define lh_insert OPENSSL_LH_insert
++# define lh_delete OPENSSL_LH_delete
++# define lh_retrieve OPENSSL_LH_retrieve
++# define lh_doall OPENSSL_LH_doall
++# define lh_doall_arg OPENSSL_LH_doall_arg
++# define lh_strhash OPENSSL_LH_strhash
++# define lh_num_items OPENSSL_LH_num_items
++# ifndef OPENSSL_NO_STDIO
++# define lh_stats OPENSSL_LH_stats
++# define lh_node_stats OPENSSL_LH_node_stats
++# define lh_node_usage_stats OPENSSL_LH_node_usage_stats
++# endif
++# define lh_stats_bio OPENSSL_LH_stats_bio
++# define lh_node_stats_bio OPENSSL_LH_node_stats_bio
++# define lh_node_usage_stats_bio OPENSSL_LH_node_usage_stats_bio
+ # endif
+-void lh_stats_bio(const _LHASH *lh, BIO *out);
+-void lh_node_stats_bio(const _LHASH *lh, BIO *out);
+-void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
+
+ /* Type checking... */
+
+@@ -186,56 +125,56 @@ void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
+ int (*cfn)(const type *, const type *)) \
+ { \
+ return (LHASH_OF(type) *) \
+- lh_new((LHASH_HASH_FN_TYPE) hfn, (LHASH_COMP_FN_TYPE)cfn); \
++ OPENSSL_LH_new((OPENSSL_LH_HASHFUNC)hfn, (OPENSSL_LH_COMPFUNC)cfn); \
+ } \
+ static ossl_inline void lh_##type##_free(LHASH_OF(type) *lh) \
+ { \
+- lh_free((_LHASH *)lh); \
++ OPENSSL_LH_free((OPENSSL_LHASH *)lh); \
+ } \
+ static ossl_inline type *lh_##type##_insert(LHASH_OF(type) *lh, type *d) \
+ { \
+- return (type *)lh_insert((_LHASH *)lh, d); \
++ return (type *)OPENSSL_LH_insert((OPENSSL_LHASH *)lh, d); \
+ } \
+ static ossl_inline type *lh_##type##_delete(LHASH_OF(type) *lh, const type *d) \
+ { \
+- return (type *)lh_delete((_LHASH *)lh, d); \
++ return (type *)OPENSSL_LH_delete((OPENSSL_LHASH *)lh, d); \
+ } \
+ static ossl_inline type *lh_##type##_retrieve(LHASH_OF(type) *lh, const type *d) \
+ { \
+- return (type *)lh_retrieve((_LHASH *)lh, d); \
++ return (type *)OPENSSL_LH_retrieve((OPENSSL_LHASH *)lh, d); \
+ } \
+ static ossl_inline int lh_##type##_error(LHASH_OF(type) *lh) \
+ { \
+- return lh_error((_LHASH *)lh); \
++ return OPENSSL_LH_error((OPENSSL_LHASH *)lh); \
+ } \
+ static ossl_inline unsigned long lh_##type##_num_items(LHASH_OF(type) *lh) \
+ { \
+- return lh_num_items((_LHASH *)lh); \
++ return OPENSSL_LH_num_items((OPENSSL_LHASH *)lh); \
+ } \
+ static ossl_inline void lh_##type##_node_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
+ { \
+- lh_node_stats_bio((_LHASH *)lh, out); \
++ OPENSSL_LH_node_stats_bio((const OPENSSL_LHASH *)lh, out); \
+ } \
+ static ossl_inline void lh_##type##_node_usage_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
+ { \
+- lh_node_usage_stats_bio((_LHASH *)lh, out); \
++ OPENSSL_LH_node_usage_stats_bio((const OPENSSL_LHASH *)lh, out); \
+ } \
+ static ossl_inline void lh_##type##_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
+ { \
+- lh_stats_bio((_LHASH *)lh, out); \
++ OPENSSL_LH_stats_bio((const OPENSSL_LHASH *)lh, out); \
+ } \
+ static ossl_inline unsigned long lh_##type##_get_down_load(LHASH_OF(type) *lh) \
+ { \
+- return lh_get_down_load((_LHASH *)lh); \
++ return OPENSSL_LH_get_down_load((OPENSSL_LHASH *)lh); \
+ } \
+ static ossl_inline void lh_##type##_set_down_load(LHASH_OF(type) *lh, unsigned long dl) \
+ { \
+- lh_set_down_load((_LHASH *)lh, dl); \
++ OPENSSL_LH_set_down_load((OPENSSL_LHASH *)lh, dl); \
+ } \
+ static ossl_inline void lh_##type##_doall(LHASH_OF(type) *lh, \
+ void (*doall)(type *)) \
+ { \
+- lh_doall((_LHASH *)lh, (LHASH_DOALL_FN_TYPE)doall); \
++ OPENSSL_LH_doall((OPENSSL_LHASH *)lh, (OPENSSL_LH_DOALL_FUNC)doall); \
+ } \
+ LHASH_OF(type)
+
+@@ -251,17 +190,10 @@ void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
+ void (*fn)(cbargtype *, argtype *), \
+ argtype *arg) \
+ { \
+- lh_doall_arg((_LHASH *)lh, (LHASH_DOALL_ARG_FN_TYPE)fn, (void *)arg); \
++ OPENSSL_LH_doall_arg((OPENSSL_LHASH *)lh, (OPENSSL_LH_DOALL_FUNCARG)fn, (void *)arg); \
+ } \
+ LHASH_OF(type)
+
+-# define CHECKED_LHASH_OF(type,lh) \
+- ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
+-
+-/* Define wrapper functions. */
+-# define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
+- lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
+-
+ DEFINE_LHASH_OF(OPENSSL_STRING);
+ DEFINE_LHASH_OF(OPENSSL_CSTRING);
+
+diff --git a/include/openssl/md2.h b/include/openssl/md2.h
+index d77a4fa..7faf8e3 100644
+--- a/include/openssl/md2.h
++++ b/include/openssl/md2.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_MD2_H
+diff --git a/include/openssl/md4.h b/include/openssl/md4.h
+index b40a839..940e29d 100644
+--- a/include/openssl/md4.h
++++ b/include/openssl/md4.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_MD4_H
+diff --git a/include/openssl/md5.h b/include/openssl/md5.h
+index 5b34b46..2deb772 100644
+--- a/include/openssl/md5.h
++++ b/include/openssl/md5.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_MD5_H
+diff --git a/include/openssl/mdc2.h b/include/openssl/mdc2.h
+index 229b122..ca28842 100644
+--- a/include/openssl/mdc2.h
++++ b/include/openssl/mdc2.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_MDC2_H
+diff --git a/include/openssl/modes.h b/include/openssl/modes.h
+index 11bbb68..a04c6a5 100644
+--- a/include/openssl/modes.h
++++ b/include/openssl/modes.h
+@@ -1,8 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Rights for redistribution and usage in source and binary
+- * forms are granted according to the OpenSSL license.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stddef.h>
+diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h
+index 5d7adc7..ebb7963 100644
+--- a/include/openssl/obj_mac.h
++++ b/include/openssl/obj_mac.h
+@@ -1,63 +1,12 @@
+ /*
+- * THIS FILE IS GENERATED FROM objects.txt by objects.pl via the following
+- * command: perl objects.pl objects.txt obj_mac.num obj_mac.h
+- */
+-
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++ * WARNING: do not edit!
++ * Generated by crypto/objects/objects.pl
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #define SN_undef "UNDEF"
+diff --git a/include/openssl/objects.h b/include/openssl/objects.h
+index f8c2f05..4d3de7c 100644
+--- a/include/openssl/objects.h
++++ b/include/openssl/objects.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_OBJECTS_H
+@@ -1121,6 +1073,7 @@ void OBJ_sigid_free(void);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_OBJ_strings(void);
+
+ /* Error codes for the OBJ functions. */
+@@ -1135,10 +1088,10 @@ void ERR_load_OBJ_strings(void);
+ # define OBJ_F_OBJ_NID2SN 104
+
+ /* Reason codes. */
+-# define OBJ_R_MALLOC_FAILURE 100
++# define OBJ_R_OID_EXISTS 102
+ # define OBJ_R_UNKNOWN_NID 101
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h
+index 546e9bc..7ded752 100644
+--- a/include/openssl/ocsp.h
++++ b/include/openssl/ocsp.h
+@@ -1,75 +1,50 @@
+ /*
+- * Written by Tom Titchener <Tom_Titchener at groove.net> for the OpenSSL
+- * project.
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
++#ifndef HEADER_OCSP_H
++# define HEADER_OCSP_H
++
++#include <openssl/opensslconf.h>
++
+ /*
+- * History: This file was transferred to Richard Levitte from CertCo by Kathy
+- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+- * patch kit.
++ * These definitions are outside the OPENSSL_NO_OCSP guard because although for
++ * historical reasons they have OCSP_* names, they can actually be used
++ * independently of OCSP. E.g. see RFC5280
+ */
+-
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
++/*-
++ * CRLReason ::= ENUMERATED {
++ * unspecified (0),
++ * keyCompromise (1),
++ * cACompromise (2),
++ * affiliationChanged (3),
++ * superseded (4),
++ * cessationOfOperation (5),
++ * certificateHold (6),
++ * removeFromCRL (8) }
+ */
++# define OCSP_REVOKED_STATUS_NOSTATUS -1
++# define OCSP_REVOKED_STATUS_UNSPECIFIED 0
++# define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1
++# define OCSP_REVOKED_STATUS_CACOMPROMISE 2
++# define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3
++# define OCSP_REVOKED_STATUS_SUPERSEDED 4
++# define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5
++# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
++# define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
+
+-#ifndef HEADER_OCSP_H
+-# define HEADER_OCSP_H
+
+-# include <openssl/ossl_typ.h>
+-# include <openssl/x509.h>
+-# include <openssl/x509v3.h>
+-# include <openssl/safestack.h>
++# ifndef OPENSSL_NO_OCSP
++
++# include <openssl/ossl_typ.h>
++# include <openssl/x509.h>
++# include <openssl/x509v3.h>
++# include <openssl/safestack.h>
+
+ #ifdef __cplusplus
+ extern "C" {
+@@ -77,20 +52,20 @@ extern "C" {
+
+ /* Various flags and values */
+
+-# define OCSP_DEFAULT_NONCE_LENGTH 16
+-
+-# define OCSP_NOCERTS 0x1
+-# define OCSP_NOINTERN 0x2
+-# define OCSP_NOSIGS 0x4
+-# define OCSP_NOCHAIN 0x8
+-# define OCSP_NOVERIFY 0x10
+-# define OCSP_NOEXPLICIT 0x20
+-# define OCSP_NOCASIGN 0x40
+-# define OCSP_NODELEGATED 0x80
+-# define OCSP_NOCHECKS 0x100
+-# define OCSP_TRUSTOTHER 0x200
+-# define OCSP_RESPID_KEY 0x400
+-# define OCSP_NOTIME 0x800
++# define OCSP_DEFAULT_NONCE_LENGTH 16
++
++# define OCSP_NOCERTS 0x1
++# define OCSP_NOINTERN 0x2
++# define OCSP_NOSIGS 0x4
++# define OCSP_NOCHAIN 0x8
++# define OCSP_NOVERIFY 0x10
++# define OCSP_NOEXPLICIT 0x20
++# define OCSP_NOCASIGN 0x40
++# define OCSP_NODELEGATED 0x80
++# define OCSP_NOCHECKS 0x100
++# define OCSP_TRUSTOTHER 0x200
++# define OCSP_RESPID_KEY 0x400
++# define OCSP_NOTIME 0x800
+
+ typedef struct ocsp_cert_id_st OCSP_CERTID;
+
+@@ -104,26 +79,26 @@ typedef struct ocsp_req_info_st OCSP_REQINFO;
+ typedef struct ocsp_signature_st OCSP_SIGNATURE;
+ typedef struct ocsp_request_st OCSP_REQUEST;
+
+-# define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
+-# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1
+-# define OCSP_RESPONSE_STATUS_INTERNALERROR 2
+-# define OCSP_RESPONSE_STATUS_TRYLATER 3
+-# define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
+-# define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
++# define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
++# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1
++# define OCSP_RESPONSE_STATUS_INTERNALERROR 2
++# define OCSP_RESPONSE_STATUS_TRYLATER 3
++# define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
++# define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
+
+ typedef struct ocsp_resp_bytes_st OCSP_RESPBYTES;
+
+-# define V_OCSP_RESPID_NAME 0
+-# define V_OCSP_RESPID_KEY 1
++# define V_OCSP_RESPID_NAME 0
++# define V_OCSP_RESPID_KEY 1
+
+ DEFINE_STACK_OF(OCSP_RESPID)
+ DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
+
+ typedef struct ocsp_revoked_info_st OCSP_REVOKEDINFO;
+
+-# define V_OCSP_CERTSTATUS_GOOD 0
+-# define V_OCSP_CERTSTATUS_REVOKED 1
+-# define V_OCSP_CERTSTATUS_UNKNOWN 2
++# define V_OCSP_CERTSTATUS_GOOD 0
++# define V_OCSP_CERTSTATUS_REVOKED 1
++# define V_OCSP_CERTSTATUS_UNKNOWN 2
+
+ typedef struct ocsp_cert_status_st OCSP_CERTSTATUS;
+ typedef struct ocsp_single_response_st OCSP_SINGLERESP;
+@@ -134,75 +109,54 @@ typedef struct ocsp_response_data_st OCSP_RESPDATA;
+
+ typedef struct ocsp_basic_response_st OCSP_BASICRESP;
+
+-/*-
+- * CRLReason ::= ENUMERATED {
+- * unspecified (0),
+- * keyCompromise (1),
+- * cACompromise (2),
+- * affiliationChanged (3),
+- * superseded (4),
+- * cessationOfOperation (5),
+- * certificateHold (6),
+- * removeFromCRL (8) }
+- */
+-# define OCSP_REVOKED_STATUS_NOSTATUS -1
+-# define OCSP_REVOKED_STATUS_UNSPECIFIED 0
+-# define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1
+-# define OCSP_REVOKED_STATUS_CACOMPROMISE 2
+-# define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3
+-# define OCSP_REVOKED_STATUS_SUPERSEDED 4
+-# define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5
+-# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
+-# define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
+-
+ typedef struct ocsp_crl_id_st OCSP_CRLID;
+ typedef struct ocsp_service_locator_st OCSP_SERVICELOC;
+
+-# define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
+-# define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
++# define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
++# define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
+
+-# define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
++# define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
+
+-# define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
++# define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
+
+-# define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
++# define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
+
+-# define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
++# define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
+ (char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
+
+-# define PEM_write_bio_OCSP_REQUEST(bp,o) \
++# define PEM_write_bio_OCSP_REQUEST(bp,o) \
+ PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
+ bp,(char *)o, NULL,NULL,0,NULL,NULL)
+
+-# define PEM_write_bio_OCSP_RESPONSE(bp,o) \
++# define PEM_write_bio_OCSP_RESPONSE(bp,o) \
+ PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
+ bp,(char *)o, NULL,NULL,0,NULL,NULL)
+
+-# define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
++# define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
+
+-# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
++# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
+
+-# define OCSP_REQUEST_sign(o,pkey,md) \
++# define OCSP_REQUEST_sign(o,pkey,md) \
+ ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
+ &o->optionalSignature->signatureAlgorithm,NULL,\
+ o->optionalSignature->signature,&o->tbsRequest,pkey,md)
+
+-# define OCSP_BASICRESP_sign(o,pkey,md,d) \
++# define OCSP_BASICRESP_sign(o,pkey,md,d) \
+ ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),&o->signatureAlgorithm,NULL,\
+ o->signature,&o->tbsResponseData,pkey,md)
+
+-# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
++# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
+ &a->optionalSignature->signatureAlgorithm,\
+ a->optionalSignature->signature,&a->tbsRequest,r)
+
+-# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
++# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
+ &a->signatureAlgorithm,a->signature,&a->tbsResponseData,r)
+
+-# define ASN1_BIT_STRING_digest(data,type,md,len) \
++# define ASN1_BIT_STRING_digest(data,type,md,len) \
+ ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
+
+-# define OCSP_CERTSTATUS_dup(cs)\
++# define OCSP_CERTSTATUS_dup(cs)\
+ (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
+ (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
+
+@@ -392,12 +346,12 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_OCSP_strings(void);
+
+ /* Error codes for the OCSP functions. */
+
+ /* Function codes. */
+-# define OCSP_F_ASN1_STRING_ENCODE 100
+ # define OCSP_F_D2I_OCSP_NONCE 102
+ # define OCSP_F_OCSP_BASIC_ADD1_STATUS 103
+ # define OCSP_F_OCSP_BASIC_SIGN 104
+@@ -412,13 +366,9 @@ void ERR_load_OCSP_strings(void);
+ # define OCSP_F_OCSP_REQUEST_SIGN 110
+ # define OCSP_F_OCSP_REQUEST_VERIFY 116
+ # define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
+-# define OCSP_F_OCSP_SENDREQ_BIO 112
+-# define OCSP_F_OCSP_SENDREQ_NBIO 117
+ # define OCSP_F_PARSE_HTTP_LINE1 118
+-# define OCSP_F_REQUEST_VERIFY 113
+
+ /* Reason codes. */
+-# define OCSP_R_BAD_DATA 100
+ # define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
+ # define OCSP_R_DIGEST_ERR 102
+ # define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
+@@ -428,8 +378,6 @@ void ERR_load_OCSP_strings(void);
+ # define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
+ # define OCSP_R_NOT_BASIC_RESPONSE 104
+ # define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
+-# define OCSP_R_NO_CONTENT 106
+-# define OCSP_R_NO_PUBLIC_KEY 107
+ # define OCSP_R_NO_RESPONSE_DATA 108
+ # define OCSP_R_NO_REVOKED_TIME 109
+ # define OCSP_R_NO_SIGNER_KEY 130
+@@ -437,10 +385,8 @@ void ERR_load_OCSP_strings(void);
+ # define OCSP_R_REQUEST_NOT_SIGNED 128
+ # define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
+ # define OCSP_R_ROOT_CA_NOT_TRUSTED 112
+-# define OCSP_R_SERVER_READ_ERROR 113
+ # define OCSP_R_SERVER_RESPONSE_ERROR 114
+ # define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115
+-# define OCSP_R_SERVER_WRITE_ERROR 116
+ # define OCSP_R_SIGNATURE_FAILURE 117
+ # define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
+ # define OCSP_R_STATUS_EXPIRED 125
+@@ -450,7 +396,8 @@ void ERR_load_OCSP_strings(void);
+ # define OCSP_R_UNKNOWN_NID 120
+ # define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
++# endif
+ #endif
+diff --git a/include/openssl/opensslconf.h.in b/include/openssl/opensslconf.h.in
+index 803cc16..bec5bd0 100644
+--- a/include/openssl/opensslconf.h.in
++++ b/include/openssl/opensslconf.h.in
+@@ -1,5 +1,12 @@
+ /*
+ * {- join("\n * ", @autowarntext) -}
++ *
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifdef __cplusplus
+diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
+index 72d33f9..2dd067f 100644
+--- a/include/openssl/opensslv.h
++++ b/include/openssl/opensslv.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #ifndef HEADER_OPENSSLV_H
+ # define HEADER_OPENSSLV_H
+
+@@ -30,11 +39,11 @@ extern "C" {
+ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
+ * major minor fix final patch/beta)
+ */
+-# define OPENSSL_VERSION_NUMBER 0x10100005L
++# define OPENSSL_VERSION_NUMBER 0x10100006L
+ # ifdef OPENSSL_FIPS
+-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0-pre5-fips (beta) 19 Apr 2016"
++# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0-pre6-fips-dev xx XXX xxxx"
+ # else
+-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0-pre5 (beta) 19 Apr 2016"
++# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0-pre6-dev xx XXX xxxx"
+ # endif
+
+ /*-
+diff --git a/include/openssl/ossl_typ.h b/include/openssl/ossl_typ.h
+index 81da792..adc50ed 100644
+--- a/include/openssl/ossl_typ.h
++++ b/include/openssl/ossl_typ.h
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_OPENSSL_TYPES_H
+diff --git a/include/openssl/pem.h b/include/openssl/pem.h
+index 0206fec..6dd76ee 100644
+--- a/include/openssl/pem.h
++++ b/include/openssl/pem.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_PEM_H
+@@ -407,6 +359,11 @@ DECLARE_PEM_write_const(DHxparams, DH)
+ DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
+ DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
+
++int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
++ const EVP_CIPHER *enc,
++ unsigned char *kstr, int klen,
++ pem_password_cb *cb, void *u);
++
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+@@ -421,7 +378,7 @@ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+ void *u);
+
+-#ifndef OPENSSL_NO_STDIO
++# ifndef OPENSSL_NO_STDIO
+ int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+@@ -438,20 +395,22 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ char *kstr, int klen, pem_password_cb *cd,
+ void *u);
+-#endif
++# endif
+ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
+ int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
+
++# ifndef OPENSSL_NO_DSA
+ EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
+ EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
+ EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
+ EVP_PKEY *b2i_PublicKey_bio(BIO *in);
+ int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
+ int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
+-# ifndef OPENSSL_NO_RC4
++# ifndef OPENSSL_NO_RC4
+ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
+ int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u);
++# endif
+ # endif
+
+ /* BEGIN ERROR CODES */
+@@ -459,6 +418,7 @@ int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_PEM_strings(void);
+
+ /* Error codes for the PEM functions. */
+@@ -487,9 +447,7 @@ void ERR_load_PEM_strings(void);
+ # define PEM_F_PEM_ASN1_WRITE_BIO 105
+ # define PEM_F_PEM_DEF_CALLBACK 100
+ # define PEM_F_PEM_DO_HEADER 106
+-# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
+ # define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
+-# define PEM_F_PEM_PK8PKEY 119
+ # define PEM_F_PEM_READ 108
+ # define PEM_F_PEM_READ_BIO 109
+ # define PEM_F_PEM_READ_BIO_DHPARAMS 141
+@@ -518,24 +476,26 @@ void ERR_load_PEM_strings(void);
+ # define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
+ # define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
+ # define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
++# define PEM_R_HEADER_TOO_LONG 128
+ # define PEM_R_INCONSISTENT_HEADER 121
+ # define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
+ # define PEM_R_KEYBLOB_TOO_SHORT 123
++# define PEM_R_MISSING_DEK_IV 129
+ # define PEM_R_NOT_DEK_INFO 105
+ # define PEM_R_NOT_ENCRYPTED 106
+ # define PEM_R_NOT_PROC_TYPE 107
+ # define PEM_R_NO_START_LINE 108
+ # define PEM_R_PROBLEMS_GETTING_PASSWORD 109
+-# define PEM_R_PUBLIC_KEY_NO_RSA 110
+ # define PEM_R_PVK_DATA_TOO_SHORT 124
+ # define PEM_R_PVK_TOO_SHORT 125
+ # define PEM_R_READ_KEY 111
+ # define PEM_R_SHORT_HEADER 112
++# define PEM_R_UNEXPECTED_DEK_IV 130
+ # define PEM_R_UNSUPPORTED_CIPHER 113
+ # define PEM_R_UNSUPPORTED_ENCRYPTION 114
+ # define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/pem2.h b/include/openssl/pem2.h
+index 84897d5..9cb7472 100644
+--- a/include/openssl/pem2.h
++++ b/include/openssl/pem2.h
+@@ -1,60 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * This header only exists to break a circular dependency between pem and err
+- * Ben 30 Jan 1999.
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifdef __cplusplus
+diff --git a/include/openssl/pkcs12.h b/include/openssl/pkcs12.h
+index 655655a..848267c 100644
+--- a/include/openssl/pkcs12.h
++++ b/include/openssl/pkcs12.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_PKCS12_H
+@@ -253,24 +204,19 @@ int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
+ int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
+ PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
+ PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
+-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
++int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
+
+ /* BEGIN ERROR CODES */
+ /*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_PKCS12_strings(void);
+
+ /* Error codes for the PKCS12 functions. */
+
+ /* Function codes. */
+-# define PKCS12_F_PARSE_BAG 129
+-# define PKCS12_F_PARSE_BAGS 103
+-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100
+-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127
+-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102
+-# define PKCS12_F_PKCS12_ADD_LOCALKEYID 104
+ # define PKCS12_F_PKCS12_CREATE 105
+ # define PKCS12_F_PKCS12_GEN_MAC 107
+ # define PKCS12_F_PKCS12_INIT 109
+@@ -293,7 +239,6 @@ void ERR_load_PKCS12_strings(void);
+ # define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130
+ # define PKCS12_F_PKCS12_UNPACK_P7DATA 131
+ # define PKCS12_F_PKCS12_VERIFY_MAC 126
+-# define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
+ # define PKCS12_F_PKCS8_ENCRYPT 125
+ # define PKCS12_F_PKCS8_SET0_PBE 132
+
+@@ -312,7 +257,6 @@ void ERR_load_PKCS12_strings(void);
+ # define PKCS12_R_MAC_GENERATION_ERROR 109
+ # define PKCS12_R_MAC_SETUP_ERROR 110
+ # define PKCS12_R_MAC_STRING_SET_ERROR 111
+-# define PKCS12_R_MAC_VERIFY_ERROR 112
+ # define PKCS12_R_MAC_VERIFY_FAILURE 113
+ # define PKCS12_R_PARSE_ERROR 114
+ # define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
+@@ -321,7 +265,7 @@ void ERR_load_PKCS12_strings(void);
+ # define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
+ # define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/pkcs7.h b/include/openssl/pkcs7.h
+index 7ca085e..6de664f 100644
+--- a/include/openssl/pkcs7.h
++++ b/include/openssl/pkcs7.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_PKCS7_H
+@@ -371,15 +323,13 @@ BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_PKCS7_strings(void);
+
+ /* Error codes for the PKCS7 functions. */
+
+ /* Function codes. */
+-# define PKCS7_F_B64_READ_PKCS7 120
+-# define PKCS7_F_B64_WRITE_PKCS7 121
+ # define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136
+-# define PKCS7_F_I2D_PKCS7_BIO_STREAM 140
+ # define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135
+ # define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
+ # define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
+@@ -393,7 +343,6 @@ void ERR_load_PKCS7_strings(void);
+ # define PKCS7_F_PKCS7_DATADECODE 112
+ # define PKCS7_F_PKCS7_DATAFINAL 128
+ # define PKCS7_F_PKCS7_DATAINIT 105
+-# define PKCS7_F_PKCS7_DATASIGN 106
+ # define PKCS7_F_PKCS7_DATAVERIFY 107
+ # define PKCS7_F_PKCS7_DECRYPT 114
+ # define PKCS7_F_PKCS7_DECRYPT_RINFO 133
+@@ -414,8 +363,6 @@ void ERR_load_PKCS7_strings(void);
+ # define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137
+ # define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
+ # define PKCS7_F_PKCS7_VERIFY 117
+-# define PKCS7_F_SMIME_READ_PKCS7 122
+-# define PKCS7_F_SMIME_TEXT 123
+
+ /* Reason codes. */
+ # define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117
+@@ -423,46 +370,29 @@ void ERR_load_PKCS7_strings(void);
+ # define PKCS7_R_CIPHER_NOT_INITIALIZED 116
+ # define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
+ # define PKCS7_R_CTRL_ERROR 152
+-# define PKCS7_R_DECODE_ERROR 130
+-# define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100
+ # define PKCS7_R_DECRYPT_ERROR 119
+ # define PKCS7_R_DIGEST_FAILURE 101
+ # define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
+ # define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
+ # define PKCS7_R_ERROR_ADDING_RECIPIENT 120
+ # define PKCS7_R_ERROR_SETTING_CIPHER 121
+-# define PKCS7_R_INVALID_MIME_TYPE 131
+ # define PKCS7_R_INVALID_NULL_POINTER 143
+ # define PKCS7_R_INVALID_SIGNED_DATA_TYPE 155
+-# define PKCS7_R_MIME_NO_CONTENT_TYPE 132
+-# define PKCS7_R_MIME_PARSE_ERROR 133
+-# define PKCS7_R_MIME_SIG_PARSE_ERROR 134
+-# define PKCS7_R_MISSING_CERIPEND_INFO 103
+ # define PKCS7_R_NO_CONTENT 122
+-# define PKCS7_R_NO_CONTENT_TYPE 135
+ # define PKCS7_R_NO_DEFAULT_DIGEST 151
+ # define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
+-# define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136
+-# define PKCS7_R_NO_MULTIPART_BOUNDARY 137
+ # define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
+-# define PKCS7_R_NO_RECIPIENT_MATCHES_KEY 146
+ # define PKCS7_R_NO_SIGNATURES_ON_DATA 123
+ # define PKCS7_R_NO_SIGNERS 142
+-# define PKCS7_R_NO_SIG_CONTENT_TYPE 138
+ # define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
+ # define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
+ # define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
+-# define PKCS7_R_PKCS7_DATAFINAL 126
+-# define PKCS7_R_PKCS7_DATAFINAL_ERROR 125
+ # define PKCS7_R_PKCS7_DATASIGN 145
+-# define PKCS7_R_PKCS7_PARSE_ERROR 139
+-# define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140
+ # define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
+ # define PKCS7_R_SIGNATURE_FAILURE 105
+ # define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
+ # define PKCS7_R_SIGNING_CTRL_FAILURE 147
+ # define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
+-# define PKCS7_R_SIG_INVALID_MIME_TYPE 141
+ # define PKCS7_R_SMIME_TEXT_ERROR 129
+ # define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
+ # define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107
+@@ -474,7 +404,7 @@ void ERR_load_PKCS7_strings(void);
+ # define PKCS7_R_WRONG_CONTENT_TYPE 113
+ # define PKCS7_R_WRONG_PKCS7_TYPE 114
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/rand.h b/include/openssl/rand.h
+index d337ee7..679cf09 100644
+--- a/include/openssl/rand.h
++++ b/include/openssl/rand.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_RAND_H
+@@ -125,29 +77,18 @@ int RAND_event(UINT, WPARAM, LPARAM);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_RAND_strings(void);
+
+ /* Error codes for the RAND functions. */
+
+ /* Function codes. */
+-# define RAND_F_FIPS_RAND 102
+-# define RAND_F_FIPS_RAND_SET_DT 103
+-# define RAND_F_FIPS_SET_PRNG_SEED 104
+-# define RAND_F_FIPS_SET_TEST_MODE 105
+-# define RAND_F_FIPS_X931_SET_DT 106
+ # define RAND_F_RAND_BYTES 100
+-# define RAND_F_RAND_GET_RAND_METHOD 101
+
+ /* Reason codes. */
+-# define RAND_R_NOT_IN_TEST_MODE 101
+-# define RAND_R_NO_KEY_SET 102
+-# define RAND_R_PRNG_ERROR 103
+-# define RAND_R_PRNG_KEYED 104
+ # define RAND_R_PRNG_NOT_SEEDED 100
+-# define RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY 105
+-# define RAND_R_PRNG_STUCK 106
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/rc2.h b/include/openssl/rc2.h
+index 50be22d..585f9e4 100644
+--- a/include/openssl/rc2.h
++++ b/include/openssl/rc2.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_RC2_H
+diff --git a/include/openssl/rc4.h b/include/openssl/rc4.h
+index a5fdbfb..86803b3 100644
+--- a/include/openssl/rc4.h
++++ b/include/openssl/rc4.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_RC4_H
+diff --git a/include/openssl/rc5.h b/include/openssl/rc5.h
+index c1ff358..793f88e 100644
+--- a/include/openssl/rc5.h
++++ b/include/openssl/rc5.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_RC5_H
+diff --git a/include/openssl/ripemd.h b/include/openssl/ripemd.h
+index 97e5df7..c42026a 100644
+--- a/include/openssl/ripemd.h
++++ b/include/openssl/ripemd.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_RIPEMD_H
+diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
+index 1698fb3..6a68058 100644
+--- a/include/openssl/rsa.h
++++ b/include/openssl/rsa.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_RSA_H
+@@ -510,18 +462,14 @@ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_RSA_strings(void);
+
+ /* Error codes for the RSA functions. */
+
+ /* Function codes. */
+ # define RSA_F_CHECK_PADDING_MD 140
+-# define RSA_F_DO_RSA_PRINT 146
+-# define RSA_F_FIPS_RSA_SIGN_DIGEST 149
+-# define RSA_F_FIPS_RSA_VERIFY 150
+-# define RSA_F_FIPS_RSA_VERIFY_DIGEST 151
+ # define RSA_F_INT_RSA_VERIFY 145
+-# define RSA_F_MEMORY_LOCK 100
+ # define RSA_F_OLD_RSA_PRIV_DECODE 147
+ # define RSA_F_PKEY_RSA_CTRL 143
+ # define RSA_F_PKEY_RSA_CTRL_STR 144
+@@ -532,22 +480,22 @@ void ERR_load_RSA_strings(void);
+ # define RSA_F_RSA_CHECK_KEY 123
+ # define RSA_F_RSA_CHECK_KEY_EX 160
+ # define RSA_F_RSA_CMS_DECRYPT 159
+-# define RSA_F_RSA_OSSL_PRIVATE_DECRYPT 101
+-# define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 102
+-# define RSA_F_RSA_OSSL_PUBLIC_DECRYPT 103
+-# define RSA_F_RSA_OSSL_PUBLIC_ENCRYPT 104
+-# define RSA_F_RSA_GENERATE_KEY 105
+ # define RSA_F_RSA_ITEM_VERIFY 148
+ # define RSA_F_RSA_MEMORY_LOCK 130
++# define RSA_F_RSA_METH_DUP 161
++# define RSA_F_RSA_METH_NEW 162
++# define RSA_F_RSA_METH_SET1_NAME 163
+ # define RSA_F_RSA_MGF1_TO_MD 157
+ # define RSA_F_RSA_NEW_METHOD 106
+ # define RSA_F_RSA_NULL 124
+-# define RSA_F_RSA_NULL_MOD_EXP 131
+ # define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132
+ # define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133
+ # define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134
+ # define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
+-# define RSA_F_RSA_OAEP_TO_CTX 158
++# define RSA_F_RSA_OSSL_PRIVATE_DECRYPT 101
++# define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 102
++# define RSA_F_RSA_OSSL_PUBLIC_DECRYPT 103
++# define RSA_F_RSA_OSSL_PUBLIC_ENCRYPT 104
+ # define RSA_F_RSA_PADDING_ADD_NONE 107
+ # define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
+ # define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 154
+@@ -566,7 +514,6 @@ void ERR_load_RSA_strings(void);
+ # define RSA_F_RSA_PADDING_CHECK_X931 128
+ # define RSA_F_RSA_PRINT 115
+ # define RSA_F_RSA_PRINT_FP 116
+-# define RSA_F_RSA_PRIV_DECODE 137
+ # define RSA_F_RSA_PRIV_ENCODE 138
+ # define RSA_F_RSA_PSS_TO_CTX 155
+ # define RSA_F_RSA_PUB_DECODE 139
+@@ -601,7 +548,6 @@ void ERR_load_RSA_strings(void);
+ # define RSA_R_INVALID_DIGEST 157
+ # define RSA_R_INVALID_DIGEST_LENGTH 143
+ # define RSA_R_INVALID_HEADER 137
+-# define RSA_R_INVALID_KEYBITS 145
+ # define RSA_R_INVALID_LABEL 160
+ # define RSA_R_INVALID_MESSAGE_LENGTH 131
+ # define RSA_R_INVALID_MGF1_MD 156
+@@ -635,7 +581,6 @@ void ERR_load_RSA_strings(void);
+ # define RSA_R_UNKNOWN_DIGEST 166
+ # define RSA_R_UNKNOWN_MASK_DIGEST 151
+ # define RSA_R_UNKNOWN_PADDING_TYPE 118
+-# define RSA_R_UNKNOWN_PSS_DIGEST 152
+ # define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE 162
+ # define RSA_R_UNSUPPORTED_LABEL_SOURCE 163
+ # define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
+@@ -644,9 +589,8 @@ void ERR_load_RSA_strings(void);
+ # define RSA_R_VALUE_MISSING 147
+ # define RSA_R_WRONG_SIGNATURE_LENGTH 119
+
+-# ifdef __cplusplus
++# ifdef __cplusplus
+ }
++# endif
+ # endif
+-# endif
+-
+ #endif
+diff --git a/include/openssl/safestack.h b/include/openssl/safestack.h
+index 538774d..306b3ac 100644
+--- a/include/openssl/safestack.h
++++ b/include/openssl/safestack.h
+@@ -1,56 +1,10 @@
+-/* automatically generated by util/mkstack.pl */
+-/* ====================================================================
+- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_SAFESTACK_H
+@@ -63,124 +17,105 @@
+ extern "C" {
+ #endif
+
+-# ifndef CHECKED_PTR_OF
+-# define CHECKED_PTR_OF(type, p) ((void*) (1 ? p : (type*)0))
+-# endif
+-
+-/*
+- * In C++ we get problems because an explicit cast is needed from (void *) we
+- * use CHECKED_STACK_OF to ensure the correct type is passed in the macros
+- * below.
+- */
+-
+-# define CHECKED_STACK_OF(type, p) \
+- ((_STACK*) (1 ? p : (STACK_OF(type)*)0))
+-
+-# define CHECKED_SK_COPY_FUNC(type, p) \
+- ((void *(*)(void *)) ((1 ? p : (type *(*)(const type *))0)))
+-
+-# define CHECKED_SK_FREE_FUNC(type, p) \
+- ((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))
+-
+-# define CHECKED_SK_CMP_FUNC(type, p) \
+- ((int (*)(const void *, const void *)) \
+- ((1 ? p : (int (*)(const type * const *, const type * const *))0)))
+-
+ # define STACK_OF(type) struct stack_st_##type
+
+ # define SKM_DEFINE_STACK_OF(t1, t2, t3) \
+ STACK_OF(t1); \
++ typedef int (*sk_##t1##_compfunc)(const t3 * const *a, const t3 *const *b); \
++ typedef void (*sk_##t1##_freefunc)(t3 *a); \
++ typedef t3 * (*sk_##t1##_copyfunc)(const t3 *a); \
+ static ossl_inline int sk_##t1##_num(const STACK_OF(t1) *sk) \
+ { \
+- return sk_num((_STACK *)sk); \
++ return OPENSSL_sk_num((const OPENSSL_STACK *)sk); \
+ } \
+ static ossl_inline t2 *sk_##t1##_value(const STACK_OF(t1) *sk, int idx) \
+ { \
+- return (t2 *)sk_value((_STACK *)sk, idx); \
++ return (t2 *)OPENSSL_sk_value((const OPENSSL_STACK *)sk, idx); \
+ } \
+- static ossl_inline STACK_OF(t1) *sk_##t1##_new(int (*cmpf)(const t3 * const *a, const t3 * const *b)) \
++ static ossl_inline STACK_OF(t1) *sk_##t1##_new(sk_##t1##_compfunc compare) \
+ { \
+- return (STACK_OF(t1) *)sk_new((int (*)(const void *a, const void *b))cmpf); \
++ return (STACK_OF(t1) *)OPENSSL_sk_new((OPENSSL_sk_compfunc)compare); \
+ } \
+ static ossl_inline STACK_OF(t1) *sk_##t1##_new_null(void) \
+ { \
+- return (STACK_OF(t1) *)sk_new_null(); \
++ return (STACK_OF(t1) *)OPENSSL_sk_new_null(); \
+ } \
+- static ossl_inline void sk_##t1##_free(const STACK_OF(t1) *sk) \
++ static ossl_inline void sk_##t1##_free(STACK_OF(t1) *sk) \
+ { \
+- sk_free((_STACK *)sk); \
++ OPENSSL_sk_free((OPENSSL_STACK *)sk); \
+ } \
+- static ossl_inline void sk_##t1##_zero(const STACK_OF(t1) *sk) \
++ static ossl_inline void sk_##t1##_zero(STACK_OF(t1) *sk) \
+ { \
+- sk_zero((_STACK *)sk); \
++ OPENSSL_sk_zero((OPENSSL_STACK *)sk); \
+ } \
+ static ossl_inline t2 *sk_##t1##_delete(STACK_OF(t1) *sk, int i) \
+ { \
+- return (t2 *)sk_delete((_STACK *)sk, i); \
++ return (t2 *)OPENSSL_sk_delete((OPENSSL_STACK *)sk, i); \
+ } \
+ static ossl_inline t2 *sk_##t1##_delete_ptr(STACK_OF(t1) *sk, t2 *ptr) \
+ { \
+- return (t2 *)sk_delete_ptr((_STACK *)sk, (void *)ptr); \
++ return (t2 *)OPENSSL_sk_delete_ptr((OPENSSL_STACK *)sk, \
++ (const void *)ptr); \
+ } \
+ static ossl_inline int sk_##t1##_push(STACK_OF(t1) *sk, t2 *ptr) \
+ { \
+- return sk_push((_STACK *)sk, (void *)ptr); \
++ return OPENSSL_sk_push((OPENSSL_STACK *)sk, (void *)ptr); \
+ } \
+ static ossl_inline int sk_##t1##_unshift(STACK_OF(t1) *sk, t2 *ptr) \
+ { \
+- return sk_unshift((_STACK *)sk, (void *)ptr); \
++ return OPENSSL_sk_unshift((OPENSSL_STACK *)sk, (void *)ptr); \
+ } \
+ static ossl_inline t2 *sk_##t1##_pop(STACK_OF(t1) *sk) \
+ { \
+- return (t2 *)sk_pop((_STACK *)sk); \
++ return (t2 *)OPENSSL_sk_pop((OPENSSL_STACK *)sk); \
+ } \
+ static ossl_inline t2 *sk_##t1##_shift(STACK_OF(t1) *sk) \
+ { \
+- return (t2 *)sk_shift((_STACK *)sk); \
++ return (t2 *)OPENSSL_sk_shift((OPENSSL_STACK *)sk); \
+ } \
+- static ossl_inline void sk_##t1##_pop_free(STACK_OF(t1) *sk, void (*func)(t3 *a)) \
++ static ossl_inline void sk_##t1##_pop_free(STACK_OF(t1) *sk, sk_##t1##_freefunc freefunc) \
+ { \
+- sk_pop_free((_STACK *)sk, (void (*)(void *))func); \
++ OPENSSL_sk_pop_free((OPENSSL_STACK *)sk, (OPENSSL_sk_freefunc)freefunc); \
+ } \
+ static ossl_inline int sk_##t1##_insert(STACK_OF(t1) *sk, t2 *ptr, int idx) \
+ { \
+- return sk_insert((_STACK *)sk, (void *)ptr, idx); \
++ return OPENSSL_sk_insert((OPENSSL_STACK *)sk, (void *)ptr, idx); \
+ } \
+ static ossl_inline t2 *sk_##t1##_set(STACK_OF(t1) *sk, int idx, t2 *ptr) \
+ { \
+- return (t2 *)sk_set((_STACK *)sk, idx, (void *)ptr); \
++ return (t2 *)OPENSSL_sk_set((OPENSSL_STACK *)sk, idx, (void *)ptr); \
+ } \
+ static ossl_inline int sk_##t1##_find(STACK_OF(t1) *sk, t2 *ptr) \
+ { \
+- return sk_find((_STACK *)sk, (void *)ptr); \
++ return OPENSSL_sk_find((OPENSSL_STACK *)sk, (const void *)ptr); \
+ } \
+ static ossl_inline int sk_##t1##_find_ex(STACK_OF(t1) *sk, t2 *ptr) \
+ { \
+- return sk_find_ex((_STACK *)sk, (void *)ptr); \
++ return OPENSSL_sk_find_ex((OPENSSL_STACK *)sk, (const void *)ptr); \
+ } \
+- static ossl_inline void sk_##t1##_sort(const STACK_OF(t1) *sk) \
++ static ossl_inline void sk_##t1##_sort(STACK_OF(t1) *sk) \
+ { \
+- sk_sort((_STACK *)sk); \
++ OPENSSL_sk_sort((OPENSSL_STACK *)sk); \
+ } \
+ static ossl_inline int sk_##t1##_is_sorted(const STACK_OF(t1) *sk) \
+ { \
+- return sk_is_sorted((_STACK *)sk); \
++ return OPENSSL_sk_is_sorted((const OPENSSL_STACK *)sk); \
+ } \
+ static ossl_inline STACK_OF(t1) * sk_##t1##_dup(STACK_OF(t1) *sk) \
+ { \
+- return (STACK_OF(t1) *)sk_dup((_STACK *)sk); \
++ return (STACK_OF(t1) *)OPENSSL_sk_dup((OPENSSL_STACK *)sk); \
+ } \
+ static ossl_inline STACK_OF(t1) *sk_##t1##_deep_copy(STACK_OF(t1) *sk, \
+- t3 *(*copyfn)(const t3 *), \
+- void (*freefn)(t3 *)) \
++ sk_##t1##_copyfunc copyfunc, \
++ sk_##t1##_freefunc freefunc) \
+ { \
+- return (STACK_OF(t1) *)sk_deep_copy((_STACK *)sk, \
+- (void * (*)(void *a))copyfn, \
+- (void (*)(void *a))freefn); \
++ return (STACK_OF(t1) *)OPENSSL_sk_deep_copy((OPENSSL_STACK *)sk, \
++ (OPENSSL_sk_copyfunc)copyfunc, \
++ (OPENSSL_sk_freefunc)freefunc); \
+ } \
+- static ossl_inline int (*sk_##t1##_set_cmp_func(STACK_OF(t1) *sk, int (*cmpf)(const t3 * const *a, const t3 * const *b)))(const t3 * const *, const t3 * const *) \
++ static ossl_inline sk_##t1##_compfunc sk_##t1##_set_cmp_func(STACK_OF(t1) *sk, sk_##t1##_compfunc compare) \
+ { \
+- return (int (*)(const t3 * const *,const t3 * const *))sk_set_cmp_func((_STACK *)sk, (int (*)(const void *a, const void *b))cmpf); \
++ return (sk_##t1##_compfunc)OPENSSL_sk_set_cmp_func((OPENSSL_STACK *)sk, (OPENSSL_sk_compfunc)compare); \
+ }
+
+ # define DEFINE_SPECIAL_STACK_OF(t1, t2) SKM_DEFINE_STACK_OF(t1, t2, t2)
+diff --git a/include/openssl/seed.h b/include/openssl/seed.h
+index e643e76..bb97131 100644
+--- a/include/openssl/seed.h
++++ b/include/openssl/seed.h
+@@ -1,4 +1,13 @@
+ /*
++ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -21,60 +30,6 @@
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+- *
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+ */
+
+ #ifndef HEADER_SEED_H
+diff --git a/include/openssl/sha.h b/include/openssl/sha.h
+index 27c7cab..6a1eb0d 100644
+--- a/include/openssl/sha.h
++++ b/include/openssl/sha.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_SHA_H
+diff --git a/include/openssl/srp.h b/include/openssl/srp.h
+index 37e7678..1007b83 100644
+--- a/include/openssl/srp.h
++++ b/include/openssl/srp.h
+@@ -1,61 +1,12 @@
+ /*
+- * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
+- * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
+- * EdelKey project and contributed to the OpenSSL project 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #ifndef HEADER_SRP_H
+ # define HEADER_SRP_H
+
+@@ -106,7 +57,7 @@ typedef struct SRP_VBASE_st {
+ } SRP_VBASE;
+
+ /*
+- * Structure interne pour retenir les couples N et g
++ * Internal structure storing N and g pair
+ */
+ typedef struct SRP_gN_st {
+ char *id;
+diff --git a/include/openssl/srtp.h b/include/openssl/srtp.h
+index da9369e..5ddfa46 100644
+--- a/include/openssl/srtp.h
++++ b/include/openssl/srtp.h
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /*
+ * DTLS code by Eric Rescorla <ekr at rtfm.com>
+ *
+diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
+index 44f44bf..f019f64 100644
+--- a/include/openssl/ssl.h
++++ b/include/openssl/ssl.h
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+@@ -884,6 +784,7 @@ __owur int SSL_extension_supported(unsigned int ext_type);
+ # define SSL_READING 3
+ # define SSL_X509_LOOKUP 4
+ # define SSL_ASYNC_PAUSED 5
++# define SSL_ASYNC_NO_JOBS 6
+
+ /* These will only be used when doing non-blocking IO */
+ # define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
+@@ -891,6 +792,7 @@ __owur int SSL_extension_supported(unsigned int ext_type);
+ # define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
+ # define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+ # define SSL_want_async(s) (SSL_want(s) == SSL_ASYNC_PAUSED)
++# define SSL_want_async_job(s) (SSL_want(s) == SSL_ASYNC_NO_JOBS)
+
+ # define SSL_MAC_FLAG_READ_MAC_STREAM 1
+ # define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
+@@ -1122,6 +1024,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+ # define SSL_ERROR_WANT_CONNECT 7
+ # define SSL_ERROR_WANT_ACCEPT 8
+ # define SSL_ERROR_WANT_ASYNC 9
++# define SSL_ERROR_WANT_ASYNC_JOB 10
+ # define SSL_CTRL_SET_TMP_DH 3
+ # define SSL_CTRL_SET_TMP_ECDH 4
+ # define SSL_CTRL_SET_TMP_DH_CB 6
+@@ -1376,7 +1279,7 @@ void BIO_ssl_shutdown(BIO *ssl_bio);
+
+ __owur int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
+ __owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
+-void SSL_CTX_up_ref(SSL_CTX *ctx);
++int SSL_CTX_up_ref(SSL_CTX *ctx);
+ void SSL_CTX_free(SSL_CTX *);
+ __owur long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
+ __owur long SSL_CTX_get_timeout(const SSL_CTX *ctx);
+@@ -1551,7 +1454,7 @@ __owur int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid
+ unsigned int sid_ctx_len);
+
+ SSL *SSL_new(SSL_CTX *ctx);
+-void SSL_up_ref(SSL *s);
++int SSL_up_ref(SSL *s);
+ __owur int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
+
+@@ -1738,6 +1641,7 @@ __owur int SSL_get_quiet_shutdown(const SSL *ssl);
+ void SSL_set_shutdown(SSL *ssl, int mode);
+ __owur int SSL_get_shutdown(const SSL *ssl);
+ __owur int SSL_version(const SSL *ssl);
++__owur int SSL_client_version(const SSL *s);
+ __owur int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+ __owur int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx);
+ __owur int SSL_CTX_set_default_verify_file(SSL_CTX *ctx);
+@@ -2103,6 +2007,7 @@ extern const char SSL_version_str[];
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_SSL_strings(void);
+
+ /* Error codes for the SSL functions. */
+@@ -2117,21 +2022,12 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_DANE_TLSA_ADD 394
+ # define SSL_F_DO_DTLS1_WRITE 245
+ # define SSL_F_DO_SSL3_WRITE 104
+-# define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
+ # define SSL_F_DTLS1_BUFFER_RECORD 247
+ # define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 318
+-# define SSL_F_DTLS1_ENC 250
+-# define SSL_F_DTLS1_GET_HELLO_VERIFY 251
+-# define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
+-# define SSL_F_DTLS1_HANDLE_TIMEOUT 297
+ # define SSL_F_DTLS1_HEARTBEAT 305
+ # define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
+-# define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
+ # define SSL_F_DTLS1_PROCESS_RECORD 257
+ # define SSL_F_DTLS1_READ_BYTES 258
+-# define SSL_F_DTLS1_READ_FAILED 259
+-# define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260
+-# define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264
+ # define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268
+ # define SSL_F_DTLSV1_LISTEN 350
+ # define SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC 371
+@@ -2140,11 +2036,8 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_DTLS_PROCESS_HELLO_VERIFY 386
+ # define SSL_F_OPENSSL_INIT_SSL 342
+ # define SSL_F_READ_STATE_MACHINE 352
+-# define SSL_F_SSL3_ADD_CERT_TO_BUF 296
+-# define SSL_F_SSL3_CALLBACK_CTRL 233
+ # define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
+ # define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
+-# define SSL_F_SSL3_CHECK_FINISHED 339
+ # define SSL_F_SSL3_CTRL 213
+ # define SSL_F_SSL3_CTX_CTRL 133
+ # define SSL_F_SSL3_DIGEST_CACHED_RECORDS 293
+@@ -2153,9 +2046,7 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
+ # define SSL_F_SSL3_GENERATE_MASTER_SECRET 388
+ # define SSL_F_SSL3_GET_RECORD 143
+-# define SSL_F_SSL3_NEW_SESSION_TICKET 287
+ # define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
+-# define SSL_F_SSL3_PEEK 235
+ # define SSL_F_SSL3_READ_BYTES 148
+ # define SSL_F_SSL3_READ_N 149
+ # define SSL_F_SSL3_SETUP_KEY_BLOCK 157
+@@ -2163,7 +2054,6 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_SSL3_SETUP_WRITE_BUFFER 291
+ # define SSL_F_SSL3_WRITE_BYTES 158
+ # define SSL_F_SSL3_WRITE_PENDING 159
+-# define SSL_F_SSL_ACCEPT 390
+ # define SSL_F_SSL_ADD_CERT_CHAIN 316
+ # define SSL_F_SSL_ADD_CERT_TO_BUF 319
+ # define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
+@@ -2179,7 +2069,6 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
+ # define SSL_F_SSL_CERT_ADD0_CHAIN_CERT 346
+ # define SSL_F_SSL_CERT_DUP 221
+-# define SSL_F_SSL_CERT_INSTANTIATE 214
+ # define SSL_F_SSL_CERT_NEW 162
+ # define SSL_F_SSL_CERT_SET0_CHAIN 340
+ # define SSL_F_SSL_CHECK_PRIVATE_KEY 163
+@@ -2200,10 +2089,8 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
+ # define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
+ # define SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK 396
+-# define SSL_F_SSL_CTX_SET_PURPOSE 226
+ # define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
+ # define SSL_F_SSL_CTX_SET_SSL_VERSION 170
+-# define SSL_F_SSL_CTX_SET_TRUST 229
+ # define SSL_F_SSL_CTX_USE_CERTIFICATE 171
+ # define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
+ # define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
+@@ -2216,16 +2103,14 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
+ # define SSL_F_SSL_CTX_USE_SERVERINFO 336
+ # define SSL_F_SSL_CTX_USE_SERVERINFO_FILE 337
++# define SSL_F_SSL_DANE_DUP 403
+ # define SSL_F_SSL_DANE_ENABLE 395
+ # define SSL_F_SSL_DO_CONFIG 391
+ # define SSL_F_SSL_DO_HANDSHAKE 180
+ # define SSL_F_SSL_ENABLE_CT 402
+-# define SSL_F_SSL_GET0_PEER_SCTS 397
+ # define SSL_F_SSL_GET_NEW_SESSION 181
+ # define SSL_F_SSL_GET_PREV_SESSION 217
+ # define SSL_F_SSL_GET_SERVER_CERT_INDEX 322
+-# define SSL_F_SSL_GET_SERVER_SEND_CERT 182
+-# define SSL_F_SSL_GET_SERVER_SEND_PKEY 317
+ # define SSL_F_SSL_GET_SIGN_PKEY 183
+ # define SSL_F_SSL_INIT_WBIO_BUFFER 184
+ # define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
+@@ -2238,8 +2123,6 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
+ # define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
+ # define SSL_F_SSL_PEEK 270
+-# define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
+-# define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
+ # define SSL_F_SSL_READ 223
+ # define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320
+ # define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321
+@@ -2253,17 +2136,14 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_SSL_SET_CT_VALIDATION_CALLBACK 399
+ # define SSL_F_SSL_SET_FD 192
+ # define SSL_F_SSL_SET_PKEY 193
+-# define SSL_F_SSL_SET_PURPOSE 227
+ # define SSL_F_SSL_SET_RFD 194
+ # define SSL_F_SSL_SET_SESSION 195
+ # define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
+ # define SSL_F_SSL_SET_SESSION_TICKET_EXT 294
+-# define SSL_F_SSL_SET_TRUST 228
+ # define SSL_F_SSL_SET_WFD 196
+ # define SSL_F_SSL_SHUTDOWN 224
+ # define SSL_F_SSL_SRP_CTX_INIT 313
+ # define SSL_F_SSL_START_ASYNC_JOB 389
+-# define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
+ # define SSL_F_SSL_UNDEFINED_FUNCTION 197
+ # define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
+ # define SSL_F_SSL_USE_CERTIFICATE 198
+@@ -2283,12 +2163,9 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_TLS12_CHECK_PEER_SIGALG 333
+ # define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
+ # define SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS 341
+-# define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
+ # define SSL_F_TLS1_ENC 401
+ # define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
+ # define SSL_F_TLS1_GET_CURVELIST 338
+-# define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
+-# define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
+ # define SSL_F_TLS1_PRF 284
+ # define SSL_F_TLS1_SETUP_KEY_BLOCK 211
+ # define SSL_F_TLS1_SET_SERVER_SIGALGS 335
+@@ -2330,43 +2207,23 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
+ # define SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE 143
+ # define SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE 158
+-# define SSL_R_BAD_ALERT_RECORD 101
+ # define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
+ # define SSL_R_BAD_DATA 390
+ # define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
+ # define SSL_R_BAD_DECOMPRESSION 107
+-# define SSL_R_BAD_DH_G_LENGTH 108
+-# define SSL_R_BAD_DH_G_VALUE 375
+-# define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
+-# define SSL_R_BAD_DH_PUB_KEY_VALUE 393
+-# define SSL_R_BAD_DH_P_LENGTH 110
+-# define SSL_R_BAD_DH_P_VALUE 395
+ # define SSL_R_BAD_DH_VALUE 102
+ # define SSL_R_BAD_DIGEST_LENGTH 111
+-# define SSL_R_BAD_DSA_SIGNATURE 112
+ # define SSL_R_BAD_ECC_CERT 304
+-# define SSL_R_BAD_ECDSA_SIGNATURE 305
+ # define SSL_R_BAD_ECPOINT 306
+ # define SSL_R_BAD_HANDSHAKE_LENGTH 332
+ # define SSL_R_BAD_HELLO_REQUEST 105
+ # define SSL_R_BAD_LENGTH 271
+-# define SSL_R_BAD_MAC_LENGTH 333
+-# define SSL_R_BAD_MESSAGE_TYPE 114
+ # define SSL_R_BAD_PACKET_LENGTH 115
+ # define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
+-# define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316
+-# define SSL_R_BAD_RSA_DECRYPT 118
+ # define SSL_R_BAD_RSA_ENCRYPT 119
+-# define SSL_R_BAD_RSA_E_LENGTH 120
+-# define SSL_R_BAD_RSA_MODULUS_LENGTH 121
+-# define SSL_R_BAD_RSA_SIGNATURE 122
+ # define SSL_R_BAD_SIGNATURE 123
+ # define SSL_R_BAD_SRP_A_LENGTH 347
+-# define SSL_R_BAD_SRP_B_LENGTH 348
+-# define SSL_R_BAD_SRP_G_LENGTH 349
+-# define SSL_R_BAD_SRP_N_LENGTH 350
+ # define SSL_R_BAD_SRP_PARAMETERS 371
+-# define SSL_R_BAD_SRP_S_LENGTH 351
+ # define SSL_R_BAD_SRTP_MKI_VALUE 352
+ # define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
+ # define SSL_R_BAD_SSL_FILETYPE 124
+@@ -2376,7 +2233,6 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
+ # define SSL_R_BN_LIB 130
+ # define SSL_R_CA_DN_LENGTH_MISMATCH 131
+-# define SSL_R_CA_DN_TOO_LONG 132
+ # define SSL_R_CA_KEY_TOO_SMALL 397
+ # define SSL_R_CA_MD_TOO_WEAK 398
+ # define SSL_R_CCS_RECEIVED_EARLY 133
+@@ -2416,12 +2272,8 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_DIGEST_CHECK_FAILED 149
+ # define SSL_R_DTLS_MESSAGE_TOO_BIG 334
+ # define SSL_R_DUPLICATE_COMPRESSION_ID 309
+-# define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317
+ # define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
+-# define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
+-# define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
+ # define SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE 374
+-# define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
+ # define SSL_R_EE_KEY_TOO_SMALL 399
+ # define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
+ # define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
+@@ -2432,8 +2284,6 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_FAILED_TO_INIT_ASYNC 405
+ # define SSL_R_FRAGMENTED_CLIENT_HELLO 401
+ # define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
+-# define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
+-# define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
+ # define SSL_R_HTTPS_PROXY_REQUEST 155
+ # define SSL_R_HTTP_REQUEST 156
+ # define SSL_R_ILLEGAL_SUITEB_DIGEST 380
+@@ -2445,23 +2295,17 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_INVALID_CONFIGURATION_NAME 113
+ # define SSL_R_INVALID_CT_VALIDATION_TYPE 212
+ # define SSL_R_INVALID_NULL_CMD_NAME 385
+-# define SSL_R_INVALID_PURPOSE 278
+ # define SSL_R_INVALID_SEQUENCE_NUMBER 402
+ # define SSL_R_INVALID_SERVERINFO_DATA 388
+ # define SSL_R_INVALID_SRP_USERNAME 357
+ # define SSL_R_INVALID_STATUS_RESPONSE 328
+ # define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
+-# define SSL_R_INVALID_TRUST 279
+ # define SSL_R_LENGTH_MISMATCH 159
+ # define SSL_R_LENGTH_TOO_LONG 404
+ # define SSL_R_LENGTH_TOO_SHORT 160
+ # define SSL_R_LIBRARY_BUG 274
+ # define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
+-# define SSL_R_MISSING_DH_DSA_CERT 162
+-# define SSL_R_MISSING_DH_KEY 163
+-# define SSL_R_MISSING_DH_RSA_CERT 164
+ # define SSL_R_MISSING_DSA_SIGNING_CERT 165
+-# define SSL_R_MISSING_ECDH_CERT 382
+ # define SSL_R_MISSING_ECDSA_SIGNING_CERT 381
+ # define SSL_R_MISSING_RSA_CERTIFICATE 168
+ # define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
+@@ -2469,18 +2313,13 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_MISSING_SRP_PARAM 358
+ # define SSL_R_MISSING_TMP_DH_KEY 171
+ # define SSL_R_MISSING_TMP_ECDH_KEY 311
+-# define SSL_R_MISSING_VERIFY_MESSAGE 174
+-# define SSL_R_MULTIPLE_SGC_RESTARTS 346
+ # define SSL_R_NO_CERTIFICATES_RETURNED 176
+ # define SSL_R_NO_CERTIFICATE_ASSIGNED 177
+-# define SSL_R_NO_CERTIFICATE_RETURNED 178
+ # define SSL_R_NO_CERTIFICATE_SET 179
+ # define SSL_R_NO_CIPHERS_AVAILABLE 181
+-# define SSL_R_NO_CIPHERS_PASSED 182
+ # define SSL_R_NO_CIPHERS_SPECIFIED 183
+ # define SSL_R_NO_CIPHER_MATCH 185
+ # define SSL_R_NO_CLIENT_CERT_METHOD 331
+-# define SSL_R_NO_CLIENT_CERT_RECEIVED 186
+ # define SSL_R_NO_COMPRESSION_SPECIFIED 187
+ # define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
+ # define SSL_R_NO_METHOD_SPECIFIED 188
+@@ -2493,13 +2332,11 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_NO_SHARED_SIGATURE_ALGORITHMS 376
+ # define SSL_R_NO_SRTP_PROFILES 359
+ # define SSL_R_NO_VALID_SCTS 216
+-# define SSL_R_NO_VERIFY_CALLBACK 194
+ # define SSL_R_NO_VERIFY_COOKIE_CALLBACK 403
+ # define SSL_R_NULL_SSL_CTX 195
+ # define SSL_R_NULL_SSL_METHOD_PASSED 196
+ # define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
+ # define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
+-# define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
+ # define SSL_R_PACKET_LENGTH_TOO_LONG 198
+ # define SSL_R_PARSE_TLSEXT 227
+ # define SSL_R_PATH_TOO_LONG 270
+@@ -2507,7 +2344,6 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_PEM_NAME_BAD_PREFIX 391
+ # define SSL_R_PEM_NAME_TOO_SHORT 392
+ # define SSL_R_PIPELINE_FAILURE 406
+-# define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
+ # define SSL_R_PROTOCOL_IS_SHUTDOWN 207
+ # define SSL_R_PSK_IDENTITY_NOT_FOUND 223
+ # define SSL_R_PSK_NO_CLIENT_CB 224
+@@ -2515,18 +2351,16 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_READ_BIO_NOT_SET 211
+ # define SSL_R_READ_TIMEOUT_EXPIRED 312
+ # define SSL_R_RECORD_LENGTH_MISMATCH 213
+-# define SSL_R_RECORD_TOO_LARGE 214
+ # define SSL_R_RECORD_TOO_SMALL 298
+ # define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
+ # define SSL_R_RENEGOTIATION_ENCODING_ERR 336
+ # define SSL_R_RENEGOTIATION_MISMATCH 337
+ # define SSL_R_REQUIRED_CIPHER_MISSING 215
+-# define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
++# define SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING 342
+ # define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
+ # define SSL_R_SCT_VERIFICATION_FAILED 208
+ # define SSL_R_SERVERHELLO_TLSEXT 275
+ # define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
+-# define SSL_R_SET_FAILED 209
+ # define SSL_R_SHUTDOWN_WHILE_IN_INIT 407
+ # define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
+ # define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
+@@ -2534,11 +2368,9 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
+ # define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
+ # define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
+-# define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
+ # define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
+ # define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
+ # define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
+-# define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
+ # define SSL_R_SSL_COMMAND_SECTION_EMPTY 117
+ # define SSL_R_SSL_COMMAND_SECTION_NOT_FOUND 125
+ # define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
+@@ -2552,19 +2384,12 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
+ # define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303
+ # define SSL_R_SSL_SESSION_VERSION_MISMATCH 210
+-# define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
+ # define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
+ # define SSL_R_TLS_HEARTBEAT_PENDING 366
+ # define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
+ # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+-# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
+-# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
+-# define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
+-# define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
+-# define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238
+ # define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
+ # define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
+-# define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240
+ # define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
+ # define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
+ # define SSL_R_UNEXPECTED_MESSAGE 244
+@@ -2580,13 +2405,10 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
+ # define SSL_R_UNKNOWN_PKEY_TYPE 251
+ # define SSL_R_UNKNOWN_PROTOCOL 252
+-# define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
+ # define SSL_R_UNKNOWN_SSL_VERSION 254
+ # define SSL_R_UNKNOWN_STATE 255
+ # define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
+-# define SSL_R_UNSUPPORTED_CIPHER 256
+ # define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
+-# define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
+ # define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
+ # define SSL_R_UNSUPPORTED_PROTOCOL 258
+ # define SSL_R_UNSUPPORTED_SSL_VERSION 259
+@@ -2597,7 +2419,6 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_WRONG_CERTIFICATE_TYPE 383
+ # define SSL_R_WRONG_CIPHER_RETURNED 261
+ # define SSL_R_WRONG_CURVE 378
+-# define SSL_R_WRONG_MESSAGE_TYPE 262
+ # define SSL_R_WRONG_SIGNATURE_LENGTH 264
+ # define SSL_R_WRONG_SIGNATURE_SIZE 265
+ # define SSL_R_WRONG_SIGNATURE_TYPE 370
+@@ -2606,7 +2427,7 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_X509_LIB 268
+ # define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/ssl2.h b/include/openssl/ssl2.h
+index e965dd5..5321bd2 100644
+--- a/include/openssl/ssl2.h
++++ b/include/openssl/ssl2.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_SSL2_H
+diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
+index 6ff00bc..aca1922 100644
+--- a/include/openssl/ssl3.h
++++ b/include/openssl/ssl3.h
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+diff --git a/include/openssl/stack.h b/include/openssl/stack.h
+index 976e6ac..9bc550f 100644
+--- a/include/openssl/stack.h
++++ b/include/openssl/stack.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_STACK_H
+@@ -62,33 +14,62 @@
+ extern "C" {
+ #endif
+
+-typedef struct stack_st _STACK; /* Use STACK_OF(...) instead */
++typedef struct stack_st OPENSSL_STACK; /* Use STACK_OF(...) instead */
++
++typedef int (*OPENSSL_sk_compfunc)(const void *, const void *);
++typedef void (*OPENSSL_sk_freefunc)(void *);
++typedef void *(*OPENSSL_sk_copyfunc)(const void *);
++
++int OPENSSL_sk_num(const OPENSSL_STACK *);
++void *OPENSSL_sk_value(const OPENSSL_STACK *, int);
+
+-int sk_num(const _STACK *);
+-void *sk_value(const _STACK *, int);
++void *OPENSSL_sk_set(OPENSSL_STACK *, int, void *);
+
+-void *sk_set(_STACK *, int, void *);
++OPENSSL_STACK *OPENSSL_sk_new(OPENSSL_sk_compfunc cmp);
++OPENSSL_STACK *OPENSSL_sk_new_null(void);
++void OPENSSL_sk_free(OPENSSL_STACK *);
++void OPENSSL_sk_pop_free(OPENSSL_STACK *st, void (*func) (void *));
++OPENSSL_STACK *OPENSSL_sk_deep_copy(OPENSSL_STACK *, OPENSSL_sk_copyfunc c, OPENSSL_sk_freefunc f);
++int OPENSSL_sk_insert(OPENSSL_STACK *sk, void *data, int where);
++void *OPENSSL_sk_delete(OPENSSL_STACK *st, int loc);
++void *OPENSSL_sk_delete_ptr(OPENSSL_STACK *st, const void *p);
++int OPENSSL_sk_find(OPENSSL_STACK *st, const void *data);
++int OPENSSL_sk_find_ex(OPENSSL_STACK *st, const void *data);
++int OPENSSL_sk_push(OPENSSL_STACK *st, void *data);
++int OPENSSL_sk_unshift(OPENSSL_STACK *st, void *data);
++void *OPENSSL_sk_shift(OPENSSL_STACK *st);
++void *OPENSSL_sk_pop(OPENSSL_STACK *st);
++void OPENSSL_sk_zero(OPENSSL_STACK *st);
++OPENSSL_sk_compfunc OPENSSL_sk_set_cmp_func(OPENSSL_STACK *sk, OPENSSL_sk_compfunc cmp);
++OPENSSL_STACK *OPENSSL_sk_dup(OPENSSL_STACK *st);
++void OPENSSL_sk_sort(OPENSSL_STACK *st);
++int OPENSSL_sk_is_sorted(const OPENSSL_STACK *st);
+
+-_STACK *sk_new(int (*cmp) (const void *, const void *));
+-_STACK *sk_new_null(void);
+-void sk_free(_STACK *);
+-void sk_pop_free(_STACK *st, void (*func) (void *));
+-_STACK *sk_deep_copy(_STACK *, void *(*)(void *), void (*)(void *));
+-int sk_insert(_STACK *sk, void *data, int where);
+-void *sk_delete(_STACK *st, int loc);
+-void *sk_delete_ptr(_STACK *st, void *p);
+-int sk_find(_STACK *st, void *data);
+-int sk_find_ex(_STACK *st, void *data);
+-int sk_push(_STACK *st, void *data);
+-int sk_unshift(_STACK *st, void *data);
+-void *sk_shift(_STACK *st);
+-void *sk_pop(_STACK *st);
+-void sk_zero(_STACK *st);
+-int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
+- (const void *, const void *);
+-_STACK *sk_dup(_STACK *st);
+-void sk_sort(_STACK *st);
+-int sk_is_sorted(const _STACK *st);
++# if OPENSSL_API_COMPAT < 0x10100000L
++# define _STACK OPENSSL_STACK
++# define sk_num OPENSSL_sk_num
++# define sk_value OPENSSL_sk_value
++# define sk_set OPENSSL_sk_set
++# define sk_new OPENSSL_sk_new
++# define sk_new_null OPENSSL_sk_new_null
++# define sk_free OPENSSL_sk_free
++# define sk_pop_free OPENSSL_sk_pop_free
++# define sk_deep_copy OPENSSL_sk_deep_copy
++# define sk_insert OPENSSL_sk_insert
++# define sk_delete OPENSSL_sk_delete
++# define sk_delete_ptr OPENSSL_sk_delete_ptr
++# define sk_find OPENSSL_sk_find
++# define sk_find_ex OPENSSL_sk_find_ex
++# define sk_push OPENSSL_sk_push
++# define sk_unshift OPENSSL_sk_unshift
++# define sk_shift OPENSSL_sk_shift
++# define sk_pop OPENSSL_sk_pop
++# define sk_zero OPENSSL_sk_zero
++# define sk_set_cmp_func OPENSSL_sk_set_cmp_func
++# define sk_dup OPENSSL_sk_dup
++# define sk_sort OPENSSL_sk_sort
++# define sk_is_sorted OPENSSL_sk_is_sorted
++# endif
+
+ #ifdef __cplusplus
+ }
+diff --git a/include/openssl/symhacks.h b/include/openssl/symhacks.h
+index 99a2de5..caf1f1a 100644
+--- a/include/openssl/symhacks.h
++++ b/include/openssl/symhacks.h
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_SYMHACKS_H
+diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
+index c3344e1..9446464 100644
+--- a/include/openssl/tls1.h
++++ b/include/openssl/tls1.h
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -156,7 +56,7 @@
+ extern "C" {
+ #endif
+
+-/* Default security level if not overriden at config time */
++/* Default security level if not overridden at config time */
+ # ifndef OPENSSL_TLS_SECURITY_LEVEL
+ # define OPENSSL_TLS_SECURITY_LEVEL 1
+ # endif
+@@ -179,10 +79,10 @@ extern "C" {
+ # define TLS1_2_VERSION_MINOR 0x03
+
+ # define TLS1_get_version(s) \
+- ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
++ ((SSL_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_version(s) : 0)
+
+ # define TLS1_get_client_version(s) \
+- ((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
++ ((SSL_client_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_client_version(s) : 0)
+
+ # define TLS1_AD_DECRYPTION_FAILED 21
+ # define TLS1_AD_RECORD_OVERFLOW 22
+@@ -394,6 +294,9 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
+ # define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
+ SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
+
++#define SSL_CTX_set_tlsext_status_type(ssl, type) \
++ SSL_CTX_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE, type, NULL)
++
+ # define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
+ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
+
+diff --git a/include/openssl/ts.h b/include/openssl/ts.h
+index 2e1514e..d512648 100644
+--- a/include/openssl/ts.h
++++ b/include/openssl/ts.h
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Zoltan Glozik (zglozik at opentsa.org) for the OpenSSL project
+- * 2002, 2003, 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_TS_H
+@@ -585,12 +536,12 @@ int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_TS_strings(void);
+
+ /* Error codes for the TS functions. */
+
+ /* Function codes. */
+-# define TS_F_D2I_TS_RESP 147
+ # define TS_F_DEF_SERIAL_CB 110
+ # define TS_F_DEF_TIME_CB 111
+ # define TS_F_ESS_ADD_SIGNING_CERT 112
+@@ -635,7 +586,6 @@ void ERR_load_TS_strings(void);
+ # define TS_F_TS_RESP_SET_TST_INFO 150
+ # define TS_F_TS_RESP_SIGN 136
+ # define TS_F_TS_RESP_VERIFY_SIGNATURE 106
+-# define TS_F_TS_RESP_VERIFY_TOKEN 107
+ # define TS_F_TS_TST_INFO_SET_ACCURACY 137
+ # define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138
+ # define TS_F_TS_TST_INFO_SET_NONCE 139
+@@ -655,7 +605,6 @@ void ERR_load_TS_strings(void);
+ # define TS_R_CERTIFICATE_VERIFY_ERROR 100
+ # define TS_R_COULD_NOT_SET_ENGINE 127
+ # define TS_R_COULD_NOT_SET_TIME 115
+-# define TS_R_D2I_TS_RESP_INT_FAILED 128
+ # define TS_R_DETACHED_CONTENT 134
+ # define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
+ # define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
+@@ -688,9 +637,8 @@ void ERR_load_TS_strings(void);
+ # define TS_R_VAR_LOOKUP_FAILURE 136
+ # define TS_R_WRONG_CONTENT_TYPE 114
+
+-# ifdef __cplusplus
++# ifdef __cplusplus
+ }
++# endif
+ # endif
+-# endif
+-
+ #endif
+diff --git a/include/openssl/txt_db.h b/include/openssl/txt_db.h
+index e83e725..0e6c943 100644
+--- a/include/openssl/txt_db.h
++++ b/include/openssl/txt_db.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_TXT_DB_H
+@@ -92,7 +44,7 @@ typedef struct txt_db_st {
+ TXT_DB *TXT_DB_read(BIO *in, int num);
+ long TXT_DB_write(BIO *out, TXT_DB *db);
+ int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
+- LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
++ OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC cmp);
+ void TXT_DB_free(TXT_DB *db);
+ OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
+ OPENSSL_STRING *value);
+diff --git a/include/openssl/ui.h b/include/openssl/ui.h
+index 3d1507e..4173fe0 100644
+--- a/include/openssl/ui.h
++++ b/include/openssl/ui.h
+@@ -1,79 +1,29 @@
+ /*
+- * Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
+- * 2001.
+- */
+-/* ====================================================================
+- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_UI_H
+ # define HEADER_UI_H
+
+-# if OPENSSL_API_COMPAT < 0x10100000L
+-# include <openssl/crypto.h>
+-# endif
+-# include <openssl/safestack.h>
+-# include <openssl/ossl_typ.h>
+ # include <openssl/opensslconf.h>
+
++# ifndef OPENSSL_NO_UI
++
++# if OPENSSL_API_COMPAT < 0x10100000L
++# include <openssl/crypto.h>
++# endif
++# include <openssl/safestack.h>
++# include <openssl/ossl_typ.h>
++
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+
+-/* Declared already in ossl_typ.h */
+-/* typedef struct ui_st UI; */
+-/* typedef struct ui_method_st UI_METHOD; */
+-
+ /*
+ * All the following functions return -1 or NULL on error and in some cases
+ * (UI_process()) -2 if interrupted or in some other way cancelled. When
+@@ -160,7 +110,7 @@ int UI_dup_error_string(UI *ui, const char *text);
+ * each UI being marked with this flag, or the application might get
+ * confused.
+ */
+-# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
++# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
+
+ /*-
+ * The user of these routines may want to define flags of their own. The core
+@@ -172,7 +122,7 @@ int UI_dup_error_string(UI *ui, const char *text);
+ * #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
+ *
+ */
+-# define UI_INPUT_FLAG_USER_BASE 16
++# define UI_INPUT_FLAG_USER_BASE 16
+
+ /*-
+ * The following function helps construct a prompt. object_desc is a
+@@ -229,7 +179,7 @@ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
+ * OpenSSL error stack before printing any info or added error messages and
+ * before any prompting.
+ */
+-# define UI_CTRL_PRINT_ERRORS 1
++# define UI_CTRL_PRINT_ERRORS 1
+ /*
+ * Check if a UI_process() is possible to do again with the same instance of
+ * a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
+@@ -270,7 +220,7 @@ UI_METHOD *UI_OpenSSL(void);
+ display a dialog box after it has been built.
+ a reader This function is called to read a given prompt,
+ maybe from the tty, maybe from a field in a
+- window. Note that it's called wth all string
++ window. Note that it's called with all string
+ structures, not only the prompt ones, so it must
+ check such things itself.
+ a closer This function closes the session, maybe by closing
+@@ -355,7 +305,7 @@ int UI_get_input_flags(UI_STRING *uis);
+ /* Return the actual string to output (the prompt, info or error) */
+ const char *UI_get0_output_string(UI_STRING *uis);
+ /*
+- * Return the optional action string to output (the boolean promtp
++ * Return the optional action string to output (the boolean prompt
+ * instruction)
+ */
+ const char *UI_get0_action_string(UI_STRING *uis);
+@@ -383,6 +333,7 @@ int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_UI_strings(void);
+
+ /* Error codes for the UI functions. */
+@@ -390,7 +341,7 @@ void ERR_load_UI_strings(void);
+ /* Function codes. */
+ # define UI_F_GENERAL_ALLOCATE_BOOLEAN 108
+ # define UI_F_GENERAL_ALLOCATE_PROMPT 109
+-# define UI_F_GENERAL_ALLOCATE_STRING 100
++# define UI_F_UI_CREATE_METHOD 112
+ # define UI_F_UI_CTRL 111
+ # define UI_F_UI_DUP_ERROR_STRING 101
+ # define UI_F_UI_DUP_INFO_STRING 102
+@@ -410,7 +361,8 @@ void ERR_load_UI_strings(void);
+ # define UI_R_RESULT_TOO_SMALL 101
+ # define UI_R_UNKNOWN_CONTROL_COMMAND 106
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
++# endif
+ #endif
+diff --git a/include/openssl/whrlpool.h b/include/openssl/whrlpool.h
+index bc46035..20ea350 100644
+--- a/include/openssl/whrlpool.h
++++ b/include/openssl/whrlpool.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #ifndef HEADER_WHRLPOOL_H
+ # define HEADER_WHRLPOOL_H
+
+diff --git a/include/openssl/x509.h b/include/openssl/x509.h
+index a36500c..93ded51 100644
+--- a/include/openssl/x509.h
++++ b/include/openssl/x509.h
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+@@ -674,7 +627,7 @@ int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
+ ASN1_TIME *X509_get_notAfter(X509 *x);
+ int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
+ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+-void X509_up_ref(X509 *x);
++int X509_up_ref(X509 *x);
+ int X509_get_signature_type(const X509 *x);
+ /*
+ * This one is only used so that a binary form can output, as in
+@@ -731,7 +684,7 @@ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
+ int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_sort(X509_CRL *crl);
+-void X509_CRL_up_ref(X509_CRL *crl);
++int X509_CRL_up_ref(X509_CRL *crl);
+
+ long X509_CRL_get_version(X509_CRL *crl);
+ ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl);
+@@ -1046,6 +999,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_X509_strings(void);
+
+ /* Error codes for the X509 functions. */
+@@ -1082,6 +1036,7 @@ void ERR_load_X509_strings(void);
+ # define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
+ # define X509_F_X509_NAME_ONELINE 116
+ # define X509_F_X509_NAME_PRINT 117
++# define X509_F_X509_OBJECT_NEW 150
+ # define X509_F_X509_PRINT_EX_FP 118
+ # define X509_F_X509_PUBKEY_DECODE 148
+ # define X509_F_X509_PUBKEY_GET0 119
+@@ -1096,7 +1051,6 @@ void ERR_load_X509_strings(void);
+ # define X509_F_X509_STORE_CTX_INIT 143
+ # define X509_F_X509_STORE_CTX_NEW 142
+ # define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134
+-# define X509_F_X509_STORE_GET_X509_BY_SUBJECT 149
+ # define X509_F_X509_TO_X509_REQ 126
+ # define X509_F_X509_TRUST_ADD 133
+ # define X509_F_X509_TRUST_SET 141
+@@ -1111,7 +1065,6 @@ void ERR_load_X509_strings(void);
+ # define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
+ # define X509_R_CRL_ALREADY_DELTA 127
+ # define X509_R_CRL_VERIFY_FAILURE 131
+-# define X509_R_ERR_ASN1_LIB 102
+ # define X509_R_IDP_MISMATCH 128
+ # define X509_R_INVALID_DIRECTORY 113
+ # define X509_R_INVALID_FIELD_NAME 119
+@@ -1122,6 +1075,7 @@ void ERR_load_X509_strings(void);
+ # define X509_R_LOADING_CERT_DIR 103
+ # define X509_R_LOADING_DEFAULTS 104
+ # define X509_R_METHOD_NOT_SUPPORTED 124
++# define X509_R_NAME_TOO_LONG 134
+ # define X509_R_NEWER_CRL_NOT_NEWER 132
+ # define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
+ # define X509_R_NO_CRL_NUMBER 130
+@@ -1138,7 +1092,7 @@ void ERR_load_X509_strings(void);
+ # define X509_R_WRONG_LOOKUP_TYPE 112
+ # define X509_R_WRONG_TYPE 122
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h
+index 4bf27e9..3adfaa3 100644
+--- a/include/openssl/x509_vfy.h
++++ b/include/openssl/x509_vfy.h
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_X509_VFY_H
+@@ -104,8 +56,15 @@ DEFINE_STACK_OF(X509_VERIFY_PARAM)
+
+ int X509_STORE_set_depth(X509_STORE *store, int depth);
+
+-# define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
+-# define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
++# define X509_STORE_set_verify_cb_func(ctx,func) \
++ X509_STORE_set_verify_cb((ctx),(func))
++
++typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
++typedef int (*X509_STORE_CTX_verify)(X509_STORE_CTX *);
++
++void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify verify);
++#define X509_STORE_set_verify_func(ctx, func) \
++ X509_STORE_set_verify((ctx),(func))
+
+ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
+
+@@ -199,6 +158,12 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
+ # define X509_V_ERR_EE_KEY_TOO_SMALL 66
+ # define X509_V_ERR_CA_KEY_TOO_SMALL 67
+ # define X509_V_ERR_CA_MD_TOO_WEAK 68
++/* Caller error */
++# define X509_V_ERR_INVALID_CALL 69
++/* Issuer lookup error */
++# define X509_V_ERR_STORE_LOOKUP 70
++/* Certificate transparency */
++# define X509_V_ERR_NO_VALID_SCTS 71
+
+ /* Certificate verify flags */
+
+@@ -231,7 +196,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
+ # define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
+ /* Delta CRL support */
+ # define X509_V_FLAG_USE_DELTAS 0x2000
+-/* Check selfsigned CA signature */
++/* Check self-signed CA signature */
+ # define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
+ /* Use trusted store first */
+ # define X509_V_FLAG_TRUSTED_FIRST 0x8000
+@@ -270,20 +235,24 @@ X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+ int type, X509_NAME *name);
+ X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
+ X509_OBJECT *x);
+-void X509_OBJECT_up_ref_count(X509_OBJECT *a);
++int X509_OBJECT_up_ref_count(X509_OBJECT *a);
++X509_OBJECT *X509_OBJECT_new(void);
+ void X509_OBJECT_free(X509_OBJECT *a);
++int X509_OBJECT_get_type(X509_OBJECT *a);
+ X509 *X509_OBJECT_get0_X509(X509_OBJECT *a);
+-void X509_OBJECT_free_contents(X509_OBJECT *a);
++X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *a);
+ X509_STORE *X509_STORE_new(void);
+ void X509_STORE_free(X509_STORE *v);
+ int X509_STORE_up_ref(X509_STORE *v);
++STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
+
+-STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
+-STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
++STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
++STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
+ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+ int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+ int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
++X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+ int (*verify_cb) (int, X509_STORE_CTX *));
+@@ -292,6 +261,10 @@ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+ STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
+ *ctx,
+ X509_NAME *nm));
++#define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \
++ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, l, p, newf, dupf, freef)
++int X509_STORE_set_ex_data(X509_STORE *ctx, int idx, void *data);
++void *X509_STORE_get_ex_data(X509_STORE *ctx, int idx);
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+
+@@ -307,8 +280,6 @@ X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+-typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+-typedef int (*X509_STORE_CTX_verify)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+ X509_STORE_CTX_verify_cb verify);
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+@@ -316,6 +287,15 @@ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx,
+ X509_STORE_CTX_verify verify);
+ X509_STORE_CTX_verify X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
++#if OPENSSL_API_COMPAT < 0x10100000L
++# define X509_STORE_CTX_get_chain X509_STORE_CTX_get0_chain
++# define X509_STORE_CTX_set_chain X509_STORE_CTX_set0_untrusted
++# define X509_STORE_CTX_trusted_stack X509_STORE_CTX_set0_trusted_stack
++# define X509_STORE_get_by_subject X509_STORE_CTX_get_by_subject
++# define X509_STORE_get1_cert X509_STORE_CTX_get1_certs
++# define X509_STORE_get1_crl X509_STORE_CTX_get1_crls
++#endif
++
+ X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
+ X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+ X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+@@ -323,10 +303,10 @@ X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+
+-int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
+- X509_OBJECT *ret);
+-X509_OBJECT *X509_STORE_get_X509_by_subject(X509_STORE_CTX *vs, int type,
+- X509_NAME *name);
++int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
++ X509_OBJECT *ret);
++X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs, int type,
++ X509_NAME *name);
+
+ int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
+ long argl, char **ret);
+@@ -360,7 +340,9 @@ void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
+ int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+ int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
++void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
++void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+ X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
+ X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
+diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
+index c44ebf5..299a114 100644
+--- a/include/openssl/x509v3.h
++++ b/include/openssl/x509v3.h
+@@ -1,60 +1,12 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+- * 1999.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #ifndef HEADER_X509V3_H
+ # define HEADER_X509V3_H
+
+@@ -916,6 +868,7 @@ int X509v3_addr_validate_resource_set(STACK_OF(X509) *chain,
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ void ERR_load_X509V3_strings(void);
+
+ /* Error codes for the X509V3 functions. */
+@@ -928,10 +881,8 @@ void ERR_load_X509V3_strings(void);
+ # define X509V3_F_COPY_EMAIL 122
+ # define X509V3_F_COPY_ISSUER 123
+ # define X509V3_F_DO_DIRNAME 144
+-# define X509V3_F_DO_EXT_CONF 124
+ # define X509V3_F_DO_EXT_I2D 135
+ # define X509V3_F_DO_EXT_NCONF 151
+-# define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148
+ # define X509V3_F_GNAMES_FROM_SECTNAME 156
+ # define X509V3_F_I2S_ASN1_ENUMERATED 121
+ # define X509V3_F_I2S_ASN1_IA5STRING 149
+@@ -946,7 +897,6 @@ void ERR_load_X509V3_strings(void);
+ # define X509V3_F_S2I_ASN1_IA5STRING 100
+ # define X509V3_F_S2I_ASN1_INTEGER 108
+ # define X509V3_F_S2I_ASN1_OCTET_STRING 112
+-# define X509V3_F_S2I_ASN1_SKEY_ID 114
+ # define X509V3_F_S2I_SKEY_ID 115
+ # define X509V3_F_SET_DIST_POINT_NAME 158
+ # define X509V3_F_SXNET_ADD_ID_ASC 125
+@@ -976,7 +926,6 @@ void ERR_load_X509V3_strings(void);
+ # define X509V3_F_X509V3_ADD_VALUE 105
+ # define X509V3_F_X509V3_EXT_ADD 104
+ # define X509V3_F_X509V3_EXT_ADD_ALIAS 106
+-# define X509V3_F_X509V3_EXT_CONF 107
+ # define X509V3_F_X509V3_EXT_I2D 136
+ # define X509V3_F_X509V3_EXT_NCONF 152
+ # define X509V3_F_X509V3_GET_SECTION 142
+@@ -1036,13 +985,11 @@ void ERR_load_X509V3_strings(void);
+ # define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154
+ # define X509V3_R_NO_PUBLIC_KEY 114
+ # define X509V3_R_NO_SUBJECT_DETAILS 125
+-# define X509V3_R_ODD_NUMBER_OF_DIGITS 112
+ # define X509V3_R_OPERATION_NOT_DEFINED 148
+ # define X509V3_R_OTHERNAME_ERROR 147
+ # define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155
+ # define X509V3_R_POLICY_PATH_LENGTH 156
+ # define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157
+-# define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158
+ # define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
+ # define X509V3_R_SECTION_NOT_FOUND 150
+ # define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
+@@ -1055,7 +1002,7 @@ void ERR_load_X509V3_strings(void);
+ # define X509V3_R_UNSUPPORTED_TYPE 167
+ # define X509V3_R_USER_TOO_LONG 132
+
+-#ifdef __cplusplus
++# ifdef __cplusplus
+ }
+-#endif
++# endif
+ #endif
+diff --git a/ms/cmp.pl b/ms/cmp.pl
+index 31d7e1e..265ce56 100755
+--- a/ms/cmp.pl
++++ b/ms/cmp.pl
+@@ -1,4 +1,10 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ ($#ARGV == 1) || die "usage: cmp.pl <file1> <file2>\n";
+
+diff --git a/ms/segrenam.pl b/ms/segrenam.pl
+index 7e64c8e..372444a 100755
+--- a/ms/segrenam.pl
++++ b/ms/segrenam.pl
+@@ -1,4 +1,10 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ my $quiet = 1;
+
+diff --git a/ms/uplink-common.pl b/ms/uplink-common.pl
+index 1d20e6e..e2ab594 100755
+--- a/ms/uplink-common.pl
++++ b/ms/uplink-common.pl
+@@ -1,5 +1,11 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ # pull APPLINK_MAX value from applink.c...
+ $applink_c=$0;
+ $applink_c=~s|[^/\\]+$||g;
+diff --git a/ms/uplink-ia64.pl b/ms/uplink-ia64.pl
+index 089cd39..0636f13 100755
+--- a/ms/uplink-ia64.pl
++++ b/ms/uplink-ia64.pl
+@@ -1,4 +1,10 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ $output = pop;
+ open STDOUT,">$output";
+diff --git a/ms/uplink-x86.pl b/ms/uplink-x86.pl
+index 4a2f042..e25668e 100755
+--- a/ms/uplink-x86.pl
++++ b/ms/uplink-x86.pl
+@@ -1,4 +1,10 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+ push(@INC, "${dir}.", "${dir}../crypto/perlasm");
+diff --git a/ms/uplink-x86_64.pl b/ms/uplink-x86_64.pl
+index 0cb0f1b..03500fe 100755
+--- a/ms/uplink-x86_64.pl
++++ b/ms/uplink-x86_64.pl
+@@ -1,4 +1,10 @@
+-#!/usr/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ $output=pop;
+ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+diff --git a/openssl.spec b/openssl.spec
+deleted file mode 100644
+index 890fd51..0000000
+--- a/openssl.spec
++++ /dev/null
+@@ -1,210 +0,0 @@
+-%define _unpackaged_files_terminate_build 0
+-
+-Release: 1
+-
+-%define openssldir /var/ssl
+-
+-Summary: Secure Sockets Layer and cryptography libraries and tools
+-Name: openssl
+-Version: 1.1.0
+-#Version: %{libmaj}.%{libmin}.%{librel}%{librev}
+-Source0: https://www.openssl.org/source/%{name}-%{version}.tar.gz
+-License: OpenSSL
+-Group: System Environment/Libraries
+-Provides: SSL
+-URL: https://www.openssl.org/
+-Packager: Damien Miller <djm at mindrot.org>
+-BuildRoot: /var/tmp/%{name}-%{version}-root
+-
+-%description
+-The OpenSSL Project is a collaborative effort to develop a robust,
+-commercial-grade, fully featured, and Open Source toolkit implementing the
+-Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+-protocols as well as a full-strength general purpose cryptography library.
+-The project is managed by a worldwide community of volunteers that use the
+-Internet to communicate, plan, and develop the OpenSSL tookit and its related
+-documentation.
+-
+-OpenSSL is based on the excellent SSLeay library developed from Eric A.
+-Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
+-Apache-style licence, which basically means that you are free to get and
+-use it for commercial and non-commercial purposes.
+-
+-This package contains the base OpenSSL cryptography and SSL/TLS
+-libraries and tools.
+-
+-%package devel
+-Summary: Secure Sockets Layer and cryptography static libraries and headers
+-Group: Development/Libraries
+-Requires: openssl
+-%description devel
+-The OpenSSL Project is a collaborative effort to develop a robust,
+-commercial-grade, fully featured, and Open Source toolkit implementing the
+-Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+-protocols as well as a full-strength general purpose cryptography library.
+-The project is managed by a worldwide community of volunteers that use the
+-Internet to communicate, plan, and develop the OpenSSL tookit and its related
+-documentation.
+-
+-OpenSSL is based on the excellent SSLeay library developed from Eric A.
+-Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
+-Apache-style licence, which basically means that you are free to get and
+-use it for commercial and non-commercial purposes.
+-
+-This package contains the the OpenSSL cryptography and SSL/TLS
+-static libraries and header files required when developing applications.
+-
+-%package doc
+-Summary: OpenSSL miscellaneous files
+-Group: Documentation
+-Requires: openssl
+-%description doc
+-The OpenSSL Project is a collaborative effort to develop a robust,
+-commercial-grade, fully featured, and Open Source toolkit implementing the
+-Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+-protocols as well as a full-strength general purpose cryptography library.
+-The project is managed by a worldwide community of volunteers that use the
+-Internet to communicate, plan, and develop the OpenSSL tookit and its related
+-documentation.
+-
+-OpenSSL is based on the excellent SSLeay library developed from Eric A.
+-Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
+-Apache-style licence, which basically means that you are free to get and
+-use it for commercial and non-commercial purposes.
+-
+-This package contains the the OpenSSL cryptography and SSL/TLS extra
+-documentation and POD files from which the man pages were produced.
+-
+-%prep
+-
+-%setup -q
+-
+-%build
+-
+-%define CONFIG_FLAGS -DSSL_ALLOW_ADH --prefix=/usr --openssldir=%{openssldir}
+-
+-perl util/perlpath.pl /usr/bin/perl
+-
+-%ifarch i386 i486 i586 i686
+-./Configure %{CONFIG_FLAGS} linux-elf shared
+-%endif
+-%ifarch ppc
+-./Configure %{CONFIG_FLAGS} linux-ppc shared
+-%endif
+-%ifarch alpha
+-./Configure %{CONFIG_FLAGS} linux-alpha shared
+-%endif
+-%ifarch x86_64
+-./Configure %{CONFIG_FLAGS} linux-x86_64 shared
+-%endif
+-LD_LIBRARY_PATH=`pwd` make
+-LD_LIBRARY_PATH=`pwd` make rehash
+-LD_LIBRARY_PATH=`pwd` make test
+-
+-%install
+-rm -rf $RPM_BUILD_ROOT
+-make MANDIR=/usr/man MANSUFFIX=ssl DESTDIR="$RPM_BUILD_ROOT" install
+-
+-# Make backwards-compatibility symlink to ssleay
+-ln -sf /usr/bin/openssl $RPM_BUILD_ROOT/usr/bin/ssleay
+-
+-%clean
+-rm -rf $RPM_BUILD_ROOT
+-
+-%files
+-%defattr(0644,root,root,0755)
+-%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
+-
+-%attr(0755,root,root) /usr/bin/*
+-%attr(0755,root,root) /usr/lib/*.so*
+-%attr(0755,root,root) %{openssldir}/misc/*
+-%attr(0644,root,root) /usr/man/man[157]/*
+-
+-%config %attr(0644,root,root) %{openssldir}/openssl.cnf
+-%dir %attr(0755,root,root) %{openssldir}/certs
+-%dir %attr(0755,root,root) %{openssldir}/misc
+-%dir %attr(0750,root,root) %{openssldir}/private
+-
+-%files devel
+-%defattr(0644,root,root,0755)
+-%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
+-
+-%attr(0644,root,root) /usr/lib/*.a
+-%attr(0644,root,root) /usr/lib/pkgconfig/openssl.pc
+-%attr(0644,root,root) /usr/include/openssl/*
+-%attr(0644,root,root) /usr/man/man[3]/*
+-
+-%files doc
+-%defattr(0644,root,root,0755)
+-%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
+-%doc doc
+-
+-%post
+-ldconfig
+-
+-%postun
+-ldconfig
+-
+-%changelog
+-* Sun Jun 6 2005 Richard Levitte <richard at levitte.org>
+-- Remove the incorrect installation of '%{openssldir}/lib'.
+-* Wed May 7 2003 Richard Levitte <richard at levitte.org>
+-- Add /usr/lib/pkgconfig/openssl.pc to the development section.
+-* Thu Mar 22 2001 Richard Levitte <richard at levitte.org>
+-- Removed redundant subsection that re-installed libcrypto.a and libssl.a
+- as well. Also remove RSAref stuff completely, since it's not needed
+- any more.
+-* Thu Mar 15 2001 Jeremiah Johnson <jjohnson at penguincomputing.com>
+-- Removed redundant subsection that re-installed libcrypto.so.0.9.6 and
+- libssl.so.0.9.6. As well as the subsection that created symlinks for
+- these. make install handles all this.
+-* Sat Oct 21 2000 Horms <horms at vergenet.net>
+-- Make sure symlinks are created by using -f flag to ln.
+- Otherwise some .so libraries are copied rather than
+- linked in the resulting binary RPM. This causes the package
+- to be larger than necessary and makes ldconfig complain.
+-* Fri Oct 13 2000 Horms <horms at vergenet.net>
+-- Make defattr is set for files in all packages so packages built as
+- non-root will still be installed with files owned by root.
+-* Thu Sep 14 2000 Richard Levitte <richard at levitte.org>
+-- Changed to adapt to the new (supported) way of making shared libraries
+-- Installs all static libraries, not just libRSAglue.a
+-- Extra documents now end up in a separate document package
+-* Sun Feb 27 2000 Damien Miller <djm at mindrot.org>
+-- Merged patches to spec
+-- Updated to 0.9.5beta2 (now with manpages)
+-* Sat Feb 5 2000 Michal Jaegermann <michal at harddata.com>
+-- added 'linux-alpha' to configuration
+-- fixed nasty absolute links
+-* Tue Jan 25 2000 Bennett Todd <bet at rahul.net>
+-- Added -DSSL_ALLOW_ADH, bumped Release to 4
+-* Thu Oct 14 1999 Damien Miller <djm at mindrot.org>
+-- Set default permissions
+-- Removed documentation from devel sub-package
+-* Thu Sep 30 1999 Damien Miller <djm at mindrot.org>
+-- Added "make test" stage
+-- GPG signed
+-* Tue Sep 10 1999 Damien Miller <damien at ibs.com.au>
+-- Updated to version 0.9.4
+-* Tue May 25 1999 Damien Miller <damien at ibs.com.au>
+-- Updated to version 0.9.3
+-- Added attributes for all files
+-- Paramatised openssl directory
+-* Sat Mar 20 1999 Carlo M. Arenas Belon <carenas at jmconsultores.com.pe>
+-- Added "official" bnrec patch and taking other out
+-- making a link from ssleay to openssl binary
+-- putting all changelog together on SPEC file
+-* Fri Mar 5 1999 Henri Gomez <gomez at slib.fr>
+-- Added bnrec patch
+-* Tue Dec 29 1998 Jonathan Ruano <kobalt at james.encomix.es>
+-- minimum spec and patches changes for openssl
+-- modified for openssl sources
+-* Sat Aug 8 1998 Khimenko Victor <khim at sch57.msk.ru>
+-- shared library creating process honours $RPM_OPT_FLAGS
+-- shared libarry supports threads (as well as static library)
+-* Wed Jul 22 1998 Khimenko Victor <khim at sch57.msk.ru>
+-- building of shared library completely reworked
+-* Tue Jul 21 1998 Khimenko Victor <khim at sch57.msk.ru>
+-- RPM is BuildRoot'ed
+-* Tue Feb 10 1998 Khimenko Victor <khim at sch57.msk.ru>
+-- all stuff is moved out of /usr/local
+diff --git a/os-dep/haiku.h b/os-dep/haiku.h
+new file mode 100644
+index 0000000..7e908ef
+--- /dev/null
++++ b/os-dep/haiku.h
+@@ -0,0 +1,2 @@
++#include <sys/select.h>
++#include <sys/time.h>
+diff --git a/ssl/Makefile.in b/ssl/Makefile.in
+deleted file mode 100644
+index 26444ca..0000000
+--- a/ssl/Makefile.in
++++ /dev/null
+@@ -1,81 +0,0 @@
+-#
+-# OpenSSL/ssl/Makefile
+-#
+-
+-DIR= ssl
+-TOP= ..
+-CC= cc
+-INCLUDES= -I$(TOP) -I../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-AR= ar r
+-
+-CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
+-
+-GENERAL=Makefile README ssl-lib.com install.com
+-
+-LIB=$(TOP)/libssl.a
+-SHARED_LIB= libssl$(SHLIB_EXT)
+-LIBSRC= \
+- pqueue.c \
+- statem/statem_srvr.c statem/statem_clnt.c s3_lib.c s3_enc.c record/rec_layer_s3.c \
+- statem/statem_lib.c s3_cbc.c s3_msg.c \
+- methods.c t1_lib.c t1_enc.c t1_ext.c \
+- d1_lib.c record/rec_layer_d1.c d1_msg.c \
+- statem/statem_dtls.c d1_srtp.c \
+- ssl_lib.c ssl_cert.c ssl_sess.c \
+- ssl_ciph.c ssl_stat.c ssl_rsa.c \
+- ssl_asn1.c ssl_txt.c ssl_init.c ssl_conf.c ssl_mcnf.c \
+- bio_ssl.c ssl_err.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c \
+- record/ssl3_buffer.c record/ssl3_record.c record/dtls1_bitmap.c \
+- statem/statem.c
+-LIBOBJ= \
+- pqueue.o \
+- statem/statem_srvr.o statem/statem_clnt.o s3_lib.o s3_enc.o record/rec_layer_s3.o \
+- statem/statem_lib.o s3_cbc.o s3_msg.o \
+- methods.o t1_lib.o t1_enc.o t1_ext.o \
+- d1_lib.o record/rec_layer_d1.o d1_msg.o \
+- statem/statem_dtls.o d1_srtp.o\
+- ssl_lib.o ssl_cert.o ssl_sess.o \
+- ssl_ciph.o ssl_stat.o ssl_rsa.o \
+- ssl_asn1.o ssl_txt.o ssl_init.o ssl_conf.o ssl_mcnf.o \
+- bio_ssl.o ssl_err.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o \
+- record/ssl3_buffer.o record/ssl3_record.o record/dtls1_bitmap.o \
+- statem/statem.o
+-
+-SRC= $(LIBSRC)
+-
+-HEADER= ssl_locl.h record/record_locl.h record/record.h statem/statem.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-# BSD make and GNU make disagree on where output goes
+-.c.o:
+- $(CC) $(CFLAGS) -c $< -o $@
+-
+-top:
+- (cd ..; $(MAKE) DIRS=$(DIR) all)
+-
+-all: shared
+-
+-lib: $(LIBOBJ)
+- $(AR) $(LIB) $(LIBOBJ)
+- $(RANLIB) $(LIB) || echo Never mind.
+- @touch lib
+-
+-shared: lib
+- if [ -n "$(SHARED_LIBS)" ]; then \
+- (cd ..; $(MAKE) $(SHARED_LIB)); \
+- fi
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)
+-
+-clean:
+- rm -f $(LIBOBJ) *.obj lib tags core .pure .nfs* *.old *.bak fluff
+- rm -f record/*.obj record/lib record/retags record/core \
+- record/.pure record/.nfs* record/*.old record/*.bak record/fluff
+- rm -f statem/*.obj statem/lib statem/retags statem/core \
+- statem/.pure statem/.nfs* statem/*.old statem/*.bak statem/fluff
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c
+index e3deebc..efe0df9 100644
+--- a/ssl/bio_ssl.c
++++ b/ssl/bio_ssl.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -424,10 +376,11 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
+ dbs = BIO_get_data(dbio);
+ SSL_free(dbs->ssl);
+ dbs->ssl = SSL_dup(ssl);
+- dbs->renegotiate_count = dbs->renegotiate_count;
+- dbs->byte_count = dbs->byte_count;
+- dbs->renegotiate_timeout = dbs->renegotiate_timeout;
+- dbs->last_time = dbs->last_time;
++ dbs->num_renegotiates = bs->num_renegotiates;
++ dbs->renegotiate_count = bs->renegotiate_count;
++ dbs->byte_count = bs->byte_count;
++ dbs->renegotiate_timeout = bs->renegotiate_timeout;
++ dbs->last_time = bs->last_time;
+ ret = (dbs->ssl != NULL);
+ break;
+ case BIO_C_GET_FD:
+diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
+index 6d75225..42a0278 100644
+--- a/ssl/d1_lib.c
++++ b/ssl/d1_lib.c
+@@ -1,59 +1,10 @@
+ /*
+- * DTLS implementation written by Nagendra Modadugu
+- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -797,7 +748,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
+ }
+
+ /*
+- * This is unneccessary if rbio and wbio are one and the same - but
++ * This is unnecessary if rbio and wbio are one and the same - but
+ * maybe they're not. We ignore errors here - some BIOs do not
+ * support this.
+ */
+@@ -887,6 +838,14 @@ static int dtls1_handshake_write(SSL *s)
+ }
+
+ #ifndef OPENSSL_NO_HEARTBEATS
++
++#define HEARTBEAT_SIZE(payload, padding) ( \
++ 1 /* heartbeat type */ + \
++ 2 /* heartbeat length */ + \
++ (payload) + (padding))
++
++#define HEARTBEAT_SIZE_STD(payload) HEARTBEAT_SIZE(payload, 16)
++
+ int dtls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length)
+ {
+ unsigned char *pl;
+@@ -898,32 +857,27 @@ int dtls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length)
+ s->msg_callback(0, s->version, DTLS1_RT_HEARTBEAT,
+ p, length, s, s->msg_callback_arg);
+
+- /* Read type and payload length first */
+- if (1 + 2 + 16 > length)
++ /* Read type and payload length */
++ if (HEARTBEAT_SIZE_STD(0) > length)
+ return 0; /* silently discard */
+ if (length > SSL3_RT_MAX_PLAIN_LENGTH)
+ return 0; /* silently discard per RFC 6520 sec. 4 */
+
+ hbtype = *p++;
+ n2s(p, payload);
+- if (1 + 2 + payload + 16 > length)
++ if (HEARTBEAT_SIZE_STD(payload) > length)
+ return 0; /* silently discard per RFC 6520 sec. 4 */
+ pl = p;
+
+ if (hbtype == TLS1_HB_REQUEST) {
+ unsigned char *buffer, *bp;
+- unsigned int write_length = 1 /* heartbeat type */ +
+- 2 /* heartbeat length */ +
+- payload + padding;
++ unsigned int write_length = HEARTBEAT_SIZE(payload, padding);
+ int r;
+
+ if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
+ return 0;
+
+- /*
+- * Allocate memory for the response, size is 1 byte message type,
+- * plus 2 bytes payload length, plus payload, plus padding
+- */
++ /* Allocate memory for the response. */
+ buffer = OPENSSL_malloc(write_length);
+ if (buffer == NULL)
+ return -1;
+@@ -975,6 +929,7 @@ int dtls1_heartbeat(SSL *s)
+ int ret = -1;
+ unsigned int payload = 18; /* Sequence number + random bytes */
+ unsigned int padding = 16; /* Use minimum padding */
++ unsigned int size;
+
+ /* Only send if peer supports and accepts HB requests... */
+ if (!(s->tlsext_heartbeat & SSL_DTLSEXT_HB_ENABLED) ||
+@@ -999,13 +954,9 @@ int dtls1_heartbeat(SSL *s)
+ * Create HeartBeat message, we just use a sequence number
+ * as payload to distuingish different messages and add
+ * some random stuff.
+- * - Message Type, 1 byte
+- * - Payload Length, 2 bytes (unsigned int)
+- * - Payload, the sequence number (2 bytes uint)
+- * - Payload, random bytes (16 bytes uint)
+- * - Padding
+ */
+- buf = OPENSSL_malloc(1 + 2 + payload + padding);
++ size = HEARTBEAT_SIZE(payload, padding);
++ buf = OPENSSL_malloc(size);
+ if (buf == NULL) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, ERR_R_MALLOC_FAILURE);
+ return -1;
+@@ -1029,11 +980,11 @@ int dtls1_heartbeat(SSL *s)
+ goto err;
+ }
+
+- ret = dtls1_write_bytes(s, DTLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
++ ret = dtls1_write_bytes(s, DTLS1_RT_HEARTBEAT, buf, size);
+ if (ret >= 0) {
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, DTLS1_RT_HEARTBEAT,
+- buf, 3 + payload + padding,
++ buf, size,
+ s, s->msg_callback_arg);
+
+ dtls1_start_timer(s);
+diff --git a/ssl/d1_msg.c b/ssl/d1_msg.c
+index b9342a2..0757203 100644
+--- a/ssl/d1_msg.c
++++ b/ssl/d1_msg.c
+@@ -1,115 +1,10 @@
+ /*
+- * DTLS implementation written by Nagendra Modadugu
+- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #define USE_SOCKETS
+diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c
+index f969fb1..91d373f 100644
+--- a/ssl/d1_srtp.c
++++ b/ssl/d1_srtp.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /*
+ * DTLS code by Eric Rescorla <ekr at rtfm.com>
+ *
+@@ -197,6 +97,8 @@ static int ssl_ctx_make_profiles(const char *profiles_string,
+ ptr = col + 1;
+ } while (col);
+
++ sk_SRTP_PROTECTION_PROFILE_free(*out);
++
+ *out = profiles;
+
+ return 0;
+diff --git a/ssl/methods.c b/ssl/methods.c
+index e576502..aeed8c7 100644
+--- a/ssl/methods.c
++++ b/ssl/methods.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/ssl/packet_locl.h b/ssl/packet_locl.h
+index fd1f9f4..0ff4ccc 100644
+--- a/ssl/packet_locl.h
++++ b/ssl/packet_locl.h
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_PACKET_LOCL_H
+diff --git a/ssl/pqueue.c b/ssl/pqueue.c
+index d6cef34..b447e1d 100644
+--- a/ssl/pqueue.c
++++ b/ssl/pqueue.c
+@@ -1,59 +1,10 @@
+ /*
+- * DTLS implementation written by Nagendra Modadugu
+- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "ssl_locl.h"
+diff --git a/ssl/record/dtls1_bitmap.c b/ssl/record/dtls1_bitmap.c
+index 0fa2985..9dae9b2 100644
+--- a/ssl/record/dtls1_bitmap.c
++++ b/ssl/record/dtls1_bitmap.c
+@@ -1,115 +1,10 @@
+ /*
+- * DTLS implementation written by Nagendra Modadugu
+- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "../ssl_locl.h"
+diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c
+index 00af44e..a7cffc8 100644
+--- a/ssl/record/rec_layer_d1.c
++++ b/ssl/record/rec_layer_d1.c
+@@ -1,115 +1,10 @@
+ /*
+- * DTLS implementation written by Nagendra Modadugu
+- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -569,7 +464,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
+
+ memcpy(buf, &(SSL3_RECORD_get_data(rr)[SSL3_RECORD_get_off(rr)]), n);
+ if (!peek) {
+- SSL3_RECORD_add_length(rr, -n);
++ SSL3_RECORD_sub_length(rr, n);
+ SSL3_RECORD_add_off(rr, n);
+ if (SSL3_RECORD_get_length(rr) == 0) {
+ s->rlayer.rstate = SSL_ST_READ_HEADER;
+@@ -666,7 +561,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
+
+ if (dest_maxlen > 0) {
+ /*
+- * XDTLS: In a pathalogical case, the Client Hello may be
++ * XDTLS: In a pathological case, the Client Hello may be
+ * fragmented--don't always expect dest_maxlen bytes
+ */
+ if (SSL3_RECORD_get_length(rr) < dest_maxlen) {
+diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
+index 773a6d6..8c02efd 100644
+--- a/ssl/record/rec_layer_s3.c
++++ b/ssl/record/rec_layer_s3.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -125,8 +24,7 @@
+ #if defined(OPENSSL_SMALL_FOOTPRINT) || \
+ !( defined(AES_ASM) && ( \
+ defined(__x86_64) || defined(__x86_64__) || \
+- defined(_M_AMD64) || defined(_M_X64) || \
+- defined(__INTEL__) ) \
++ defined(_M_AMD64) || defined(_M_X64) ) \
+ )
+ # undef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+ # define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
+@@ -303,7 +201,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend, int clearold)
+ left = rb->left;
+ #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+ align = (size_t)rb->buf + SSL3_RT_HEADER_LENGTH;
+- align = (0-align) & (SSL3_ALIGN_PAYLOAD - 1);
++ align = SSL3_ALIGN_PAYLOAD - 1 - ((align - 1) % SSL3_ALIGN_PAYLOAD);
+ #endif
+
+ if (!extend) {
+@@ -495,7 +393,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
+ /*
+ * Depending on platform multi-block can deliver several *times*
+ * better performance. Downside is that it has to allocate
+- * jumbo buffer to accomodate up to 8 records, but the
++ * jumbo buffer to accommodate up to 8 records, but the
+ * compromise is considered worthy.
+ */
+ if (type == SSL3_RT_APPLICATION_DATA &&
+@@ -631,7 +529,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
+ split_send_fragment = s->split_send_fragment;
+ /*
+ * If max_pipelines is 0 then this means "undefined" and we default to
+- * 1 pipeline. Similaraly if the cipher does not support pipelined
++ * 1 pipeline. Similarly if the cipher does not support pipelined
+ * processing then we also only use 1 pipeline, or if we're not using
+ * explicit IVs
+ */
+@@ -810,10 +708,10 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
+ /*
+ * extra fragment would be couple of cipher blocks, which would be
+ * multiple of SSL3_ALIGN_PAYLOAD, so if we want to align the real
+- * payload, then we can just pretent we simply have two headers.
++ * payload, then we can just pretend we simply have two headers.
+ */
+ align = (size_t)SSL3_BUFFER_get_buf(wb) + 2 * SSL3_RT_HEADER_LENGTH;
+- align = (0-align) & (SSL3_ALIGN_PAYLOAD - 1);
++ align = SSL3_ALIGN_PAYLOAD - 1 - ((align - 1) % SSL3_ALIGN_PAYLOAD);
+ #endif
+ outbuf[0] = SSL3_BUFFER_get_buf(wb) + align;
+ SSL3_BUFFER_set_offset(wb, align);
+@@ -826,7 +724,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
+ wb = &s->rlayer.wbuf[j];
+ #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+ align = (size_t)SSL3_BUFFER_get_buf(wb) + SSL3_RT_HEADER_LENGTH;
+- align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
++ align = SSL3_ALIGN_PAYLOAD - 1 - ((align - 1) % SSL3_ALIGN_PAYLOAD);
+ #endif
+ outbuf[j] = SSL3_BUFFER_get_buf(wb) + align;
+ SSL3_BUFFER_set_offset(wb, align);
+@@ -862,7 +760,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
+
+ *(outbuf[j]++) = (s->version >> 8);
+ /*
+- * Some servers hang if iniatial client hello is larger than 256 bytes
++ * Some servers hang if initial client hello is larger than 256 bytes
+ * and record version number > TLS 1.0
+ */
+ if (SSL_get_state(s) == TLS_ST_CW_CLNT_HELLO
+@@ -1233,7 +1131,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
+ memcpy(buf, &(rr->data[rr->off]), n);
+ buf += n;
+ if (!peek) {
+- SSL3_RECORD_add_length(rr, -n);
++ SSL3_RECORD_sub_length(rr, n);
+ SSL3_RECORD_add_off(rr, n);
+ if (SSL3_RECORD_get_length(rr) == 0) {
+ s->rlayer.rstate = SSL_ST_READ_HEADER;
+@@ -1445,7 +1343,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
+ /*
+ * This is a warning but we receive it if we requested
+ * renegotiation and the peer denied it. Terminate with a fatal
+- * alert because if application tried to renegotiatie it
++ * alert because if application tried to renegotiate it
+ * presumably had a good reason and expects it to succeed. In
+ * future we might have a renegotiation where we don't care if
+ * the peer refused it where we carry on.
+diff --git a/ssl/record/record.h b/ssl/record/record.h
+index 6bb941d..9e19822 100644
+--- a/ssl/record/record.h
++++ b/ssl/record/record.h
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*****************************************************************************
+diff --git a/ssl/record/record_locl.h b/ssl/record/record_locl.h
+index 81335fa..67ae1f4 100644
+--- a/ssl/record/record_locl.h
++++ b/ssl/record/record_locl.h
+@@ -1,113 +1,11 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+
+ /*****************************************************************************
+ * *
+@@ -178,6 +76,7 @@ int ssl3_release_write_buffer(SSL *s);
+ #define SSL3_RECORD_get_length(r) ((r)->length)
+ #define SSL3_RECORD_set_length(r, l) ((r)->length = (l))
+ #define SSL3_RECORD_add_length(r, l) ((r)->length += (l))
++#define SSL3_RECORD_sub_length(r, l) ((r)->length -= (l))
+ #define SSL3_RECORD_get_data(r) ((r)->data)
+ #define SSL3_RECORD_set_data(r, d) ((r)->data = (d))
+ #define SSL3_RECORD_get_input(r) ((r)->input)
+diff --git a/ssl/record/ssl3_buffer.c b/ssl/record/ssl3_buffer.c
+index 53ae0f4..72faafe 100644
+--- a/ssl/record/ssl3_buffer.c
++++ b/ssl/record/ssl3_buffer.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "../ssl_locl.h"
+diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
+index 3c28572..872a381 100644
+--- a/ssl/record/ssl3_record.c
++++ b/ssl/record/ssl3_record.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "../ssl_locl.h"
+@@ -270,13 +169,21 @@ int ssl3_get_record(SSL *s)
+ if (s->first_packet && s->server && !s->read_hash
+ && !s->enc_read_ctx
+ && (p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) {
+- /* SSLv2 style record */
++ /*
++ * SSLv2 style record
++ *
++ * |num_recs| here will actually always be 0 because
++ * |num_recs > 0| only ever occurs when we are processing
++ * multiple app data records - which we know isn't the case here
++ * because it is an SSLv2ClientHello. We keep it using
++ * |num_recs| for the sake of consistency
++ */
+ rr[num_recs].type = SSL3_RT_HANDSHAKE;
+ rr[num_recs].rec_version = SSL2_VERSION;
+
+ rr[num_recs].length = ((p[0] & 0x7f) << 8) | p[1];
+
+- if (rr[num_recs].length > SSL3_BUFFER_get_len(&rbuf[num_recs])
++ if (rr[num_recs].length > SSL3_BUFFER_get_len(rbuf)
+ - SSL2_RT_HEADER_LENGTH) {
+ al = SSL_AD_RECORD_OVERFLOW;
+ SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_PACKET_LENGTH_TOO_LONG);
+@@ -420,7 +327,8 @@ int ssl3_get_record(SSL *s)
+
+ /* we have pulled in a full packet so zero things */
+ RECORD_LAYER_reset_packet_length(&s->rlayer);
+- } while (num_recs < max_recs && rr->type == SSL3_RT_APPLICATION_DATA
++ } while (num_recs < max_recs
++ && rr[num_recs-1].type == SSL3_RT_APPLICATION_DATA
+ && SSL_USE_EXPLICIT_IV(s)
+ && s->enc_read_ctx != NULL
+ && (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_read_ctx))
+diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
+index 8df32ba..7cdabbb 100644
+--- a/ssl/s3_cbc.c
++++ b/ssl/s3_cbc.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2012 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/constant_time_locl.h"
+diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
+index 35ef948..cb571c1 100644
+--- a/ssl/s3_enc.c
++++ b/ssl/s3_enc.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+@@ -231,7 +131,7 @@ int ssl3_change_cipher_state(SSL *s, int which)
+ goto err;
+ else
+ /*
+- * make sure it's intialized in case we exit later with an error
++ * make sure it's initialised in case we exit later with an error
+ */
+ EVP_CIPHER_CTX_reset(s->enc_read_ctx);
+ dd = s->enc_read_ctx;
+@@ -262,7 +162,7 @@ int ssl3_change_cipher_state(SSL *s, int which)
+ goto err;
+ else
+ /*
+- * make sure it's intialized in case we exit later with an error
++ * make sure it's initialised in case we exit later with an error
+ */
+ EVP_CIPHER_CTX_reset(s->enc_write_ctx);
+ dd = s->enc_write_ctx;
+@@ -474,14 +374,13 @@ int ssl3_digest_cached_records(SSL *s, int keep)
+ }
+
+ md = ssl_handshake_md(s);
+- if (md == NULL) {
++ if ( md == NULL
++ || !EVP_DigestInit_ex(s->s3->handshake_dgst, md, NULL)
++ || !EVP_DigestUpdate(s->s3->handshake_dgst, hdata, hdatalen))
++ {
+ SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+-
+- EVP_DigestInit_ex(s->s3->handshake_dgst, md, NULL);
+- EVP_DigestUpdate(s->s3->handshake_dgst, hdata, hdatalen);
+-
+ }
+ if (keep == 0) {
+ BIO_free(s->s3->handshake_buffer);
+diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
+index ef65050..de7f1c0 100644
+--- a/ssl/s3_lib.c
++++ b/ssl/s3_lib.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -208,7 +108,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_HIGH | SSL_FIPS,
++ SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -223,7 +123,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
++ SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -238,7 +138,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_HIGH | SSL_FIPS,
++ SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -253,7 +153,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
++ SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -960,7 +860,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_HIGH | SSL_FIPS,
++ SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -1020,7 +920,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_HIGH | SSL_FIPS,
++ SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -1080,7 +980,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
++ SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -1293,7 +1193,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_HIGH | SSL_FIPS,
++ SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -1338,7 +1238,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_HIGH | SSL_FIPS,
++ SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -1383,7 +1283,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_HIGH | SSL_FIPS,
++ SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -1699,7 +1599,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_HIGH | SSL_FIPS,
++ SSL_MEDIUM | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -1823,7 +1723,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_HIGH,
++ SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -1838,7 +1738,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_HIGH,
++ SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -1853,7 +1753,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_SHA1,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+- SSL_NOT_DEFAULT | SSL_HIGH,
++ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+@@ -2506,7 +2406,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ TLS1_VERSION, TLS1_2_VERSION,
+- DTLS1_VERSION, DTLS1_2_VERSION,
++ 0, 0,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
+ 256,
+@@ -2521,7 +2421,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_eNULL,
+ SSL_GOST94,
+ TLS1_VERSION, TLS1_2_VERSION,
+- DTLS1_VERSION, DTLS1_2_VERSION,
++ 0, 0,
+ SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
+ 0,
+@@ -2536,7 +2436,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_eGOST2814789CNT12,
+ SSL_GOST89MAC12,
+ TLS1_VERSION, TLS1_2_VERSION,
+- DTLS1_VERSION, DTLS1_2_VERSION,
++ 0, 0,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
+ 256,
+@@ -2551,7 +2451,7 @@ static SSL_CIPHER ssl3_ciphers[] =
+ SSL_eNULL,
+ SSL_GOST12_256,
+ TLS1_VERSION, TLS1_2_VERSION,
+- DTLS1_VERSION, DTLS1_2_VERSION,
++ 0, 0,
+ SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
+ 0,
+@@ -3395,24 +3295,40 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+ case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
+ {
+ unsigned char *keys = parg;
+- if (!keys)
+- return 48;
+- if (larg != 48) {
++ long tlsext_tick_keylen = (sizeof(ctx->tlsext_tick_key_name) +
++ sizeof(ctx->tlsext_tick_hmac_key) + sizeof(ctx->tlsext_tick_aes_key));
++ if (keys == NULL)
++ return tlsext_tick_keylen;
++ if (larg != tlsext_tick_keylen) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
+ return 0;
+ }
+ if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
+- memcpy(ctx->tlsext_tick_key_name, keys, 16);
+- memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
+- memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
++ memcpy(ctx->tlsext_tick_key_name, keys,
++ sizeof(ctx->tlsext_tick_key_name));
++ memcpy(ctx->tlsext_tick_hmac_key,
++ keys + sizeof(ctx->tlsext_tick_key_name),
++ sizeof(ctx->tlsext_tick_hmac_key));
++ memcpy(ctx->tlsext_tick_aes_key,
++ keys + sizeof(ctx->tlsext_tick_key_name) + sizeof(ctx->tlsext_tick_hmac_key),
++ sizeof(ctx->tlsext_tick_aes_key));
+ } else {
+- memcpy(keys, ctx->tlsext_tick_key_name, 16);
+- memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
+- memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
++ memcpy(keys, ctx->tlsext_tick_key_name,
++ sizeof(ctx->tlsext_tick_key_name));
++ memcpy(keys + sizeof(ctx->tlsext_tick_key_name),
++ ctx->tlsext_tick_hmac_key,
++ sizeof(ctx->tlsext_tick_hmac_key));
++ memcpy(keys + sizeof(ctx->tlsext_tick_key_name) + sizeof(ctx->tlsext_tick_hmac_key),
++ ctx->tlsext_tick_aes_key,
++ sizeof(ctx->tlsext_tick_aes_key));
+ }
+ return 1;
+ }
+
++ case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
++ ctx->tlsext_status_type = larg;
++ break;
++
+ case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
+ ctx->tlsext_status_arg = parg;
+ return 1;
+@@ -3839,7 +3755,7 @@ int ssl3_shutdown(SSL *s)
+ if (ret == -1) {
+ /*
+ * we only get to return -1 here the 2nd/Nth invocation, we must
+- * have already signalled return 0 upon a previous invoation,
++ * have already signalled return 0 upon a previous invocation,
+ * return WANT_WRITE
+ */
+ return (ret);
+diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c
+index 8df1e66..78ae099 100644
+--- a/ssl/s3_msg.c
++++ b/ssl/s3_msg.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #define USE_SOCKETS
+diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
+index a3bbfe4..67d8e0c 100644
+--- a/ssl/ssl_asn1.c
++++ b/ssl/ssl_asn1.c
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
+index 04a4a36..d668afa 100644
+--- a/ssl/ssl_cert.c
++++ b/ssl/ssl_cert.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+@@ -127,7 +27,7 @@
+ #include <openssl/x509v3.h>
+ #include <openssl/dh.h>
+ #include <openssl/bn.h>
+-#include "internal/threads.h"
++#include <openssl/crypto.h>
+ #include "ssl_locl.h"
+
+ static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, int op,
+@@ -367,7 +267,6 @@ int ssl_cert_set0_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain)
+ CERT_PKEY *cpk = s ? s->cert->key : ctx->cert->key;
+ if (!cpk)
+ return 0;
+- sk_X509_pop_free(cpk->chain, X509_free);
+ for (i = 0; i < sk_X509_num(chain); i++) {
+ r = ssl_security_cert(s, ctx, sk_X509_value(chain, i), 0, 0);
+ if (r != 1) {
+@@ -375,6 +274,7 @@ int ssl_cert_set0_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain)
+ return 0;
+ }
+ }
++ sk_X509_pop_free(cpk->chain, X509_free);
+ cpk->chain = chain;
+ return 1;
+ }
+@@ -509,7 +409,9 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
+
+ /* Set suite B flags if needed */
+ X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s));
+- X509_STORE_CTX_set_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s);
++ if (!X509_STORE_CTX_set_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s)) {
++ goto end;
++ }
+
+ /* Verify via DANE if enabled */
+ if (DANETLS_ENABLED(&s->dane))
+@@ -836,19 +738,24 @@ static int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
+ unsigned char *p;
+
+ n = i2d_X509(x, NULL);
+- if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
++ if (n < 0 || !BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
+ SSLerr(SSL_F_SSL_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
+ return 0;
+ }
+ p = (unsigned char *)&(buf->data[*l]);
+ l2n3(n, p);
+- i2d_X509(x, &p);
++ n = i2d_X509(x, &p);
++ if (n < 0) {
++ /* Shouldn't happen */
++ SSLerr(SSL_F_SSL_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
++ return 0;
++ }
+ *l += n + 3;
+
+ return 1;
+ }
+
+-/* Add certificate chain to internal SSL BUF_MEM strcuture */
++/* Add certificate chain to internal SSL BUF_MEM structure */
+ int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l)
+ {
+ BUF_MEM *buf = s->init_buf;
+diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
+index d0d9d88..5dbe1d0 100644
+--- a/ssl/ssl_ciph.c
++++ b/ssl/ssl_ciph.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+@@ -140,10 +40,11 @@
+ */
+
+ #include <stdio.h>
++#include <ctype.h>
+ #include <openssl/objects.h>
+ #include <openssl/comp.h>
+ #include <openssl/engine.h>
+-#include "internal/threads.h"
++#include <openssl/crypto.h>
+ #include "ssl_locl.h"
+
+ #define SSL_ENC_DES_IDX 0
+diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
+index fa0e353..7b462aa 100644
+--- a/ssl/ssl_conf.c
++++ b/ssl/ssl_conf.c
+@@ -1,58 +1,10 @@
+ /*
+- * ! \file ssl/ssl_conf.c \brief SSL configuration functions
+- */
+-/* ====================================================================
+- * Copyright (c) 2012 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
+index df98c76..377061b 100644
+--- a/ssl/ssl_err.c
++++ b/ssl/ssl_err.c
+@@ -1,61 +1,11 @@
+-/* ====================================================================
+- * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -78,25 +28,14 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ {ERR_FUNC(SSL_F_DANE_TLSA_ADD), "dane_tlsa_add"},
+ {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "do_dtls1_write"},
+ {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "do_ssl3_write"},
+- {ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF), "DTLS1_ADD_CERT_TO_BUF"},
+ {ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "dtls1_buffer_record"},
+ {ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "dtls1_check_timeout_num"},
+- {ERR_FUNC(SSL_F_DTLS1_ENC), "DTLS1_ENC"},
+- {ERR_FUNC(SSL_F_DTLS1_GET_HELLO_VERIFY), "DTLS1_GET_HELLO_VERIFY"},
+- {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT), "DTLS1_GET_MESSAGE_FRAGMENT"},
+- {ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT), "dtls1_handle_timeout"},
+ {ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "dtls1_heartbeat"},
+ {ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "dtls1_preprocess_fragment"},
+- {ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE),
+- "DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
+ {ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD), "dtls1_process_record"},
+ {ERR_FUNC(SSL_F_DTLS1_READ_BYTES), "dtls1_read_bytes"},
+- {ERR_FUNC(SSL_F_DTLS1_READ_FAILED), "dtls1_read_failed"},
+- {ERR_FUNC(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST),
+- "DTLS1_SEND_CERTIFICATE_REQUEST"},
+- {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),
+- "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
+- {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "dtls1_write_app_data_bytes"},
++ {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES),
++ "dtls1_write_app_data_bytes"},
+ {ERR_FUNC(SSL_F_DTLSV1_LISTEN), "DTLSv1_listen"},
+ {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC),
+ "dtls_construct_change_cipher_spec"},
+@@ -107,24 +46,21 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"},
+ {ERR_FUNC(SSL_F_OPENSSL_INIT_SSL), "OPENSSL_init_ssl"},
+ {ERR_FUNC(SSL_F_READ_STATE_MACHINE), "read_state_machine"},
+- {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
+- {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"},
+ {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "ssl3_change_cipher_state"},
+ {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM),
+ "ssl3_check_cert_and_algorithm"},
+- {ERR_FUNC(SSL_F_SSL3_CHECK_FINISHED), "SSL3_CHECK_FINISHED"},
+ {ERR_FUNC(SSL_F_SSL3_CTRL), "ssl3_ctrl"},
+ {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "ssl3_ctx_ctrl"},
+- {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS), "ssl3_digest_cached_records"},
+- {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC), "ssl3_do_change_cipher_spec"},
++ {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS),
++ "ssl3_digest_cached_records"},
++ {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),
++ "ssl3_do_change_cipher_spec"},
+ {ERR_FUNC(SSL_F_SSL3_FINAL_FINISH_MAC), "ssl3_final_finish_mac"},
+ {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "ssl3_generate_key_block"},
+ {ERR_FUNC(SSL_F_SSL3_GENERATE_MASTER_SECRET),
+ "ssl3_generate_master_secret"},
+ {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "ssl3_get_record"},
+- {ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET), "SSL3_NEW_SESSION_TICKET"},
+ {ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "ssl3_output_cert_chain"},
+- {ERR_FUNC(SSL_F_SSL3_PEEK), "ssl3_peek"},
+ {ERR_FUNC(SSL_F_SSL3_READ_BYTES), "ssl3_read_bytes"},
+ {ERR_FUNC(SSL_F_SSL3_READ_N), "ssl3_read_n"},
+ {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "ssl3_setup_key_block"},
+@@ -132,12 +68,12 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "ssl3_setup_write_buffer"},
+ {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "ssl3_write_bytes"},
+ {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "ssl3_write_pending"},
+- {ERR_FUNC(SSL_F_SSL_ACCEPT), "SSL_accept"},
+ {ERR_FUNC(SSL_F_SSL_ADD_CERT_CHAIN), "ssl_add_cert_chain"},
+ {ERR_FUNC(SSL_F_SSL_ADD_CERT_TO_BUF), "ssl_add_cert_to_buf"},
+ {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT),
+ "ssl_add_clienthello_renegotiate_ext"},
+- {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT), "ssl_add_clienthello_tlsext"},
++ {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT),
++ "ssl_add_clienthello_tlsext"},
+ {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT),
+ "ssl_add_clienthello_use_srtp_ext"},
+ {ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),
+@@ -146,7 +82,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ "SSL_add_file_cert_subjects_to_stack"},
+ {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT),
+ "ssl_add_serverhello_renegotiate_ext"},
+- {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT), "ssl_add_serverhello_tlsext"},
++ {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT),
++ "ssl_add_serverhello_tlsext"},
+ {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT),
+ "ssl_add_serverhello_use_srtp_ext"},
+ {ERR_FUNC(SSL_F_SSL_BAD_METHOD), "ssl_bad_method"},
+@@ -154,7 +91,6 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ {ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "ssl_bytes_to_cipher_list"},
+ {ERR_FUNC(SSL_F_SSL_CERT_ADD0_CHAIN_CERT), "ssl_cert_add0_chain_cert"},
+ {ERR_FUNC(SSL_F_SSL_CERT_DUP), "ssl_cert_dup"},
+- {ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE), "SSL_CERT_INSTANTIATE"},
+ {ERR_FUNC(SSL_F_SSL_CERT_NEW), "ssl_cert_new"},
+ {ERR_FUNC(SSL_F_SSL_CERT_SET0_CHAIN), "ssl_cert_set0_chain"},
+ {ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
+@@ -162,7 +98,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ "ssl_check_serverhello_tlsext"},
+ {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG),
+ "ssl_check_srvr_ecc_cert_and_alg"},
+- {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR), "ssl_cipher_process_rulestr"},
++ {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),
++ "ssl_cipher_process_rulestr"},
+ {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "ssl_cipher_strength_sort"},
+ {ERR_FUNC(SSL_F_SSL_CLEAR), "SSL_clear"},
+ {ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD),
+@@ -180,11 +117,9 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ "SSL_CTX_set_client_cert_engine"},
+ {ERR_FUNC(SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK),
+ "SSL_CTX_set_ct_validation_callback"},
+- {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"},
+ {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT),
+ "SSL_CTX_set_session_id_context"},
+ {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
+- {ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST), "SSL_CTX_set_trust"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE), "SSL_CTX_use_certificate"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1),
+ "SSL_CTX_use_certificate_ASN1"},
+@@ -205,16 +140,14 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO), "SSL_CTX_use_serverinfo"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO_FILE),
+ "SSL_CTX_use_serverinfo_file"},
++ {ERR_FUNC(SSL_F_SSL_DANE_DUP), "ssl_dane_dup"},
+ {ERR_FUNC(SSL_F_SSL_DANE_ENABLE), "SSL_dane_enable"},
+ {ERR_FUNC(SSL_F_SSL_DO_CONFIG), "ssl_do_config"},
+ {ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
+ {ERR_FUNC(SSL_F_SSL_ENABLE_CT), "SSL_enable_ct"},
+- {ERR_FUNC(SSL_F_SSL_GET0_PEER_SCTS), "SSL_get0_peer_scts"},
+ {ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "ssl_get_new_session"},
+ {ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "ssl_get_prev_session"},
+ {ERR_FUNC(SSL_F_SSL_GET_SERVER_CERT_INDEX), "ssl_get_server_cert_index"},
+- {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"},
+- {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_PKEY), "ssl_get_server_send_pkey"},
+ {ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "ssl_get_sign_pkey"},
+ {ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "ssl_init_wbio_buffer"},
+ {ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
+@@ -233,10 +166,6 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT),
+ "ssl_parse_serverhello_use_srtp_ext"},
+ {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
+- {ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT),
+- "ssl_prepare_clienthello_tlsext"},
+- {ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT),
+- "ssl_prepare_serverhello_tlsext"},
+ {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
+ {ERR_FUNC(SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT),
+ "ssl_scan_clienthello_tlsext"},
+@@ -254,18 +183,16 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ "SSL_set_ct_validation_callback"},
+ {ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"},
+ {ERR_FUNC(SSL_F_SSL_SET_PKEY), "ssl_set_pkey"},
+- {ERR_FUNC(SSL_F_SSL_SET_PURPOSE), "SSL_set_purpose"},
+ {ERR_FUNC(SSL_F_SSL_SET_RFD), "SSL_set_rfd"},
+ {ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
+- {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT), "SSL_set_session_id_context"},
+- {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT), "SSL_set_session_ticket_ext"},
+- {ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
++ {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),
++ "SSL_set_session_id_context"},
++ {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),
++ "SSL_set_session_ticket_ext"},
+ {ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
+ {ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
+ {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
+ {ERR_FUNC(SSL_F_SSL_START_ASYNC_JOB), "ssl_start_async_job"},
+- {ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION),
+- "ssl_undefined_const_function"},
+ {ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "ssl_undefined_function"},
+ {ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION),
+ "ssl_undefined_void_function"},
+@@ -277,8 +204,10 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
+ {ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT), "SSL_use_psk_identity_hint"},
+ {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
+- {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1), "SSL_use_RSAPrivateKey_ASN1"},
+- {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE), "SSL_use_RSAPrivateKey_file"},
++ {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),
++ "SSL_use_RSAPrivateKey_ASN1"},
++ {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE),
++ "SSL_use_RSAPrivateKey_file"},
+ {ERR_FUNC(SSL_F_SSL_VALIDATE_CT), "ssl_validate_ct"},
+ {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "ssl_verify_cert_chain"},
+ {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
+@@ -287,16 +216,10 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "tls1_change_cipher_state"},
+ {ERR_FUNC(SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS),
+ "tls1_check_duplicate_extensions"},
+- {ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT),
+- "TLS1_CHECK_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_TLS1_ENC), "tls1_enc"},
+ {ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL),
+ "tls1_export_keying_material"},
+ {ERR_FUNC(SSL_F_TLS1_GET_CURVELIST), "tls1_get_curvelist"},
+- {ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT),
+- "TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
+- {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT),
+- "TLS1_PREPARE_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_PRF"},
+ {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "tls1_setup_key_block"},
+ {ERR_FUNC(SSL_F_TLS1_SET_SERVER_SIGALGS), "tls1_set_server_sigalgs"},
+@@ -306,7 +229,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ "tls_construct_certificate_request"},
+ {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE),
+ "tls_construct_client_certificate"},
+- {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO), "tls_construct_client_hello"},
++ {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO),
++ "tls_construct_client_hello"},
+ {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE),
+ "tls_construct_client_key_exchange"},
+ {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY),
+@@ -317,7 +241,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE),
+ "tls_construct_server_certificate"},
+ {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_DONE), "tls_construct_server_done"},
+- {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_HELLO), "tls_construct_server_hello"},
++ {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_HELLO),
++ "tls_construct_server_hello"},
+ {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE),
+ "tls_construct_server_key_exchange"},
+ {ERR_FUNC(SSL_F_TLS_GET_MESSAGE_BODY), "tls_get_message_body"},
+@@ -348,7 +273,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
+ "tls_process_server_certificate"},
+ {ERR_FUNC(SSL_F_TLS_PROCESS_SERVER_DONE), "tls_process_server_done"},
+ {ERR_FUNC(SSL_F_TLS_PROCESS_SERVER_HELLO), "tls_process_server_hello"},
+- {ERR_FUNC(SSL_F_USE_CERTIFICATE_CHAIN_FILE), "use_certificate_chain_file"},
++ {ERR_FUNC(SSL_F_USE_CERTIFICATE_CHAIN_FILE),
++ "use_certificate_chain_file"},
+ {0, NULL}
+ };
+
+@@ -360,46 +286,25 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ "at least TLS 1.0 needed in FIPS mode"},
+ {ERR_REASON(SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE),
+ "at least (D)TLS 1.2 needed in Suite B mode"},
+- {ERR_REASON(SSL_R_BAD_ALERT_RECORD), "bad alert record"},
+ {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
+ {ERR_REASON(SSL_R_BAD_DATA), "bad data"},
+ {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),
+ "bad data returned by callback"},
+ {ERR_REASON(SSL_R_BAD_DECOMPRESSION), "bad decompression"},
+- {ERR_REASON(SSL_R_BAD_DH_G_LENGTH), "bad dh g length"},
+- {ERR_REASON(SSL_R_BAD_DH_G_VALUE), "bad dh g value"},
+- {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH), "bad dh pub key length"},
+- {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_VALUE), "bad dh pub key value"},
+- {ERR_REASON(SSL_R_BAD_DH_P_LENGTH), "bad dh p length"},
+- {ERR_REASON(SSL_R_BAD_DH_P_VALUE), "bad dh p value"},
+ {ERR_REASON(SSL_R_BAD_DH_VALUE), "bad dh value"},
+ {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
+- {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE), "bad dsa signature"},
+ {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},
+- {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE), "bad ecdsa signature"},
+ {ERR_REASON(SSL_R_BAD_ECPOINT), "bad ecpoint"},
+ {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH), "bad handshake length"},
+ {ERR_REASON(SSL_R_BAD_HELLO_REQUEST), "bad hello request"},
+ {ERR_REASON(SSL_R_BAD_LENGTH), "bad length"},
+- {ERR_REASON(SSL_R_BAD_MAC_LENGTH), "bad mac length"},
+- {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE), "bad message type"},
+ {ERR_REASON(SSL_R_BAD_PACKET_LENGTH), "bad packet length"},
+ {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),
+ "bad protocol version number"},
+- {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH),
+- "bad psk identity hint length"},
+- {ERR_REASON(SSL_R_BAD_RSA_DECRYPT), "bad rsa decrypt"},
+ {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT), "bad rsa encrypt"},
+- {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH), "bad rsa e length"},
+- {ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
+- {ERR_REASON(SSL_R_BAD_RSA_SIGNATURE), "bad rsa signature"},
+ {ERR_REASON(SSL_R_BAD_SIGNATURE), "bad signature"},
+ {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH), "bad srp a length"},
+- {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH), "bad srp b length"},
+- {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH), "bad srp g length"},
+- {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH), "bad srp n length"},
+ {ERR_REASON(SSL_R_BAD_SRP_PARAMETERS), "bad srp parameters"},
+- {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH), "bad srp s length"},
+ {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE), "bad srtp mki value"},
+ {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),
+ "bad srtp protection profile list"},
+@@ -407,14 +312,15 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_BAD_VALUE), "bad value"},
+ {ERR_REASON(SSL_R_BAD_WRITE_RETRY), "bad write retry"},
+ {ERR_REASON(SSL_R_BIO_NOT_SET), "bio not set"},
+- {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG), "block cipher pad is wrong"},
++ {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),
++ "block cipher pad is wrong"},
+ {ERR_REASON(SSL_R_BN_LIB), "bn lib"},
+ {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH), "ca dn length mismatch"},
+- {ERR_REASON(SSL_R_CA_DN_TOO_LONG), "ca dn too long"},
+ {ERR_REASON(SSL_R_CA_KEY_TOO_SMALL), "ca key too small"},
+ {ERR_REASON(SSL_R_CA_MD_TOO_WEAK), "ca md too weak"},
+ {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY), "ccs received early"},
+- {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED), "certificate verify failed"},
++ {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),
++ "certificate verify failed"},
+ {ERR_REASON(SSL_R_CERT_CB_ERROR), "cert cb error"},
+ {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH), "cert length mismatch"},
+ {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
+@@ -427,7 +333,8 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_COMPRESSION_FAILURE), "compression failure"},
+ {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),
+ "compression id not within private range"},
+- {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR), "compression library error"},
++ {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),
++ "compression library error"},
+ {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
+ {ERR_REASON(SSL_R_CONTEXT_NOT_DANE_ENABLED), "context not dane enabled"},
+ {ERR_REASON(SSL_R_COOKIE_GEN_CALLBACK_FAILURE),
+@@ -439,10 +346,12 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL),
+ "dane cannot override mtype full"},
+ {ERR_REASON(SSL_R_DANE_NOT_ENABLED), "dane not enabled"},
+- {ERR_REASON(SSL_R_DANE_TLSA_BAD_CERTIFICATE), "dane tlsa bad certificate"},
++ {ERR_REASON(SSL_R_DANE_TLSA_BAD_CERTIFICATE),
++ "dane tlsa bad certificate"},
+ {ERR_REASON(SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE),
+ "dane tlsa bad certificate usage"},
+- {ERR_REASON(SSL_R_DANE_TLSA_BAD_DATA_LENGTH), "dane tlsa bad data length"},
++ {ERR_REASON(SSL_R_DANE_TLSA_BAD_DATA_LENGTH),
++ "dane tlsa bad data length"},
+ {ERR_REASON(SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH),
+ "dane tlsa bad digest length"},
+ {ERR_REASON(SSL_R_DANE_TLSA_BAD_MATCHING_TYPE),
+@@ -462,21 +371,14 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED), "digest check failed"},
+ {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG), "dtls message too big"},
+ {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
+- {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT),
+- "ecc cert not for key agreement"},
+ {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
+- {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE),
+- "ecc cert should have rsa signature"},
+- {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE),
+- "ecc cert should have sha1 signature"},
+ {ERR_REASON(SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE),
+ "ecdh required for suiteb mode"},
+- {ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER),
+- "ecgroup too large for cipher"},
+ {ERR_REASON(SSL_R_EE_KEY_TOO_SMALL), "ee key too small"},
+ {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST),
+ "empty srtp protection profile list"},
+- {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG), "encrypted length too long"},
++ {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),
++ "encrypted length too long"},
+ {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),
+ "error in received cipher list"},
+ {ERR_REASON(SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN),
+@@ -486,10 +388,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_FAILED_TO_INIT_ASYNC), "failed to init async"},
+ {ERR_REASON(SSL_R_FRAGMENTED_CLIENT_HELLO), "fragmented client hello"},
+ {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
+- {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS),
+- "got next proto before a ccs"},
+- {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION),
+- "got next proto without seeing extension"},
+ {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST), "https proxy request"},
+ {ERR_REASON(SSL_R_HTTP_REQUEST), "http request"},
+ {ERR_REASON(SSL_R_ILLEGAL_SUITEB_DIGEST), "illegal Suite B digest"},
+@@ -504,24 +402,18 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_INVALID_CT_VALIDATION_TYPE),
+ "invalid ct validation type"},
+ {ERR_REASON(SSL_R_INVALID_NULL_CMD_NAME), "invalid null cmd name"},
+- {ERR_REASON(SSL_R_INVALID_PURPOSE), "invalid purpose"},
+ {ERR_REASON(SSL_R_INVALID_SEQUENCE_NUMBER), "invalid sequence number"},
+ {ERR_REASON(SSL_R_INVALID_SERVERINFO_DATA), "invalid serverinfo data"},
+ {ERR_REASON(SSL_R_INVALID_SRP_USERNAME), "invalid srp username"},
+ {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
+ {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),
+ "invalid ticket keys length"},
+- {ERR_REASON(SSL_R_INVALID_TRUST), "invalid trust"},
+ {ERR_REASON(SSL_R_LENGTH_MISMATCH), "length mismatch"},
+ {ERR_REASON(SSL_R_LENGTH_TOO_LONG), "length too long"},
+ {ERR_REASON(SSL_R_LENGTH_TOO_SHORT), "length too short"},
+ {ERR_REASON(SSL_R_LIBRARY_BUG), "library bug"},
+ {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
+- {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT), "missing dh dsa cert"},
+- {ERR_REASON(SSL_R_MISSING_DH_KEY), "missing dh key"},
+- {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT), "missing dh rsa cert"},
+ {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
+- {ERR_REASON(SSL_R_MISSING_ECDH_CERT), "missing ecdh cert"},
+ {ERR_REASON(SSL_R_MISSING_ECDSA_SIGNING_CERT),
+ "missing ecdsa signing cert"},
+ {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
+@@ -531,18 +423,13 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_MISSING_SRP_PARAM), "can't find SRP server param"},
+ {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"},
+ {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY), "missing tmp ecdh key"},
+- {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"},
+- {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS), "multiple sgc restarts"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
+- {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATE_SET), "no certificate set"},
+ {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE), "no ciphers available"},
+- {ERR_REASON(SSL_R_NO_CIPHERS_PASSED), "no ciphers passed"},
+ {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED), "no ciphers specified"},
+ {ERR_REASON(SSL_R_NO_CIPHER_MATCH), "no cipher match"},
+ {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD), "no client cert method"},
+- {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
+ {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
+ {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
+ "Peer haven't sent GOST certificate, required for selected ciphersuite"},
+@@ -557,15 +444,14 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ "no shared sigature algorithms"},
+ {ERR_REASON(SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
+ {ERR_REASON(SSL_R_NO_VALID_SCTS), "no valid scts"},
+- {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK), "no verify callback"},
+- {ERR_REASON(SSL_R_NO_VERIFY_COOKIE_CALLBACK), "no verify cookie callback"},
++ {ERR_REASON(SSL_R_NO_VERIFY_COOKIE_CALLBACK),
++ "no verify cookie callback"},
+ {ERR_REASON(SSL_R_NULL_SSL_CTX), "null ssl ctx"},
+ {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
+ {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
+ "old session cipher not returned"},
+ {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
+ "old session compression algorithm not returned"},
+- {ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG), "opaque prf input too long"},
+ {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
+ {ERR_REASON(SSL_R_PARSE_TLSEXT), "parse tlsext"},
+ {ERR_REASON(SSL_R_PATH_TOO_LONG), "path too long"},
+@@ -574,7 +460,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_PEM_NAME_BAD_PREFIX), "pem name bad prefix"},
+ {ERR_REASON(SSL_R_PEM_NAME_TOO_SHORT), "pem name too short"},
+ {ERR_REASON(SSL_R_PIPELINE_FAILURE), "pipeline failure"},
+- {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"},
+ {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN), "protocol is shutdown"},
+ {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
+ {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB), "psk no client cb"},
+@@ -582,22 +467,20 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_READ_BIO_NOT_SET), "read bio not set"},
+ {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED), "read timeout expired"},
+ {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
+- {ERR_REASON(SSL_R_RECORD_TOO_LARGE), "record too large"},
+ {ERR_REASON(SSL_R_RECORD_TOO_SMALL), "record too small"},
+ {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
+ {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR),
+ "renegotiation encoding err"},
+ {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
+ {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
+- {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING),
+- "required compresssion algorithm missing"},
++ {ERR_REASON(SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING),
++ "required compression algorithm missing"},
+ {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),
+ "scsv received when renegotiating"},
+ {ERR_REASON(SSL_R_SCT_VERIFICATION_FAILED), "sct verification failed"},
+ {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT), "serverhello tlsext"},
+ {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),
+ "session id context uninitialized"},
+- {ERR_REASON(SSL_R_SET_FAILED), "set failed"},
+ {ERR_REASON(SSL_R_SHUTDOWN_WHILE_IN_INIT), "shutdown while in init"},
+ {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR),
+ "signature algorithms error"},
+@@ -610,15 +493,13 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ "srtp protection profile list too long"},
+ {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),
+ "srtp unknown protection profile"},
+- {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),
+- "ssl3 ext invalid ecpointformat"},
+ {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),
+ "ssl3 ext invalid servername"},
+ {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),
+ "ssl3 ext invalid servername type"},
+ {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
+- {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT), "ssl3 session id too short"},
+- {ERR_REASON(SSL_R_SSL_COMMAND_SECTION_EMPTY), "ssl command section empty"},
++ {ERR_REASON(SSL_R_SSL_COMMAND_SECTION_EMPTY),
++ "ssl command section empty"},
+ {ERR_REASON(SSL_R_SSL_COMMAND_SECTION_NOT_FOUND),
+ "ssl command section not found"},
+ {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),
+@@ -638,8 +519,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ "ssl session id has bad length"},
+ {ERR_REASON(SSL_R_SSL_SESSION_VERSION_MISMATCH),
+ "ssl session version mismatch"},
+- {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),
+- "tls client cert req with anon cipher"},
+ {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),
+ "peer does not accept heartbeats"},
+ {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING),
+@@ -648,20 +527,10 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ "tls illegal exporter label"},
+ {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
+ "tls invalid ecpointformat list"},
+- {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),
+- "tls peer did not respond with certificate list"},
+- {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),
+- "tls rsa encrypted value length is wrong"},
+- {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS), "unable to decode dh certs"},
+- {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),
+- "unable to decode ecdh certs"},
+- {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS),
+- "unable to find dh parameters"},
+ {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
+ "unable to find ecdh parameters"},
+ {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
+ "unable to find public key parameters"},
+- {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD), "unable to find ssl method"},
+ {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),
+ "unable to load ssl3 md5 routines"},
+ {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),
+@@ -676,18 +545,16 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_UNKNOWN_CMD_NAME), "unknown cmd name"},
+ {ERR_REASON(SSL_R_UNKNOWN_COMMAND), "unknown command"},
+ {ERR_REASON(SSL_R_UNKNOWN_DIGEST), "unknown digest"},
+- {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE), "unknown key exchange type"},
++ {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),
++ "unknown key exchange type"},
+ {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE), "unknown pkey type"},
+ {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL), "unknown protocol"},
+- {ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE), "unknown remote error type"},
+ {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION), "unknown ssl version"},
+ {ERR_REASON(SSL_R_UNKNOWN_STATE), "unknown state"},
+ {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),
+ "unsafe legacy renegotiation disabled"},
+- {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
+ "unsupported compression algorithm"},
+- {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),
+ "unsupported elliptic curve"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL), "unsupported protocol"},
+@@ -699,7 +566,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ {ERR_REASON(SSL_R_WRONG_CERTIFICATE_TYPE), "wrong certificate type"},
+ {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED), "wrong cipher returned"},
+ {ERR_REASON(SSL_R_WRONG_CURVE), "wrong curve"},
+- {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE), "wrong message type"},
+ {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
+ {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE), "wrong signature size"},
+ {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE), "wrong signature type"},
+diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c
+index 546f5d2..66525de 100644
+--- a/ssl/ssl_init.c
++++ b/ssl/ssl_init.c
+@@ -1,63 +1,14 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "e_os.h"
+
+-#include "internal/threads.h"
+ #include "internal/err.h"
+ #include <openssl/crypto.h>
+ #include <openssl/evp.h>
+diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
+index 06d9723..83ad9ef 100644
+--- a/ssl/ssl_lib.c
++++ b/ssl/ssl_lib.c
+@@ -1,115 +1,12 @@
+ /*
+- * ! \file ssl/ssl_lib.c \brief Version independent SSL functions.
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+@@ -215,6 +112,7 @@ static int dane_ctx_enable(struct dane_ctx_st *dctx)
+ mdord = OPENSSL_zalloc(n * sizeof(*mdord));
+
+ if (mdord == NULL || mdevp == NULL) {
++ OPENSSL_free(mdord);
+ OPENSSL_free(mdevp);
+ SSLerr(SSL_F_DANE_CTX_ENABLE, ERR_R_MALLOC_FAILURE);
+ return 0;
+@@ -284,10 +182,18 @@ static int ssl_dane_dup(SSL *to, SSL *from)
+ return 1;
+
+ dane_final(&to->dane);
++ to->dane.dctx = &to->ctx->dane;
++ to->dane.trecs = sk_danetls_record_new_null();
++
++ if (to->dane.trecs == NULL) {
++ SSLerr(SSL_F_SSL_DANE_DUP, ERR_R_MALLOC_FAILURE);
++ return 0;
++ }
+
+ num = sk_danetls_record_num(from->dane.trecs);
+ for (i = 0; i < num; ++i) {
+ danetls_record *t = sk_danetls_record_value(from->dane.trecs, i);
++
+ if (SSL_dane_tlsa_add(to, t->usage, t->selector, t->mtype,
+ t->data, t->dlen) <= 0)
+ return 0;
+@@ -363,6 +269,7 @@ static int dane_tlsa_add(
+ const EVP_MD *md = NULL;
+ int ilen = (int)dlen;
+ int i;
++ int num;
+
+ if (dane->trecs == NULL) {
+ SSLerr(SSL_F_DANE_TLSA_ADD, SSL_R_DANE_NOT_ENABLED);
+@@ -495,8 +402,10 @@ static int dane_tlsa_add(
+ * The choice of order for the selector is not significant, so we
+ * use the same descending order for consistency.
+ */
+- for (i = 0; i < sk_danetls_record_num(dane->trecs); ++i) {
++ num = sk_danetls_record_num(dane->trecs);
++ for (i = 0; i < num; ++i) {
+ danetls_record *rec = sk_danetls_record_value(dane->trecs, i);
++
+ if (rec->usage > usage)
+ continue;
+ if (rec->usage < usage)
+@@ -681,7 +590,7 @@ SSL *SSL_new(SSL_CTX *ctx)
+ s->tlsext_debug_cb = 0;
+ s->tlsext_debug_arg = NULL;
+ s->tlsext_ticket_expected = 0;
+- s->tlsext_status_type = -1;
++ s->tlsext_status_type = ctx->tlsext_status_type;
+ s->tlsext_status_expected = 0;
+ s->tlsext_ocsp_ids = NULL;
+ s->tlsext_ocsp_exts = NULL;
+@@ -739,7 +648,8 @@ SSL *SSL_new(SSL_CTX *ctx)
+ if (!SSL_clear(s))
+ goto err;
+
+- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
++ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data))
++ goto err;
+
+ #ifndef OPENSSL_NO_PSK
+ s->psk_client_callback = ctx->psk_client_callback;
+@@ -761,10 +671,16 @@ SSL *SSL_new(SSL_CTX *ctx)
+ return NULL;
+ }
+
+-void SSL_up_ref(SSL *s)
++int SSL_up_ref(SSL *s)
+ {
+ int i;
+- CRYPTO_atomic_add(&s->references, 1, &i, s->lock);
++
++ if (CRYPTO_atomic_add(&s->references, 1, &i, s->lock) <= 0)
++ return 0;
++
++ REF_PRINT_COUNT("SSL", s);
++ REF_ASSERT_ISNT(i < 2);
++ return ((i > 1) ? 1 : 0);
+ }
+
+ int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
+@@ -900,9 +816,9 @@ int SSL_dane_enable(SSL *s, const char *basedomain)
+ * invalid input, set the SNI name first.
+ */
+ if (s->tlsext_hostname == NULL) {
+- if (!SSL_set_tlsext_host_name(s, basedomain)) {
++ if (!SSL_set_tlsext_host_name(s, basedomain)) {
+ SSLerr(SSL_F_SSL_DANE_ENABLE, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN);
+- return -1;
++ return -1;
+ }
+ }
+
+@@ -1503,6 +1419,9 @@ static int ssl_start_async_job(SSL *s, struct ssl_async_args *args,
+ case ASYNC_PAUSE:
+ s->rwstate = SSL_ASYNC_PAUSED;
+ return -1;
++ case ASYNC_NO_JOBS:
++ s->rwstate = SSL_ASYNC_NO_JOBS;
++ return -1;
+ case ASYNC_FINISH:
+ s->job = NULL;
+ return ret;
+@@ -1743,8 +1662,8 @@ long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
+ }
+ case SSL_CTRL_GET_EXTMS_SUPPORT:
+ if (!s->session || SSL_in_init(s) || ossl_statem_get_in_handshake(s))
+- return -1;
+- if (s->session->flags & SSL_SESS_FLAG_EXTMS)
++ return -1;
++ if (s->session->flags & SSL_SESS_FLAG_EXTMS)
+ return 1;
+ else
+ return 0;
+@@ -1862,7 +1781,7 @@ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+ return 0;
+ ctx->max_send_fragment = larg;
+ if (ctx->max_send_fragment < ctx->split_send_fragment)
+- ctx->split_send_fragment = ctx->split_send_fragment;
++ ctx->split_send_fragment = ctx->max_send_fragment;
+ return 1;
+ case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT:
+ if ((unsigned int)larg > ctx->max_send_fragment || larg == 0)
+@@ -2429,7 +2348,8 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
+ if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
+ goto err;
+
+- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
++ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data))
++ goto err;
+
+ /* No compression for DTLS */
+ if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS))
+@@ -2438,10 +2358,10 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
+ ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
+ ret->split_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
+
+- /* Setup RFC4507 ticket keys */
+- if ((RAND_bytes(ret->tlsext_tick_key_name, 16) <= 0)
+- || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
+- || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
++ /* Setup RFC5077 ticket keys */
++ if ((RAND_bytes(ret->tlsext_tick_key_name, sizeof(ret->tlsext_tick_key_name)) <= 0)
++ || (RAND_bytes(ret->tlsext_tick_hmac_key, sizeof(ret->tlsext_tick_hmac_key)) <= 0)
++ || (RAND_bytes(ret->tlsext_tick_aes_key, sizeof(ret->tlsext_tick_aes_key)) <= 0))
+ ret->options |= SSL_OP_NO_TICKET;
+
+ #ifndef OPENSSL_NO_SRP
+@@ -2479,6 +2399,8 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
+ */
+ ret->options |= SSL_OP_NO_COMPRESSION;
+
++ ret->tlsext_status_type = -1;
++
+ return ret;
+ err:
+ SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
+@@ -2487,10 +2409,16 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
+ return NULL;
+ }
+
+-void SSL_CTX_up_ref(SSL_CTX *ctx)
++int SSL_CTX_up_ref(SSL_CTX *ctx)
+ {
+ int i;
+- CRYPTO_atomic_add(&ctx->references, 1, &i, ctx->lock);
++
++ if (CRYPTO_atomic_add(&ctx->references, 1, &i, ctx->lock) <= 0)
++ return 0;
++
++ REF_PRINT_COUNT("SSL_CTX", ctx);
++ REF_ASSERT_ISNT(i < 2);
++ return ((i > 1) ? 1 : 0);
+ }
+
+ void SSL_CTX_free(SSL_CTX *a)
+@@ -2925,56 +2853,61 @@ int SSL_get_error(const SSL *s, int i)
+ return (SSL_ERROR_SSL);
+ }
+
+- if ((i < 0) && SSL_want_read(s)) {
+- bio = SSL_get_rbio(s);
+- if (BIO_should_read(bio))
+- return (SSL_ERROR_WANT_READ);
+- else if (BIO_should_write(bio))
+- /*
+- * This one doesn't make too much sense ... We never try to write
+- * to the rbio, and an application program where rbio and wbio
+- * are separate couldn't even know what it should wait for.
+- * However if we ever set s->rwstate incorrectly (so that we have
+- * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
+- * wbio *are* the same, this test works around that bug; so it
+- * might be safer to keep it.
+- */
+- return (SSL_ERROR_WANT_WRITE);
+- else if (BIO_should_io_special(bio)) {
+- reason = BIO_get_retry_reason(bio);
+- if (reason == BIO_RR_CONNECT)
+- return (SSL_ERROR_WANT_CONNECT);
+- else if (reason == BIO_RR_ACCEPT)
+- return (SSL_ERROR_WANT_ACCEPT);
+- else
+- return (SSL_ERROR_SYSCALL); /* unknown */
++ if (i < 0) {
++ if (SSL_want_read(s)) {
++ bio = SSL_get_rbio(s);
++ if (BIO_should_read(bio))
++ return (SSL_ERROR_WANT_READ);
++ else if (BIO_should_write(bio))
++ /*
++ * This one doesn't make too much sense ... We never try to write
++ * to the rbio, and an application program where rbio and wbio
++ * are separate couldn't even know what it should wait for.
++ * However if we ever set s->rwstate incorrectly (so that we have
++ * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
++ * wbio *are* the same, this test works around that bug; so it
++ * might be safer to keep it.
++ */
++ return (SSL_ERROR_WANT_WRITE);
++ else if (BIO_should_io_special(bio)) {
++ reason = BIO_get_retry_reason(bio);
++ if (reason == BIO_RR_CONNECT)
++ return (SSL_ERROR_WANT_CONNECT);
++ else if (reason == BIO_RR_ACCEPT)
++ return (SSL_ERROR_WANT_ACCEPT);
++ else
++ return (SSL_ERROR_SYSCALL); /* unknown */
++ }
+ }
+- }
+
+- if ((i < 0) && SSL_want_write(s)) {
+- bio = SSL_get_wbio(s);
+- if (BIO_should_write(bio))
+- return (SSL_ERROR_WANT_WRITE);
+- else if (BIO_should_read(bio))
+- /*
+- * See above (SSL_want_read(s) with BIO_should_write(bio))
+- */
+- return (SSL_ERROR_WANT_READ);
+- else if (BIO_should_io_special(bio)) {
+- reason = BIO_get_retry_reason(bio);
+- if (reason == BIO_RR_CONNECT)
+- return (SSL_ERROR_WANT_CONNECT);
+- else if (reason == BIO_RR_ACCEPT)
+- return (SSL_ERROR_WANT_ACCEPT);
+- else
+- return (SSL_ERROR_SYSCALL);
++ if (SSL_want_write(s)) {
++ bio = SSL_get_wbio(s);
++ if (BIO_should_write(bio))
++ return (SSL_ERROR_WANT_WRITE);
++ else if (BIO_should_read(bio))
++ /*
++ * See above (SSL_want_read(s) with BIO_should_write(bio))
++ */
++ return (SSL_ERROR_WANT_READ);
++ else if (BIO_should_io_special(bio)) {
++ reason = BIO_get_retry_reason(bio);
++ if (reason == BIO_RR_CONNECT)
++ return (SSL_ERROR_WANT_CONNECT);
++ else if (reason == BIO_RR_ACCEPT)
++ return (SSL_ERROR_WANT_ACCEPT);
++ else
++ return (SSL_ERROR_SYSCALL);
++ }
++ }
++ if (SSL_want_x509_lookup(s)) {
++ return (SSL_ERROR_WANT_X509_LOOKUP);
++ }
++ if (SSL_want_async(s)) {
++ return SSL_ERROR_WANT_ASYNC;
++ }
++ if (SSL_want_async_job(s)) {
++ return SSL_ERROR_WANT_ASYNC_JOB;
+ }
+- }
+- if ((i < 0) && SSL_want_x509_lookup(s)) {
+- return (SSL_ERROR_WANT_X509_LOOKUP);
+- }
+- if ((i < 0) && SSL_want_async(s)) {
+- return SSL_ERROR_WANT_ASYNC;
+ }
+
+ if (i == 0) {
+@@ -3135,7 +3068,8 @@ SSL *SSL_dup(SSL *s)
+ goto err;
+ }
+
+- ssl_dane_dup(ret, s);
++ if (!ssl_dane_dup(ret, s))
++ goto err;
+ ret->version = s->version;
+ ret->options = s->options;
+ ret->mode = s->mode;
+@@ -3286,34 +3220,27 @@ const COMP_METHOD *SSL_get_current_expansion(SSL *s)
+ #endif
+ }
+
+-int ssl_init_wbio_buffer(SSL *s, int push)
++int ssl_init_wbio_buffer(SSL *s)
+ {
+ BIO *bbio;
+
+ if (s->bbio == NULL) {
+ bbio = BIO_new(BIO_f_buffer());
+ if (bbio == NULL)
+- return (0);
++ return 0;
+ s->bbio = bbio;
++ s->wbio = BIO_push(bbio, s->wbio);
+ } else {
+ bbio = s->bbio;
+- if (s->bbio == s->wbio)
+- s->wbio = BIO_pop(s->wbio);
++ (void)BIO_reset(bbio);
+ }
+- (void)BIO_reset(bbio);
+-/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
++
+ if (!BIO_set_read_buffer_size(bbio, 1)) {
+ SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
+- return (0);
+- }
+- if (push) {
+- if (s->wbio != bbio)
+- s->wbio = BIO_push(bbio, s->wbio);
+- } else {
+- if (s->wbio == bbio)
+- s->wbio = BIO_pop(bbio);
++ return 0;
+ }
+- return (1);
++
++ return 1;
+ }
+
+ void ssl_free_wbio_buffer(SSL *s)
+@@ -3358,17 +3285,22 @@ void SSL_set_shutdown(SSL *s, int mode)
+
+ int SSL_get_shutdown(const SSL *s)
+ {
+- return (s->shutdown);
++ return s->shutdown;
+ }
+
+ int SSL_version(const SSL *s)
+ {
+- return (s->version);
++ return s->version;
++}
++
++int SSL_client_version(const SSL *s)
++{
++ return s->client_version;
+ }
+
+ SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
+ {
+- return (ssl->ctx);
++ return ssl->ctx;
+ }
+
+ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
+@@ -3709,7 +3641,7 @@ void SSL_set_not_resumable_session_callback(SSL *ssl,
+
+ /*
+ * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
+- * vairable, freeing EVP_MD_CTX previously stored in that variable, if any.
++ * variable, freeing EVP_MD_CTX previously stored in that variable, if any.
+ * If EVP_MD pointer is passed, initializes ctx with this md Returns newly
+ * allocated ctx;
+ */
+@@ -4195,6 +4127,23 @@ int ssl_validate_ct(SSL *s)
+
+ end:
+ CT_POLICY_EVAL_CTX_free(ctx);
++ /*
++ * With SSL_VERIFY_NONE the session may be cached and re-used despite a
++ * failure return code here. Also the application may wish the complete
++ * the handshake, and then disconnect cleanly at a higher layer, after
++ * checking the verification status of the completed connection.
++ *
++ * We therefore force a certificate verification failure which will be
++ * visible via SSL_get_verify_result() and cached as part of any resumed
++ * session.
++ *
++ * Note: the permissive callback is for information gathering only, always
++ * returns success, and does not affect verification status. Only the
++ * strict callback or a custom application-specified callback can trigger
++ * connection failure or record a verification error.
++ */
++ if (ret <= 0)
++ s->verify_result = X509_V_ERR_NO_VALID_SCTS;
+ return ret;
+ }
+
+diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
+index 50e0d39..243535f 100644
+--- a/ssl/ssl_locl.h
++++ b/ssl/ssl_locl.h
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+@@ -147,6 +47,9 @@
+ # include <errno.h>
+
+ # include "e_os.h"
++# if defined(__unix) || defined(__unix__)
++# include <sys/time.h> /* struct timeval for DTLS */
++# endif
+
+ # include <openssl/buffer.h>
+ # include <openssl/comp.h>
+@@ -453,12 +356,14 @@
+ # define SSL_CLIENT_USE_TLS1_2_CIPHERS(s) \
+ ((!SSL_IS_DTLS(s) && s->client_version >= TLS1_2_VERSION) || \
+ (SSL_IS_DTLS(s) && DTLS_VERSION_GE(s->client_version, DTLS1_2_VERSION)))
++/*
++ * Determine if a client should send signature algorithms extension:
++ * as with TLS1.2 cipher we can't rely on method flags.
++ */
++# define SSL_CLIENT_USE_SIGALGS(s) \
++ SSL_CLIENT_USE_TLS1_2_CIPHERS(s)
+
+-# ifdef TLSEXT_TYPE_encrypt_then_mac
+ # define SSL_USE_ETM(s) (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC)
+-# else
+-# define SSL_USE_ETM(s) (0)
+-# endif
+
+ /* Mostly for SSLv3 */
+ # define SSL_PKEY_RSA_ENC 0
+@@ -677,6 +582,8 @@ DEFINE_LHASH_OF(SSL_SESSION);
+ /* Needed in ssl_cert.c */
+ DEFINE_LHASH_OF(X509_NAME);
+
++#define TLSEXT_KEYNAME_LENGTH 16
++
+ struct ssl_ctx_st {
+ const SSL_METHOD *method;
+ STACK_OF(SSL_CIPHER) *cipher_list;
+@@ -848,9 +755,9 @@ struct ssl_ctx_st {
+ int (*tlsext_servername_callback) (SSL *, int *, void *);
+ void *tlsext_servername_arg;
+ /* RFC 4507 session ticket keys */
+- unsigned char tlsext_tick_key_name[16];
+- unsigned char tlsext_tick_hmac_key[16];
+- unsigned char tlsext_tick_aes_key[16];
++ unsigned char tlsext_tick_key_name[TLSEXT_KEYNAME_LENGTH];
++ unsigned char tlsext_tick_hmac_key[32];
++ unsigned char tlsext_tick_aes_key[32];
+ /* Callback to support customisation of ticket key setting */
+ int (*tlsext_ticket_key_cb) (SSL *ssl,
+ unsigned char *name, unsigned char *iv,
+@@ -944,6 +851,10 @@ struct ssl_ctx_st {
+ size_t tlsext_ellipticcurvelist_length;
+ unsigned char *tlsext_ellipticcurvelist;
+ # endif /* OPENSSL_NO_EC */
++
++ /* ext status type used for CSR extension (OCSP Stapling) */
++ int tlsext_status_type;
++
+ CRYPTO_RWLOCK *lock;
+ };
+
+@@ -1872,7 +1783,7 @@ const SSL_METHOD *func_name(void) \
+ }
+
+ struct openssl_ssl_test_functions {
+- int (*p_ssl_init_wbio_buffer) (SSL *s, int push);
++ int (*p_ssl_init_wbio_buffer) (SSL *s);
+ int (*p_ssl3_setup_buffers) (SSL *s);
+ # ifndef OPENSSL_NO_HEARTBEATS
+ int (*p_dtls1_process_heartbeat) (SSL *s,
+@@ -2048,7 +1959,7 @@ __owur int dtls1_shutdown(SSL *s);
+
+ __owur int dtls1_dispatch_alert(SSL *s);
+
+-__owur int ssl_init_wbio_buffer(SSL *s, int push);
++__owur int ssl_init_wbio_buffer(SSL *s);
+ void ssl_free_wbio_buffer(SSL *s);
+
+ __owur int tls1_change_cipher_state(SSL *s, int which);
+diff --git a/ssl/ssl_mcnf.c b/ssl/ssl_mcnf.c
+index 614e0a7..b92b210 100644
+--- a/ssl/ssl_mcnf.c
++++ b/ssl/ssl_mcnf.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Stephen Henson (steve at openssl.org) for the OpenSSL project
+- * 2015.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
+index 00bf887..aad65ea 100644
+--- a/ssl/ssl_rsa.c
++++ b/ssl/ssl_rsa.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -831,7 +783,7 @@ static int serverinfo_srv_add_cb(SSL *s, unsigned int ext_type,
+ return 0; /* No extension found, don't send extension */
+ return 1; /* Send extension */
+ }
+- return -1; /* No serverinfo data found, don't send
++ return 0; /* No serverinfo data found, don't send
+ * extension */
+ }
+
+@@ -860,12 +812,26 @@ static int serverinfo_process_buffer(const unsigned char *serverinfo,
+
+ /* Register callbacks for extensions */
+ ext_type = (serverinfo[0] << 8) + serverinfo[1];
+- if (ctx && !SSL_CTX_add_server_custom_ext(ctx, ext_type,
+- serverinfo_srv_add_cb,
+- NULL, NULL,
+- serverinfo_srv_parse_cb,
+- NULL))
+- return 0;
++ if (ctx) {
++ int have_ext_cbs = 0;
++ size_t i;
++ custom_ext_methods *exts = &ctx->cert->srv_ext;
++ custom_ext_method *meth = exts->meths;
++
++ for (i = 0; i < exts->meths_count; i++, meth++) {
++ if (ext_type == meth->ext_type) {
++ have_ext_cbs = 1;
++ break;
++ }
++ }
++
++ if (!have_ext_cbs && !SSL_CTX_add_server_custom_ext(ctx, ext_type,
++ serverinfo_srv_add_cb,
++ NULL, NULL,
++ serverinfo_srv_parse_cb,
++ NULL))
++ return 0;
++ }
+
+ serverinfo += 2;
+ serverinfo_length -= 2;
+@@ -926,6 +892,7 @@ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
+ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
+ {
+ unsigned char *serverinfo = NULL;
++ unsigned char *tmp;
+ size_t serverinfo_length = 0;
+ unsigned char *extension = 0;
+ long extension_length = 0;
+@@ -985,12 +952,13 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
+ goto end;
+ }
+ /* Append the decoded extension to the serverinfo buffer */
+- serverinfo =
++ tmp =
+ OPENSSL_realloc(serverinfo, serverinfo_length + extension_length);
+- if (serverinfo == NULL) {
++ if (tmp == NULL) {
+ SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
++ serverinfo = tmp;
+ memcpy(serverinfo + serverinfo_length, extension, extension_length);
+ serverinfo_length += extension_length;
+
+diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
+index d5b7fe3..f168900 100644
+--- a/ssl/ssl_sess.c
++++ b/ssl/ssl_sess.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+@@ -198,8 +98,11 @@ SSL_SESSION *SSL_SESSION_new(void)
+ return NULL;
+ }
+
+- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
+-
++ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) {
++ CRYPTO_THREAD_lock_free(ss->lock);
++ OPENSSL_free(ss);
++ return NULL;
++ }
+ return ss;
+ }
+
+@@ -431,13 +334,13 @@ int ssl_get_new_session(SSL *s, int session)
+ * Note that:
+ * (a) ssl_get_prev_session() does lookahead into the
+ * ClientHello extensions to find the session ticket.
+- * When ssl_get_prev_session() fails, s3_srvr.c calls
+- * ssl_get_new_session() in ssl3_get_client_hello().
++ * When ssl_get_prev_session() fails, statem_srvr.c calls
++ * ssl_get_new_session() in tls_process_client_hello().
+ * At that point, it has not yet parsed the extensions,
+ * however, because of the lookahead, it already knows
+ * whether a ticket is expected or not.
+ *
+- * (b) s3_clnt.c calls ssl_get_new_session() before parsing
++ * (b) statem_clnt.c calls ssl_get_new_session() before parsing
+ * ServerHello extensions, and before recording the session
+ * ID received from the server, so this block is a noop.
+ */
+@@ -1074,10 +977,10 @@ void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
+ return;
+ tp.time = t;
+ CRYPTO_THREAD_write_lock(s->lock);
+- i = CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
+- CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = 0;
++ i = lh_SSL_SESSION_get_down_load(s->sessions);
++ lh_SSL_SESSION_set_down_load(s->sessions, 0);
+ lh_SSL_SESSION_doall_TIMEOUT_PARAM(tp.cache, timeout_cb, &tp);
+- CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
++ lh_SSL_SESSION_set_down_load(s->sessions, i);
+ CRYPTO_THREAD_unlock(s->lock);
+ }
+
+diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c
+index 240dfdf..1928bd2 100644
+--- a/ssl/ssl_stat.c
++++ b/ssl/ssl_stat.c
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c
+index b2c6bf7..df7c74b 100644
+--- a/ssl/ssl_txt.c
++++ b/ssl/ssl_txt.c
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+@@ -238,7 +191,7 @@ int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
+
+ /*
+ * the RSA prefix is required by the format's definition although there's
+- * nothing RSA-specifc in the output, therefore, we don't have to check if
++ * nothing RSA-specific in the output, therefore, we don't have to check if
+ * the cipher suite is based on RSA
+ */
+ if (BIO_puts(bp, "RSA ") <= 0)
+diff --git a/ssl/ssl_utst.c b/ssl/ssl_utst.c
+index 335cf0d..09e76d1 100644
+--- a/ssl/ssl_utst.c
++++ b/ssl/ssl_utst.c
+@@ -1,55 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "ssl_locl.h"
+diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
+index 08ae21a..0b0595d 100644
+--- a/ssl/statem/statem.c
++++ b/ssl/statem/statem.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/rand.h>
+@@ -368,20 +320,20 @@ static int state_machine(SSL *s, int server)
+ */
+ s->s3->change_cipher_spec = 0;
+
+- if (!server || st->state != MSG_FLOW_RENEGOTIATE) {
+- /*
+- * Ok, we now need to push on a buffering BIO ...but not with
+- * SCTP
+- */
++
++ /*
++ * Ok, we now need to push on a buffering BIO ...but not with
++ * SCTP
++ */
+ #ifndef OPENSSL_NO_SCTP
+- if (!SSL_IS_DTLS(s) || !BIO_dgram_is_sctp(SSL_get_wbio(s)))
++ if (!SSL_IS_DTLS(s) || !BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ #endif
+- if (!ssl_init_wbio_buffer(s, server ? 1 : 0)) {
+- goto end;
+- }
++ if (!ssl_init_wbio_buffer(s)) {
++ goto end;
++ }
+
++ if (!server || st->state != MSG_FLOW_RENEGOTIATE)
+ ssl3_init_finished_mac(s);
+- }
+
+ if (server) {
+ if (st->state != MSG_FLOW_RENEGOTIATE) {
+@@ -548,7 +500,6 @@ static SUB_STATE_RETURN read_state_machine(SSL *s) {
+ while(1) {
+ switch(st->read_state) {
+ case READ_STATE_HEADER:
+- s->init_num = 0;
+ /* Get the state the peer wants to move to */
+ if (SSL_IS_DTLS(s)) {
+ /*
+@@ -607,6 +558,10 @@ static SUB_STATE_RETURN read_state_machine(SSL *s) {
+ return SUB_STATE_ERROR;
+ }
+ ret = process_message(s, &pkt);
++
++ /* Discard the packet data */
++ s->init_num = 0;
++
+ if (ret == MSG_PROCESS_ERROR) {
+ return SUB_STATE_ERROR;
+ }
+diff --git a/ssl/statem/statem.h b/ssl/statem/statem.h
+index 263a395..e2aef15 100644
+--- a/ssl/statem/statem.h
++++ b/ssl/statem/statem.h
+@@ -1,60 +1,15 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*****************************************************************************
+ * *
+- * These emums should be considered PRIVATE to the state machine. No *
++ * These enums should be considered PRIVATE to the state machine. No *
+ * non-state machine code should need to use these *
+ * *
+ *****************************************************************************/
+diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
+index 5b53b86..ecbc43b 100644
+--- a/ssl/statem/statem_clnt.c
++++ b/ssl/statem/statem_clnt.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -341,9 +241,11 @@ int ossl_statem_client_read_transition(SSL *s, int mt)
+ break;
+
+ case TLS_ST_CW_FINISHED:
+- if (mt == SSL3_MT_NEWSESSION_TICKET && s->tlsext_ticket_expected) {
+- st->hand_state = TLS_ST_CR_SESSION_TICKET;
+- return 1;
++ if (s->tlsext_ticket_expected) {
++ if (mt == SSL3_MT_NEWSESSION_TICKET) {
++ st->hand_state = TLS_ST_CR_SESSION_TICKET;
++ return 1;
++ }
+ } else if (mt == SSL3_MT_CHANGE_CIPHER_SPEC) {
+ st->hand_state = TLS_ST_CR_CHANGE;
+ return 1;
+@@ -535,20 +437,9 @@ WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst)
+
+ switch(st->hand_state) {
+ case TLS_ST_CW_CLNT_HELLO:
+- if (SSL_IS_DTLS(s) && s->d1->cookie_len > 0 && statem_flush(s) != 1)
++ if (wst == WORK_MORE_A && statem_flush(s) != 1)
+ return WORK_MORE_A;
+-#ifndef OPENSSL_NO_SCTP
+- /* Disable buffering for SCTP */
+- if (!SSL_IS_DTLS(s) || !BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+-#endif
+- /*
+- * turn on buffering for the next lot of output
+- */
+- if (s->bbio != s->wbio)
+- s->wbio = BIO_push(s->bbio, s->wbio);
+-#ifndef OPENSSL_NO_SCTP
+- }
+-#endif
++
+ if (SSL_IS_DTLS(s)) {
+ /* Treat the next message as the first packet */
+ s->first_packet = 1;
+@@ -870,7 +761,7 @@ int tls_construct_client_hello(SSL *s)
+ * 1. Client hello indicates TLS 1.2
+ * 2. Server hello says TLS 1.0
+ * 3. RSA encrypted premaster secret uses 1.2.
+- * 4. Handhaked proceeds using TLS 1.0.
++ * 4. Handshake proceeds using TLS 1.0.
+ * 5. Server sends hello request to renegotiate.
+ * 6. Client hello indicates TLS v1.0 as we now
+ * know that is maximum server supports.
+@@ -1350,7 +1241,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
+ s->session->peer_chain = sk;
+ /*
+ * Inconsistency alert: cert_chain does include the peer's certificate,
+- * which we don't include in s3_srvr.c
++ * which we don't include in statem_srvr.c
+ */
+ x = sk_X509_value(sk, 0);
+ sk = NULL;
+@@ -1525,9 +1416,10 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
+ #ifndef OPENSSL_NO_DH
+ else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {
+ PACKET prime, generator, pub_key;
++ EVP_PKEY *peer_tmp = NULL;
+
+- DH *dh;
+- BIGNUM *p, *g, *bnpub_key;
++ DH *dh = NULL;
++ BIGNUM *p = NULL, *g = NULL, *bnpub_key = NULL;
+
+ if (!PACKET_get_length_prefixed_2(pkt, &prime)
+ || !PACKET_get_length_prefixed_2(pkt, &generator)
+@@ -1536,19 +1428,13 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
+ goto f_err;
+ }
+
+- s->s3->peer_tmp = EVP_PKEY_new();
++ peer_tmp = EVP_PKEY_new();
+ dh = DH_new();
+
+- if (s->s3->peer_tmp == NULL || dh == NULL) {
++ if (peer_tmp == NULL || dh == NULL) {
++ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+- DH_free(dh);
+- goto err;
+- }
+-
+- if (EVP_PKEY_assign_DH(s->s3->peer_tmp, dh) == 0) {
+- SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB);
+- DH_free(dh);
+- goto err;
++ goto dherr;
+ }
+
+ p = BN_bin2bn(PACKET_data(&prime), PACKET_remaining(&prime), NULL);
+@@ -1558,39 +1444,53 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
+ NULL);
+ if (p == NULL || g == NULL || bnpub_key == NULL) {
+ SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_BN_LIB);
+- BN_free(p);
+- BN_free(g);
+- BN_free(bnpub_key);
+- goto err;
++ goto dherr;
+ }
+
+ if (BN_is_zero(p) || BN_is_zero(g) || BN_is_zero(bnpub_key)) {
+ SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_BAD_DH_VALUE);
+- BN_free(p);
+- BN_free(g);
+- BN_free(bnpub_key);
+- goto f_err;
++ goto dherr;
+ }
+
+ if (!DH_set0_pqg(dh, p, NULL, g)) {
++ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_BN_LIB);
+- BN_free(p);
+- BN_free(g);
+- BN_free(bnpub_key);
+- goto err;
++ goto dherr;
+ }
+
+ if (!DH_set0_key(dh, bnpub_key, NULL)) {
++ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_BN_LIB);
+- BN_free(bnpub_key);
+- goto err;
++ goto dherr;
+ }
+
+ if (!ssl_security(s, SSL_SECOP_TMP_DH, DH_security_bits(dh), 0, dh)) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_DH_KEY_TOO_SMALL);
+- goto f_err;
++ goto dherr;
+ }
++
++ if (EVP_PKEY_assign_DH(peer_tmp, dh) == 0) {
++ al = SSL_AD_INTERNAL_ERROR;
++ SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB);
++ goto dherr;
++ }
++
++ s->s3->peer_tmp = peer_tmp;
++
++ goto dhend;
++ dherr:
++ BN_free(p);
++ BN_free(g);
++ BN_free(bnpub_key);
++ DH_free(dh);
++ EVP_PKEY_free(peer_tmp);
++ goto f_err;
++ dhend:
++ /*
++ * FIXME: This makes assumptions about which ciphersuites come with
++ * public keys. We should have a less ad-hoc way of doing this
++ */
+ if (alg_a & (SSL_aRSA|SSL_aDSS))
+ pkey = X509_get0_pubkey(s->session->peer);
+ /* else anonymous DH, so no certificate or pkey. */
+@@ -2538,6 +2438,9 @@ int tls_client_key_exchange_post_work(SSL *s)
+ unsigned char *pms = NULL;
+ size_t pmslen = 0;
+
++ pms = s->s3->tmp.pms;
++ pmslen = s->s3->tmp.pmslen;
++
+ #ifndef OPENSSL_NO_SRP
+ /* Check for SRP */
+ if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) {
+@@ -2549,8 +2452,6 @@ int tls_client_key_exchange_post_work(SSL *s)
+ return 1;
+ }
+ #endif
+- pms = s->s3->tmp.pms;
+- pmslen = s->s3->tmp.pmslen;
+
+ if (pms == NULL && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+@@ -2560,8 +2461,13 @@ int tls_client_key_exchange_post_work(SSL *s)
+ if (!ssl_generate_master_secret(s, pms, pmslen, 1)) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ SSLerr(SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK, ERR_R_INTERNAL_ERROR);
++ /* ssl_generate_master_secret frees the pms even on error */
++ pms = NULL;
++ pmslen = 0;
+ goto err;
+ }
++ pms = NULL;
++ pmslen = 0;
+
+ #ifndef OPENSSL_NO_SCTP
+ if (SSL_IS_DTLS(s)) {
+diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
+index a3090ef..2a69326 100644
+--- a/ssl/statem/statem_dtls.c
++++ b/ssl/statem/statem_dtls.c
+@@ -1,115 +1,10 @@
+ /*
+- * DTLS implementation written by Nagendra Modadugu
+- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- */
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <limits.h>
+@@ -224,8 +119,9 @@ int dtls1_do_write(SSL *s, int type)
+ if (!dtls1_query_mtu(s))
+ return -1;
+
+- OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu(s)); /* should have something
+- * reasonable now */
++ if (s->d1->mtu < dtls1_min_mtu(s))
++ /* should have something reasonable now */
++ return -1;
+
+ if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
+ OPENSSL_assert(s->init_num ==
+diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
+index 8fcc232..eb3e591 100644
+--- a/ssl/statem/statem_lib.c
++++ b/ssl/statem/statem_lib.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+@@ -454,6 +354,16 @@ int tls_get_message_header(SSL *s, int *mt)
+ return 0;
+ }
+ if (recvd_type == SSL3_RT_CHANGE_CIPHER_SPEC) {
++ /*
++ * A ChangeCipherSpec must be a single byte and may not occur
++ * in the middle of a handshake message.
++ */
++ if (s->init_num != 0 || i != 1 || p[0] != SSL3_MT_CCS) {
++ al = SSL_AD_UNEXPECTED_MESSAGE;
++ SSLerr(SSL_F_TLS_GET_MESSAGE_HEADER,
++ SSL_R_BAD_CHANGE_CIPHER_SPEC);
++ goto f_err;
++ }
+ s->s3->tmp.message_type = *mt = SSL3_MT_CHANGE_CIPHER_SPEC;
+ s->init_num = i - 1;
+ s->s3->tmp.message_size = i;
+@@ -648,6 +558,13 @@ int ssl_verify_alarm_type(long type)
+ case X509_V_ERR_CRL_NOT_YET_VALID:
+ case X509_V_ERR_CERT_UNTRUSTED:
+ case X509_V_ERR_CERT_REJECTED:
++ case X509_V_ERR_HOSTNAME_MISMATCH:
++ case X509_V_ERR_EMAIL_MISMATCH:
++ case X509_V_ERR_IP_ADDRESS_MISMATCH:
++ case X509_V_ERR_DANE_NO_MATCH:
++ case X509_V_ERR_EE_KEY_TOO_SMALL:
++ case X509_V_ERR_CA_KEY_TOO_SMALL:
++ case X509_V_ERR_CA_MD_TOO_WEAK:
+ al = SSL_AD_BAD_CERTIFICATE;
+ break;
+ case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+@@ -661,7 +578,10 @@ int ssl_verify_alarm_type(long type)
+ case X509_V_ERR_CERT_REVOKED:
+ al = SSL_AD_CERTIFICATE_REVOKED;
+ break;
++ case X509_V_ERR_UNSPECIFIED:
+ case X509_V_ERR_OUT_OF_MEM:
++ case X509_V_ERR_INVALID_CALL:
++ case X509_V_ERR_STORE_LOOKUP:
+ al = SSL_AD_INTERNAL_ERROR;
+ break;
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h
+index 57b7c37..9f7ec88 100644
+--- a/ssl/statem/statem_locl.h
++++ b/ssl/statem/statem_locl.h
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*****************************************************************************
+diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
+index 38fa945..67df5f2 100644
+--- a/ssl/statem/statem_srvr.c
++++ b/ssl/statem/statem_srvr.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -368,7 +268,7 @@ static int send_certificate_request(SSL *s)
+ && (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
+ /*
+ * ... except when the application insists on
+- * verification (against the specs, but s3_clnt.c accepts
++ * verification (against the specs, but statem_clnt.c accepts
+ * this for SSL 3)
+ */
+ || (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
+@@ -747,6 +647,23 @@ int ossl_statem_server_construct_message(SSL *s)
+ return 0;
+ }
+
++/*
++ * Maximum size (excluding the Handshake header) of a ClientHello message,
++ * calculated as follows:
++ *
++ * 2 + # client_version
++ * 32 + # only valid length for random
++ * 1 + # length of session_id
++ * 32 + # maximum size for session_id
++ * 2 + # length of cipher suites
++ * 2^16-2 + # maximum length of cipher suites array
++ * 1 + # length of compression_methods
++ * 2^8-1 + # maximum length of compression methods
++ * 2 + # length of extensions
++ * 2^16-1 # maximum length of extensions
++ */
++#define CLIENT_HELLO_MAX_LENGTH 131396
++
+ #define CLIENT_KEY_EXCH_MAX_LENGTH 2048
+ #define NEXT_PROTO_MAX_LENGTH 514
+
+@@ -760,7 +677,7 @@ unsigned long ossl_statem_server_max_message_size(SSL *s)
+
+ switch(st->hand_state) {
+ case TLS_ST_SR_CLNT_HELLO:
+- return SSL3_RT_MAX_PLAIN_LENGTH;
++ return CLIENT_HELLO_MAX_LENGTH;
+
+ case TLS_ST_SR_CERT:
+ return s->max_cert_list;
+@@ -971,6 +888,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
+ /* |cookie| will only be initialized for DTLS. */
+ PACKET session_id, cipher_suites, compression, extensions, cookie;
+ int is_v2_record;
++ static const unsigned char null_compression = 0;
+
+ is_v2_record = RECORD_LAYER_is_sslv2_record(&s->rlayer);
+
+@@ -1096,19 +1014,20 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
+ goto f_err;
+ }
+
+- /* Load the client random */
++ /* Load the client random and compression list. */
+ challenge_len = challenge_len > SSL3_RANDOM_SIZE ? SSL3_RANDOM_SIZE :
+ challenge_len;
+ memset(s->s3->client_random, 0, SSL3_RANDOM_SIZE);
+ if (!PACKET_copy_bytes(&challenge,
+ s->s3->client_random + SSL3_RANDOM_SIZE -
+- challenge_len, challenge_len)) {
++ challenge_len, challenge_len)
++ /* Advertise only null compression. */
++ || !PACKET_buf_init(&compression, &null_compression, 1)) {
+ SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+
+- PACKET_null_init(&compression);
+ PACKET_null_init(&extensions);
+ } else {
+ /* Regular ClientHello. */
+@@ -1376,7 +1295,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
+ if (k >= complen) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO,
+- SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING);
++ SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING);
+ goto f_err;
+ }
+ } else if (s->hit)
+@@ -2079,7 +1998,6 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
+ EVP_PKEY *ckey = NULL;
+ #endif
+ PACKET enc_premaster;
+- const unsigned char *data;
+ unsigned char *rsa_decrypt = NULL;
+
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+@@ -2301,6 +2219,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
+ DH *cdh;
+ unsigned int i;
+ BIGNUM *pub_key;
++ const unsigned char *data;
+
+ if (!PACKET_get_net_2(pkt, &i)) {
+ if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {
+@@ -2378,6 +2297,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
+ goto f_err;
+ } else {
+ unsigned int i;
++ const unsigned char *data;
+
+ /*
+ * Get client's public key from encoded point in the
+@@ -2425,6 +2345,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
+ #ifndef OPENSSL_NO_SRP
+ if (alg_k & SSL_kSRP) {
+ unsigned int i;
++ const unsigned char *data;
+
+ if (!PACKET_get_net_2(pkt, &i)
+ || !PACKET_get_bytes(pkt, &data, i)) {
+@@ -2467,6 +2388,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
+ int Ttag, Tclass;
+ long Tlen;
+ long sess_key_len;
++ const unsigned char *data;
+
+ /* Get our certificate private key */
+ alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+@@ -2909,7 +2831,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
+ s->session->peer_chain = sk;
+ /*
+ * Inconsistency alert: cert_chain does *not* include the peer's own
+- * certificate, while we do include it in s3_clnt.c
++ * certificate, while we do include it in statem_clnt.c
+ */
+ sk = NULL;
+ ret = MSG_PROCESS_CONTINUE_READING;
+@@ -2956,7 +2878,8 @@ int tls_construct_new_session_ticket(SSL *s)
+ unsigned int hlen;
+ SSL_CTX *tctx = s->initial_ctx;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+- unsigned char key_name[16];
++ unsigned char key_name[TLSEXT_KEYNAME_LENGTH];
++ int iv_len;
+
+ /* get session encoding length */
+ slen_full = i2d_SSL_SESSION(s->session, NULL);
+@@ -3006,13 +2929,14 @@ int tls_construct_new_session_ticket(SSL *s)
+ * Grow buffer if need be: the length calculation is as
+ * follows handshake_header_length +
+ * 4 (ticket lifetime hint) + 2 (ticket length) +
+- * 16 (key name) + max_iv_len (iv length) +
+- * session_length + max_enc_block_size (max encrypted session
+- * length) + max_md_size (HMAC).
++ * sizeof(keyname) + max_iv_len (iv length) +
++ * max_enc_block_size (max encrypted session * length) +
++ * max_md_size (HMAC) + session_length.
+ */
+ if (!BUF_MEM_grow(s->init_buf,
+- SSL_HM_HEADER_LENGTH(s) + 22 + EVP_MAX_IV_LENGTH +
+- EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))
++ SSL_HM_HEADER_LENGTH(s) + 6 + sizeof(key_name) +
++ EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH +
++ EVP_MAX_MD_SIZE + slen))
+ goto err;
+
+ p = ssl_handshake_start(s);
+@@ -3023,16 +2947,22 @@ int tls_construct_new_session_ticket(SSL *s)
+ if (tctx->tlsext_ticket_key_cb) {
+ if (tctx->tlsext_ticket_key_cb(s, key_name, iv, ctx, hctx, 1) < 0)
+ goto err;
++ iv_len = EVP_CIPHER_CTX_iv_length(ctx);
+ } else {
+- if (RAND_bytes(iv, 16) <= 0)
++ const EVP_CIPHER *cipher = EVP_aes_256_cbc();
++
++ iv_len = EVP_CIPHER_iv_length(cipher);
++ if (RAND_bytes(iv, iv_len) <= 0)
+ goto err;
+- if (!EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL,
++ if (!EVP_EncryptInit_ex(ctx, cipher, NULL,
+ tctx->tlsext_tick_aes_key, iv))
+ goto err;
+- if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, 16,
++ if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key,
++ sizeof(tctx->tlsext_tick_hmac_key),
+ EVP_sha256(), NULL))
+ goto err;
+- memcpy(key_name, tctx->tlsext_tick_key_name, 16);
++ memcpy(key_name, tctx->tlsext_tick_key_name,
++ sizeof(tctx->tlsext_tick_key_name));
+ }
+
+ /*
+@@ -3046,11 +2976,11 @@ int tls_construct_new_session_ticket(SSL *s)
+ p += 2;
+ /* Output key name */
+ macstart = p;
+- memcpy(p, key_name, 16);
+- p += 16;
++ memcpy(p, key_name, sizeof(key_name));
++ p += sizeof(key_name);
+ /* output IV */
+- memcpy(p, iv, EVP_CIPHER_CTX_iv_length(ctx));
+- p += EVP_CIPHER_CTX_iv_length(ctx);
++ memcpy(p, iv, iv_len);
++ p += iv_len;
+ /* Encrypt session data */
+ if (!EVP_EncryptUpdate(ctx, p, &len, senc, slen))
+ goto err;
+diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
+index 6e56441..920a178 100644
+--- a/ssl/t1_enc.c
++++ b/ssl/t1_enc.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c
+index 3bbe1fd..2db949d 100644
+--- a/ssl/t1_ext.c
++++ b/ssl/t1_ext.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /* Custom extension utility functions */
+@@ -205,7 +160,7 @@ static int custom_ext_meth_add(custom_ext_methods *exts,
+ void *add_arg,
+ custom_ext_parse_cb parse_cb, void *parse_arg)
+ {
+- custom_ext_method *meth;
++ custom_ext_method *meth, *tmp;
+ /*
+ * Check application error: if add_cb is not set free_cb will never be
+ * called.
+@@ -225,15 +180,17 @@ static int custom_ext_meth_add(custom_ext_methods *exts,
+ /* Search for duplicate */
+ if (custom_ext_find(exts, ext_type))
+ return 0;
+- exts->meths = OPENSSL_realloc(exts->meths,
+- (exts->meths_count +
+- 1) * sizeof(custom_ext_method));
++ tmp = OPENSSL_realloc(exts->meths,
++ (exts->meths_count + 1) * sizeof(custom_ext_method));
+
+- if (!exts->meths) {
++ if (tmp == NULL) {
++ OPENSSL_free(exts->meths);
++ exts->meths = NULL;
+ exts->meths_count = 0;
+ return 0;
+ }
+
++ exts->meths = tmp;
+ meth = exts->meths + exts->meths_count;
+ memset(meth, 0, sizeof(*meth));
+ meth->parse_cb = parse_cb;
+diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
+index 9f6cef3..8f16668 100644
+--- a/ssl/t1_lib.c
++++ b/ssl/t1_lib.c
+@@ -1,111 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -114,6 +13,8 @@
+ #include <openssl/evp.h>
+ #include <openssl/hmac.h>
+ #include <openssl/ocsp.h>
++#include <openssl/conf.h>
++#include <openssl/x509v3.h>
+ #include <openssl/rand.h>
+ #include <openssl/dh.h>
+ #include <openssl/bn.h>
+@@ -767,7 +668,7 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
+
+ # ifndef OPENSSL_NO_EC
+ /*
+- * tls1_check_ec_tmp_key - Check EC temporary key compatiblity
++ * tls1_check_ec_tmp_key - Check EC temporary key compatibility
+ * @s: SSL connection
+ * @cid: Cipher ID we're considering using
+ *
+@@ -1179,7 +1080,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
+
+ /*-
+ * check for enough space.
+- * 4 for the servername type and entension length
++ * 4 for the servername type and extension length
+ * 2 for servernamelist length
+ * 1 for the hostname type
+ * 2 for hostname length
+@@ -1217,7 +1118,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
+
+ /*-
+ * check for enough space.
+- * 4 for the srp type type and entension length
++ * 4 for the srp type type and extension length
+ * 1 for the srp user identity
+ * + srp user identity length
+ */
+@@ -1329,7 +1230,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
+ }
+ skip_ext:
+
+- if (SSL_USE_SIGALGS(s)) {
++ if (SSL_CLIENT_USE_SIGALGS(s)) {
+ size_t salglen;
+ const unsigned char *salg;
+ unsigned char *etmp;
+@@ -1414,7 +1315,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
+ #ifndef OPENSSL_NO_NEXTPROTONEG
+ if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len) {
+ /*
+- * The client advertises an emtpy extension to indicate its support
++ * The client advertises an empty extension to indicate its support
+ * for Next Protocol Negotiation
+ */
+ if (limit - ret - 4 < 0)
+@@ -1466,10 +1367,8 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
+ /* Add custom TLS Extensions to ClientHello */
+ if (!custom_ext_add(s, 0, &ret, limit, al))
+ return NULL;
+-#ifdef TLSEXT_TYPE_encrypt_then_mac
+ s2n(TLSEXT_TYPE_encrypt_then_mac, ret);
+ s2n(0, ret);
+-#endif
+ #ifndef OPENSSL_NO_CT
+ if (s->ct_validation_callback != NULL) {
+ s2n(TLSEXT_TYPE_signed_certificate_timestamp, ret);
+@@ -1696,7 +1595,6 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
+ #endif
+ if (!custom_ext_add(s, 1, &ret, limit, al))
+ return NULL;
+-#ifdef TLSEXT_TYPE_encrypt_then_mac
+ if (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC) {
+ /*
+ * Don't use encrypt_then_mac if AEAD or RC4 might want to disable
+@@ -1712,7 +1610,6 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
+ s2n(0, ret);
+ }
+ }
+-#endif
+ if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) {
+ s2n(TLSEXT_TYPE_extended_master_secret, ret);
+ s2n(0, ret);
+@@ -1925,9 +1822,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al)
+ /* Clear any signature algorithms extension received */
+ OPENSSL_free(s->s3->tmp.peer_sigalgs);
+ s->s3->tmp.peer_sigalgs = NULL;
+-#ifdef TLSEXT_TYPE_encrypt_then_mac
+ s->s3->flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC;
+-#endif
+
+ #ifndef OPENSSL_NO_SRP
+ OPENSSL_free(s->srp_ctx.login);
+@@ -2004,7 +1899,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al)
+ /*
+ * Although the server_name extension was intended to be
+ * extensible to new name types, RFC 4366 defined the
+- * syntax inextensibly and OpenSSL 1.0.x parses it as
++ * syntax inextensibility and OpenSSL 1.0.x parses it as
+ * such.
+ * RFC 6066 corrected the mistake but adding new name types
+ * is nevertheless no longer feasible, so act as if no other
+@@ -2235,7 +2130,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al)
+ *
+ * s->new_session will be set on renegotiation, but we
+ * probably shouldn't rely that it couldn't be set on
+- * the initial renegotation too in certain cases (when
++ * the initial renegotiation too in certain cases (when
+ * there's some other reason to disallow resuming an
+ * earlier session -- the current code won't be doing
+ * anything like that, but this might change).
+@@ -2264,10 +2159,8 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al)
+ return 0;
+ }
+ #endif
+-#ifdef TLSEXT_TYPE_encrypt_then_mac
+ else if (type == TLSEXT_TYPE_encrypt_then_mac)
+ s->s3->flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC;
+-#endif
+ /*
+ * Note: extended master secret extension handled in
+ * tls_check_serverhello_tlsext_early()
+@@ -2337,11 +2230,11 @@ int ssl_parse_clienthello_tlsext(SSL *s, PACKET *pkt)
+ */
+ static char ssl_next_proto_validate(PACKET *pkt)
+ {
+- unsigned int len;
++ PACKET tmp_protocol;
+
+ while (PACKET_remaining(pkt)) {
+- if (!PACKET_get_1(pkt, &len)
+- || !PACKET_forward(pkt, len))
++ if (!PACKET_get_length_prefixed_1(pkt, &tmp_protocol)
++ || PACKET_remaining(&tmp_protocol) == 0)
+ return 0;
+ }
+
+@@ -2367,9 +2260,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, PACKET *pkt, int *al)
+ SSL_DTLSEXT_HB_DONT_SEND_REQUESTS);
+ #endif
+
+-#ifdef TLSEXT_TYPE_encrypt_then_mac
+ s->s3->flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC;
+-#endif
+
+ s->s3->flags &= ~TLS1_FLAGS_RECEIVED_EXTMS;
+
+@@ -2581,14 +2472,12 @@ static int ssl_scan_serverhello_tlsext(SSL *s, PACKET *pkt, int *al)
+ return 0;
+ }
+ #endif
+-#ifdef TLSEXT_TYPE_encrypt_then_mac
+ else if (type == TLSEXT_TYPE_encrypt_then_mac) {
+ /* Ignore if inappropriate ciphersuite */
+ if (s->s3->tmp.new_cipher->algorithm_mac != SSL_AEAD
+ && s->s3->tmp.new_cipher->algorithm_enc != SSL_RC4)
+ s->s3->flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC;
+ }
+-#endif
+ else if (type == TLSEXT_TYPE_extended_master_secret) {
+ s->s3->flags |= TLS1_FLAGS_RECEIVED_EXTMS;
+ if (!s->hit)
+@@ -2737,7 +2626,8 @@ int tls1_set_server_sigalgs(SSL *s)
+ {
+ int al;
+ size_t i;
+- /* Clear any shared sigtnature algorithms */
++
++ /* Clear any shared signature algorithms */
+ OPENSSL_free(s->cert->shared_sigalgs);
+ s->cert->shared_sigalgs = NULL;
+ s->cert->shared_sigalgslen = 0;
+@@ -3075,7 +2965,7 @@ end:
+ * tls_decrypt_ticket attempts to decrypt a session ticket.
+ *
+ * etick: points to the body of the session ticket extension.
+- * eticklen: the length of the session tickets extenion.
++ * eticklen: the length of the session tickets extension.
+ * sess_id: points at the session ID.
+ * sesslen: the length of the session ID.
+ * psess: (output) on return, if a ticket was decrypted, then this is set to
+@@ -3126,15 +3016,17 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
+ renew_ticket = 1;
+ } else {
+ /* Check key name matches */
+- if (memcmp(etick, tctx->tlsext_tick_key_name, 16)) {
++ if (memcmp(etick, tctx->tlsext_tick_key_name,
++ sizeof(tctx->tlsext_tick_key_name)) != 0) {
+ ret = 2;
+ goto err;
+ }
+- if (HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, 16,
++ if (HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key,
++ sizeof(tctx->tlsext_tick_hmac_key),
+ EVP_sha256(), NULL) <= 0
+- || EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL,
++ || EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL,
+ tctx->tlsext_tick_aes_key,
+- etick + 16) <= 0) {
++ etick + sizeof(tctx->tlsext_tick_key_name)) <= 0) {
+ goto err;
+ }
+ }
+diff --git a/ssl/t1_reneg.c b/ssl/t1_reneg.c
+index 5c0d825..15a4e27 100644
+--- a/ssl/t1_reneg.c
++++ b/ssl/t1_reneg.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2009 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <openssl/objects.h>
+ #include "ssl_locl.h"
+diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
+index cb22d49..562ac09 100644
+--- a/ssl/t1_trce.c
++++ b/ssl/t1_trce.c
+@@ -1,55 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2012 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "ssl_locl.h"
+@@ -497,7 +452,9 @@ static ssl_trace_tbl ssl_exts_tbl[] = {
+ {TLSEXT_TYPE_heartbeat, "heartbeat"},
+ {TLSEXT_TYPE_session_ticket, "session_ticket"},
+ {TLSEXT_TYPE_renegotiate, "renegotiate"},
++#ifndef OPENSSL_NO_NEXTPROTONEG
+ {TLSEXT_TYPE_next_proto_neg, "next_proto_neg"},
++#endif
+ {TLSEXT_TYPE_signed_certificate_timestamp, "signed_certificate_timestamps"},
+ {TLSEXT_TYPE_padding, "padding"},
+ {TLSEXT_TYPE_encrypt_then_mac, "encrypt_then_mac"},
+diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c
+index cf5ccdc..08e22df 100644
+--- a/ssl/tls_srp.c
++++ b/ssl/tls_srp.c
+@@ -1,60 +1,10 @@
+ /*
+- * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
+- * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
+- * EdelKey project and contributed to the OpenSSL project 2004.
+- */
+-/* ====================================================================
+- * Copyright (c) 2004-2011 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/test/Makefile.in b/test/Makefile.in
+deleted file mode 100644
+index cefcd72..0000000
+--- a/test/Makefile.in
++++ /dev/null
+@@ -1,410 +0,0 @@
+-#
+-# test/Makefile
+-#
+-
+-DIR= test
+-TOP= ..
+-CC= cc
+-INCLUDES= -I$(TOP) -I../include -I../crypto/include -I$(TOP)/fips
+-CFLAG= -g
+-MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+-PERL= perl
+-
+-PLIB_LDFLAG=
+-EX_LIBS= #-lnsl -lsocket
+-
+-CFLAGS= $(INCLUDES) $(CFLAG)
+-LDFLAGS= $(CFLAGS) $(LDFLAG)
+-
+-GENERAL=Makefile maketests.com \
+- tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
+- tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
+- testca.com VMSca-response.1 VMSca-response.2
+-
+-DLIBCRYPTO= ../libcrypto.a
+-DLIBSSL= ../libssl.a
+-LIBCRYPTO= -L.. -lcrypto
+-LIBSSL= -L.. -lssl
+-LIBFIPS= -L.. -lfips
+-
+-# Prefix for logline for each test
+-START= @@@ START
+-
+-NPTEST= nptest
+-MEMLEAKTEST= memleaktest
+-BNTEST= bntest
+-ECTEST= ectest
+-ECDSATEST= ecdsatest
+-ECDHTEST= ecdhtest
+-EXPTEST= exptest
+-GMDIFFTEST= gmdifftest
+-PBELUTEST= pbelutest
+-IDEATEST= ideatest
+-SHA1TEST= sha1test
+-SHA256TEST= sha256t
+-SHA512TEST= sha512t
+-MDC2TEST= mdc2test
+-RMDTEST= rmdtest
+-MD2TEST= md2test
+-MD4TEST= md4test
+-MD5TEST= md5test
+-HMACTEST= hmactest
+-WPTEST= wp_test
+-RC2TEST= rc2test
+-RC4TEST= rc4test
+-RC5TEST= rc5test
+-BFTEST= bftest
+-CASTTEST= casttest
+-DESTEST= destest
+-RANDTEST= randtest
+-DHTEST= dhtest
+-DSATEST= dsatest
+-SSLTESTOLD= ssltest_old
+-DANETEST= danetest
+-RSATEST= rsa_test
+-ENGINETEST= enginetest
+-EVPTEST= evp_test
+-EVPEXTRATEST=evp_extra_test
+-P5_CRPT2_TEST= p5_crpt2_test
+-IGETEST= igetest
+-SECMEMTEST= secmemtest
+-SRPTEST= srptest
+-V3NAMETEST= v3nametest
+-HEARTBEATTEST= heartbeat_test
+-CONSTTIMETEST= constant_time_test
+-VERIFYEXTRATEST= verify_extra_test
+-CLIENTHELLOTEST= clienthellotest
+-PACKETTEST= packettest
+-SSLVERTOLTEST= sslvertoltest
+-SSLEXTENSIONTEST= sslextensiontest
+-SSLSESSIONTICKTEST= sslsessionticktest
+-SSLSKEWITH0PTEST= sslskewith0ptest
+-ASYNCTEST= asynctest
+-DTLSV1LISTENTEST = dtlsv1listentest
+-CTTEST= ct_test
+-THREADSTEST= threadstest
+-AFALGTEST= afalgtest
+-D2ITEST = d2i_test
+-SSLTESTCTXTEST = ssl_test_ctx_test
+-SSLTEST = ssl_test
+-
+-TESTS= alltests
+-
+-EXE= $(NPTEST)$(EXE_EXT) $(MEMLEAKTEST)$(EXE_EXT) \
+- $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) \
+- $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(GMDIFFTEST)$(EXE_EXT) \
+- $(PBELUTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \
+- $(MD2TEST)$(EXE_EXT) $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) $(WPTEST)$(EXE_EXT) \
+- $(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
+- $(DESTEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \
+- $(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
+- $(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
+- $(DANETEST)$(EXE_EXT) \
+- $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTESTOLD)$(EXE_EXT) \
+- $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
+- $(EVPTEST)$(EXE_EXT) $(EVPEXTRATEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) \
+- $(SECMEMTEST)$(EXE_EXT) \
+- $(SRPTEST)$(EXE_EXT) $(V3NAMETEST)$(EXE_EXT) \
+- $(HEARTBEATTEST)$(EXE_EXT) $(P5_CRPT2_TEST)$(EXE_EXT) \
+- $(CONSTTIMETEST)$(EXE_EXT) $(VERIFYEXTRATEST)$(EXE_EXT) \
+- $(CLIENTHELLOTEST)$(EXE_EXT) $(PACKETTEST)$(EXE_EXT) $(ASYNCTEST)$(EXE_EXT) \
+- $(DTLSV1LISTENTEST)$(EXE_EXT) $(CTTEST)$(EXE_EXT) $(THREADSTEST)$(EXE_EXT) \
+- $(AFALGTEST)$(EXE_EXT) $(D2ITEST)$(EXE_EXT) $(SSLTESTCTXTEST)$(EXE_EXT) \
+- $(SSLTEST)$(EXE_EXT)
+-
+-# $(METHTEST)$(EXE_EXT)
+-
+-OBJ= $(NPTEST).o $(MEMLEAKTEST).o \
+- $(BNTEST).o $(ECTEST).o \
+- $(ECDSATEST).o $(ECDHTEST).o $(GMDIFFTEST).o $(PBELUTEST).o $(IDEATEST).o \
+- $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
+- $(HMACTEST).o $(WPTEST).o \
+- $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
+- $(DESTEST).o $(SHA1TEST).o $(SHA256TEST).o $(SHA512TEST).o \
+- $(MDC2TEST).o $(RMDTEST).o $(DANETEST).o \
+- $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
+- $(BFTEST).o $(SSLTESTOLD).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \
+- $(EVPTEST).o $(EVPEXTRATEST).o $(IGETEST).o $(V3NAMETEST).o \
+- $(HEARTBEATTEST).o $(P5_CRPT2_TEST).o \
+- $(CONSTTIMETEST).o $(VERIFYEXTRATEST).o $(CLIENTHELLOTEST).o \
+- $(PACKETTEST).o $(ASYNCTEST).o $(DTLSV1LISTENTEST).o $(CTTEST).o \
+- $(THREADSTEST).o testutil.o $(AFALGTEST).o $(D2ITEST).o ssl_test_ctx.o \
+- $(SSLTESTCTXTEST).o $(SSLTEST).o handshake_helper.o
+-
+-SRC= $(NPTEST).c $(MEMLEAKTEST).c \
+- $(BNTEST).c $(ECTEST).c \
+- $(ECDSATEST).c $(ECDHTEST).c $(GMDIFFTEST).c $(PBELUTEST).c $(IDEATEST).c \
+- $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
+- $(HMACTEST).c $(WPTEST).c \
+- $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c $(DANETEST).c \
+- $(DESTEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+- $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
+- $(BFTEST).c $(SSLTESTOLD).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \
+- $(EVPTEST).c $(EVPEXTRATEST).c $(IGETEST).c $(V3NAMETEST).c \
+- $(HEARTBEATTEST).c $(P5_CRPT2_TEST).c \
+- $(CONSTTIMETEST).c $(VERIFYEXTRATEST).c $(CLIENTHELLOTEST).c \
+- $(PACKETTEST).c $(ASYNCTEST).c $(DTLSV1LISTENTEST).c $(CTTEST).c \
+- $(THREADSTEST).c testutil.c $(AFALGTEST).c $(D2ITEST).c ssl_test_ctx.c \
+- $(SSLTESTCTXTEST).c $(SSLTEST).c handshake_helper.c
+-
+-HEADER= testutil.h ssl_test_ctx.h handshake_helper.h
+-
+-ALL= $(GENERAL) $(SRC) $(HEADER)
+-
+-top:
+- (cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
+-
+-all: exe
+-
+-exe: $(EXE) dummytest$(EXE_EXT)
+-
+-generate: $(SRC)
+-$(SRC):
+- @sh $(TOP)/util/point.sh dummytest.c $@
+-
+-tests: exe apps
+- OPENSSL_ENGINES=../engines TOP=$(TOP) PERL=$(PERL) \
+- $(PERL) run_tests.pl $(TESTS)
+-
+-errors:
+-
+-list-tests:
+- @TOP=$(TOP) PERL=$(PERL) $(PERL) run_tests.pl list
+-
+-apps:
+- @(cd ..; $(MAKE) DIRS=apps all)
+-
+-depend:
+- $(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(SRC)
+-
+-clean:
+- rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log *.log dummytest
+-
+-$(DLIBSSL):
+- (cd ..; $(MAKE) build_libssl)
+-
+-$(DLIBCRYPTO):
+- (cd ..; $(MAKE) build_libcrypto)
+-
+-BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+- shlib_target="$(SHLIB_TARGET)"; \
+- fi; \
+- LIBRARIES="$(LIBSSL) $(LIBCRYPTO)"; \
+- $(MAKE) -f $(TOP)/Makefile.shared -e \
+- APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o $$testutil" \
+- LDFLAG="$(LDFLAG)" \
+- LIBDEPS="$(PLIB_LDFLAG) $$LIBRARIES $(EX_LIBS)" \
+- link_app.$${shlib_target}
+-
+-BUILD_CMD_STATIC=shlib_target=; \
+- LIBRARIES="$(DLIBSSL) $(DLIBCRYPTO)"; \
+- $(MAKE) -f $(TOP)/Makefile.shared -e \
+- APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o $$testutil" \
+- LDFLAG="$(LDFLAG)" \
+- LIBDEPS="$(PLIB_LDFLAG) $$LIBRARIES $(EX_LIBS)" \
+- link_app.$${shlib_target}
+-
+-$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
+- @target=$(RSATEST); $(BUILD_CMD)
+-
+-$(NPTEST)$(EXE_EXT): $(NPTEST).o $(DLIBCRYPTO)
+- @target=$(NPTEST); $(BUILD_CMD)
+-
+-$(MEMLEAKTEST)$(EXE_EXT): $(MEMLEAKTEST).o $(DLIBCRYPTO)
+- @target=$(MEMLEAKTEST); $(BUILD_CMD)
+-
+-$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
+- @target=$(BNTEST); $(BUILD_CMD)
+-
+-$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
+- @target=$(ECTEST); $(BUILD_CMD)
+-
+-$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
+- @target=$(EXPTEST); $(BUILD_CMD)
+-
+-$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
+- @target=$(IDEATEST); $(BUILD_CMD)
+-
+-$(GMDIFFTEST)$(EXE_EXT): $(GMDIFFTEST).o $(DLIBCRYPTO)
+- @target=$(GMDIFFTEST); $(BUILD_CMD)
+-
+-$(PBELUTEST)$(EXE_EXT): $(PBELUTEST).o $(DLIBCRYPTO)
+- @target=$(PBELUTEST); $(BUILD_CMD)
+-
+-$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
+- @target=$(MD2TEST); $(BUILD_CMD)
+-
+-$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
+- @target=$(SHA1TEST); $(BUILD_CMD)
+-
+-$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
+- @target=$(SHA256TEST); $(BUILD_CMD)
+-
+-$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
+- @target=$(SHA512TEST); $(BUILD_CMD)
+-
+-FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+- shlib_target="$(SHLIB_TARGET)"; \
+- fi; \
+- if [ "$(FIPSCANLIB)" = "libfips" ]; then \
+- LIBRARIES="-L$(TOP) -lfips"; \
+- elif [ -n "$(FIPSCANLIB)" ]; then \
+- FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
+- LIBRARIES="$${FIPSLIBDIR:-$(TOP)/fips/}fipscanister.o"; \
+- else \
+- LIBRARIES="$(LIBCRYPTO)"; \
+- fi; \
+- $(MAKE) -f $(TOP)/Makefile.shared -e \
+- CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+- LDFLAG="$(LDFLAG)" \
+- LIBDEPS="$(PLIB_LDFLAG) $$LIBRARIES $(EX_LIBS)" \
+- link_app.$${shlib_target}
+-
+-FIPS_CRYPTO_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+- shlib_target="$(SHLIB_TARGET)"; \
+- fi; \
+- LIBRARIES="$(LIBSSL) $(LIBCRYPTO)"; \
+- if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
+- FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
+- fi; \
+- [ "$(FIPSCANLIB)" = "libfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \
+- $(MAKE) -f $(TOP)/Makefile.shared -e \
+- CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+- LDFLAG="$(LDFLAG)" \
+- LIBDEPS="$(PLIB_LDFLAG) $$LIBRARIES $(EX_LIBS)" \
+- link_app.$${shlib_target}
+-
+-$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
+- @target=$(RMDTEST); $(BUILD_CMD)
+-
+-$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
+- @target=$(MDC2TEST); $(BUILD_CMD)
+-
+-$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
+- @target=$(MD4TEST); $(BUILD_CMD)
+-
+-$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
+- @target=$(MD5TEST); $(BUILD_CMD)
+-
+-$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
+- @target=$(HMACTEST); $(BUILD_CMD)
+-
+-$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
+- @target=$(WPTEST); $(BUILD_CMD)
+-
+-$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
+- @target=$(RC2TEST); $(BUILD_CMD)
+-
+-$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
+- @target=$(BFTEST); $(BUILD_CMD)
+-
+-$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
+- @target=$(CASTTEST); $(BUILD_CMD)
+-
+-$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
+- @target=$(RC4TEST); $(BUILD_CMD)
+-
+-$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
+- @target=$(RC5TEST); $(BUILD_CMD)
+-
+-$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
+- @target=$(DESTEST); $(BUILD_CMD)
+-
+-$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
+- @target=$(RANDTEST); $(BUILD_CMD)
+-
+-$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
+- @target=$(DHTEST); $(BUILD_CMD)
+-
+-$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
+- @target=$(DSATEST); $(BUILD_CMD)
+-
+-$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
+- @target=$(METHTEST); $(BUILD_CMD)
+-
+-$(SSLTESTOLD)$(EXE_EXT): $(SSLTESTOLD).o $(DLIBSSL) $(DLIBCRYPTO)
+- @target=$(SSLTESTOLD); $(BUILD_CMD)
+-
+-$(DANETEST)$(EXE_EXT): $(DANETEST).o $(DLIBSSL) $(DLIBCRYPTO)
+- @target=$(DANETEST); $(BUILD_CMD)
+-
+-$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
+- @target=$(ENGINETEST); $(BUILD_CMD)
+-
+-$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
+- @target=$(EVPTEST); $(BUILD_CMD)
+-
+-$(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
+- @target=$(EVPEXTRATEST); $(BUILD_CMD)
+-
+-$(P5_CRPT2_TEST)$(EXE_EXT): $(P5_CRPT2_TEST).o $(DLIBCRYPTO)
+- @target=$(P5_CRPT2_TEST); $(BUILD_CMD)
+-
+-$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
+- @target=$(ECDSATEST); $(BUILD_CMD)
+-
+-$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
+- @target=$(ECDHTEST); $(BUILD_CMD)
+-
+-$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
+- @target=$(IGETEST); $(BUILD_CMD)
+-
+-$(SECMEMTEST)$(EXE_EXT): $(SECMEMTEST).o $(DLIBCRYPTO)
+- @target=$(SECMEMTEST); $(BUILD_CMD)
+-
+-$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
+- @target=$(SRPTEST); $(BUILD_CMD)
+-
+-$(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
+- @target=$(V3NAMETEST); $(BUILD_CMD)
+-
+-$(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) testutil.o
+- @target=$(HEARTBEATTEST) testutil=testutil.o; $(BUILD_CMD_STATIC)
+-
+-$(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
+- @target=$(CONSTTIMETEST) $(BUILD_CMD)
+-
+-$(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o
+- @target=$(VERIFYEXTRATEST) $(BUILD_CMD)
+-
+-$(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o
+- @target=$(CLIENTHELLOTEST) $(BUILD_CMD)
+-
+-$(PACKETTEST)$(EXE_EXT): $(PACKETTEST).o
+- @target=$(PACKETTEST) $(BUILD_CMD)
+-
+-$(ASYNCTEST)$(EXE_EXT): $(ASYNCTEST).o
+- @target=$(ASYNCTEST) $(BUILD_CMD)
+-
+-$(DTLSV1LISTENTEST)$(EXE_EXT): $(DTLSV1LISTENTEST).o
+- @target=$(DTLSV1LISTENTEST) $(BUILD_CMD)
+-
+-$(CTTEST)$(EXE_EXT): $(CTTEST).o $(DLIBCRYPTO) testutil.o
+- @target=$(CTTEST) testutil=testutil.o; $(BUILD_CMD)
+-
+-$(THREADSTEST)$(EXE_EXT): $(THREADSTEST).o $(DLIBCRYPTO)
+- @target=$(THREADSTEST) $(BUILD_CMD)
+-
+-dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
+- @target=dummytest; $(BUILD_CMD)
+-
+-$(AFALGTEST)$(EXE_EXT): $(AFALGTEST).o $(DLIBCRYPTO)
+- @target=$(AFALGTEST); $(BUILD_CMD)
+-
+-$(D2ITEST)$(EXE_EXT): $(D2ITEST).o $(DLIBCRYPTO) testutil.o
+- @target=$(D2ITEST) testutil=testutil.o; $(BUILD_CMD)
+-
+-$(SSLTESTCTXTEST)$(EXE_EXT): $(SSLTESTCTXTEST).o testutil.o $(DLIBCRYPTO)
+- @target=$(SSLTESTCTXTEST); $(BUILD_CMD)
+-
+-$(SSLTESTCTXTEST)$(EXE_EXT): $(SSLTESTCTXTEST).o testutil.o ssl_test_ctx.o \
+- $(DLIBCRYPTO)
+- @target=$(SSLTESTCTXTEST) testutil="testutil.o ssl_test_ctx.o"; \
+- $(BUILD_CMD)
+-
+-$(SSLTEST)$(EXE_EXT): $(SSLTEST).o testutil.o ssl_test_ctx.o \
+- handshake_helper.o $(DLIBSSL) $(DLIBCRYPTO)
+- @target=$(SSLTEST) testutil="testutil.o ssl_test_ctx.o \
+- handshake_helper.o"; $(BUILD_CMD)
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/test/README.ssltest.md b/test/README.ssltest.md
+index b65a0d7..2957d85 100644
+--- a/test/README.ssltest.md
++++ b/test/README.ssltest.md
+@@ -59,6 +59,11 @@ The test section supports the following options:
+ * Protocol - expected negotiated protocol. One of
+ SSLv3, TLSv1, TLSv1.1, TLSv1.2.
+
++* ClientVerifyCallback - the client's custom certificate verify callback.
++ Used to test callback behaviour. One of
++ - AcceptAll - accepts all certificates.
++ - RejectAll - rejects all certificates.
++
+ ## Configuring the client and server
+
+ The client and server configurations can be any valid `SSL_CTX`
+diff --git a/test/aborttest.c b/test/aborttest.c
+index 98aeddf..ba5055e 100644
+--- a/test/aborttest.c
++++ b/test/aborttest.c
+@@ -1,11 +1,10 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/test/afalgtest.c b/test/afalgtest.c
+index 80aa1e7..3baced7 100644
+--- a/test/afalgtest.c
++++ b/test/afalgtest.c
+@@ -1,56 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <openssl/opensslconf.h>
+
+diff --git a/test/asynciotest.c b/test/asynciotest.c
+new file mode 100644
+index 0000000..f80425e
+--- /dev/null
++++ b/test/asynciotest.c
+@@ -0,0 +1,380 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++#include <string.h>
++#include <openssl/ssl.h>
++#include <openssl/bio.h>
++#include <openssl/err.h>
++
++#include "../ssl/packet_locl.h"
++
++/* Should we fragment records or not? 0 = no, !0 = yes*/
++static int fragment = 0;
++
++static int async_new(BIO *bi);
++static int async_free(BIO *a);
++static int async_read(BIO *b, char *out, int outl);
++static int async_write(BIO *b, const char *in, int inl);
++static long async_ctrl(BIO *b, int cmd, long num, void *ptr);
++static int async_gets(BIO *bp, char *buf, int size);
++static int async_puts(BIO *bp, const char *str);
++
++/* Choose a sufficiently large type likely to be unused for this custom BIO */
++# define BIO_TYPE_ASYNC_FILTER (0x80 | BIO_TYPE_FILTER)
++
++static BIO_METHOD *methods_async = NULL;
++
++struct async_ctrs {
++ unsigned int rctr;
++ unsigned int wctr;
++};
++
++static const BIO_METHOD *bio_f_async_filter()
++{
++ if (methods_async == NULL) {
++ methods_async = BIO_meth_new(BIO_TYPE_ASYNC_FILTER, "Async filter");
++ if ( methods_async == NULL
++ || !BIO_meth_set_write(methods_async, async_write)
++ || !BIO_meth_set_read(methods_async, async_read)
++ || !BIO_meth_set_puts(methods_async, async_puts)
++ || !BIO_meth_set_gets(methods_async, async_gets)
++ || !BIO_meth_set_ctrl(methods_async, async_ctrl)
++ || !BIO_meth_set_create(methods_async, async_new)
++ || !BIO_meth_set_destroy(methods_async, async_free))
++ return NULL;
++ }
++ return methods_async;
++}
++
++static int async_new(BIO *bio)
++{
++ struct async_ctrs *ctrs;
++
++ ctrs = OPENSSL_zalloc(sizeof(struct async_ctrs));
++ if (ctrs == NULL)
++ return 0;
++
++ BIO_set_data(bio, ctrs);
++ BIO_set_init(bio, 1);
++ return 1;
++}
++
++static int async_free(BIO *bio)
++{
++ struct async_ctrs *ctrs;
++
++ if (bio == NULL)
++ return 0;
++ ctrs = BIO_get_data(bio);
++ OPENSSL_free(ctrs);
++ BIO_set_data(bio, NULL);
++ BIO_set_init(bio, 0);
++
++ return 1;
++}
++
++static int async_read(BIO *bio, char *out, int outl)
++{
++ struct async_ctrs *ctrs;
++ int ret = 0;
++ BIO *next = BIO_next(bio);
++
++ if (outl <= 0)
++ return 0;
++ if (next == NULL)
++ return 0;
++
++ ctrs = BIO_get_data(bio);
++
++ BIO_clear_retry_flags(bio);
++
++ if (ctrs->rctr > 0) {
++ ret = BIO_read(next, out, 1);
++ if (ret <= 0 && BIO_should_read(next))
++ BIO_set_retry_read(bio);
++ ctrs->rctr = 0;
++ } else {
++ ctrs->rctr++;
++ BIO_set_retry_read(bio);
++ }
++
++ return ret;
++}
++
++#define MIN_RECORD_LEN 6
++
++#define CONTENTTYPEPOS 0
++#define VERSIONHIPOS 1
++#define VERSIONLOPOS 2
++#define DATAPOS 5
++
++static int async_write(BIO *bio, const char *in, int inl)
++{
++ struct async_ctrs *ctrs;
++ int ret = 0;
++ size_t written = 0;
++ BIO *next = BIO_next(bio);
++
++ if (inl <= 0)
++ return 0;
++ if (next == NULL)
++ return 0;
++
++ ctrs = BIO_get_data(bio);
++
++ BIO_clear_retry_flags(bio);
++
++ if (ctrs->wctr > 0) {
++ ctrs->wctr = 0;
++ if (fragment) {
++ PACKET pkt;
++
++ if (!PACKET_buf_init(&pkt, (const unsigned char *)in, inl))
++ abort();
++
++ while (PACKET_remaining(&pkt) > 0) {
++ PACKET payload;
++ unsigned int contenttype, versionhi, versionlo, data;
++
++ if ( !PACKET_get_1(&pkt, &contenttype)
++ || !PACKET_get_1(&pkt, &versionhi)
++ || !PACKET_get_1(&pkt, &versionlo)
++ || !PACKET_get_length_prefixed_2(&pkt, &payload))
++ abort();
++
++ /* Pretend we wrote out the record header */
++ written += SSL3_RT_HEADER_LENGTH;
++
++ while (PACKET_get_1(&payload, &data)) {
++ /* Create a new one byte long record for each byte in the
++ * record in the input buffer
++ */
++ char smallrec[MIN_RECORD_LEN] = {
++ 0, /* Content type */
++ 0, /* Version hi */
++ 0, /* Version lo */
++ 0, /* Length hi */
++ 1, /* Length lo */
++ 0 /* Data */
++ };
++
++ smallrec[CONTENTTYPEPOS] = contenttype;
++ smallrec[VERSIONHIPOS] = versionhi;
++ smallrec[VERSIONLOPOS] = versionlo;
++ smallrec[DATAPOS] = data;
++ ret = BIO_write(next, smallrec, MIN_RECORD_LEN);
++ if (ret <= 0)
++ abort();
++ written++;
++ }
++ /*
++ * We can't fragment anything after the CCS, otherwise we
++ * get a bad record MAC
++ */
++ if (contenttype == SSL3_RT_CHANGE_CIPHER_SPEC) {
++ fragment = 0;
++ break;
++ }
++ }
++ }
++ /* Write any data we have left after fragmenting */
++ ret = 0;
++ if ((int)written < inl) {
++ ret = BIO_write(next, in + written , inl - written);
++ }
++
++ if (ret <= 0 && BIO_should_write(next))
++ BIO_set_retry_write(bio);
++ else
++ ret += written;
++ } else {
++ ctrs->wctr++;
++ BIO_set_retry_write(bio);
++ }
++
++ return ret;
++}
++
++static long async_ctrl(BIO *bio, int cmd, long num, void *ptr)
++{
++ long ret;
++ BIO *next = BIO_next(bio);
++
++ if (next == NULL)
++ return 0;
++
++ switch (cmd) {
++ case BIO_CTRL_DUP:
++ ret = 0L;
++ break;
++ default:
++ ret = BIO_ctrl(next, cmd, num, ptr);
++ break;
++ }
++ return ret;
++}
++
++static int async_gets(BIO *bio, char *buf, int size)
++{
++ /* We don't support this - not needed anyway */
++ return -1;
++}
++
++static int async_puts(BIO *bio, const char *str)
++{
++ return async_write(bio, str, strlen(str));
++}
++
++#define MAXLOOPS 100000
++
++int main(int argc, char *argv[])
++{
++ SSL_CTX *serverctx = NULL, *clientctx = NULL;
++ SSL *serverssl = NULL, *clientssl = NULL;
++ BIO *s_to_c_bio = NULL, *c_to_s_bio = NULL;
++ BIO *s_to_c_fbio = NULL, *c_to_s_fbio = NULL;
++ int retc = -1, rets = -1, err, abortctr;
++ int test;
++
++ CRYPTO_set_mem_debug(1);
++ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
++
++ if (argc != 3) {
++ printf("Invalid argument count\n");
++ goto end;
++ }
++
++ serverctx = SSL_CTX_new(TLS_server_method());
++ clientctx = SSL_CTX_new(TLS_client_method());
++ if (serverctx == NULL || clientctx == NULL) {
++ printf("Failed to create SSL_CTX\n");
++ goto end;
++ }
++
++ if (SSL_CTX_use_certificate_file(serverctx, argv[1],
++ SSL_FILETYPE_PEM) <= 0) {
++ printf("Failed to load server certificate\n");
++ goto end;
++ }
++ if (SSL_CTX_use_PrivateKey_file(serverctx, argv[2],
++ SSL_FILETYPE_PEM) <= 0) {
++ printf("Failed to load server private key\n");
++ }
++ if (SSL_CTX_check_private_key(serverctx) <= 0) {
++ printf("Failed to check private key\n");
++ goto end;
++ }
++
++ /*
++ * We do 2 test runs. The first time around we just do a normal handshake
++ * with lots of async io going on. The second time around we also break up
++ * all records so that the content is only one byte length (up until the
++ * CCS)
++ */
++ for (test = 1; test < 3; test++) {
++ abortctr = 0;
++ retc = rets = -1;
++ if (test == 2)
++ fragment = 1;
++
++ serverssl = SSL_new(serverctx);
++ clientssl = SSL_new(clientctx);
++ if (serverssl == NULL || clientssl == NULL) {
++ printf("Failed to create SSL object\n");
++ goto end;
++ }
++
++ s_to_c_bio = BIO_new(BIO_s_mem());
++ c_to_s_bio = BIO_new(BIO_s_mem());
++ if (s_to_c_bio == NULL || c_to_s_bio == NULL) {
++ printf("Failed to create mem BIOs\n");
++ goto end;
++ }
++
++ s_to_c_fbio = BIO_new(bio_f_async_filter());
++ c_to_s_fbio = BIO_new(bio_f_async_filter());
++ if (s_to_c_fbio == NULL || c_to_s_fbio == NULL) {
++ printf("Failed to create filter BIOs\n");
++ goto end;
++ }
++
++ s_to_c_bio = BIO_push(s_to_c_fbio, s_to_c_bio);
++ c_to_s_bio = BIO_push(c_to_s_fbio, c_to_s_bio);
++ if (s_to_c_bio == NULL || c_to_s_bio == NULL) {
++ printf("Failed to create chained BIOs\n");
++ goto end;
++ }
++
++ /* Set Non-blocking IO behaviour */
++ BIO_set_mem_eof_return(s_to_c_bio, -1);
++ BIO_set_mem_eof_return(c_to_s_bio, -1);
++
++ /* Up ref these as we are passing them to two SSL objects */
++ BIO_up_ref(s_to_c_bio);
++ BIO_up_ref(c_to_s_bio);
++
++ SSL_set_bio(serverssl, c_to_s_bio, s_to_c_bio);
++ SSL_set_bio(clientssl, s_to_c_bio, c_to_s_bio);
++
++ do {
++ err = SSL_ERROR_WANT_WRITE;
++ while (retc <= 0 && err == SSL_ERROR_WANT_WRITE) {
++ retc = SSL_connect(clientssl);
++ if (retc <= 0)
++ err = SSL_get_error(clientssl, retc);
++ }
++
++ if (retc <= 0 && err != SSL_ERROR_WANT_READ) {
++ printf("Test %d failed: SSL_connect() failed %d, %d\n",
++ test, retc, err);
++ goto end;
++ }
++
++ err = SSL_ERROR_WANT_WRITE;
++ while (rets <= 0 && err == SSL_ERROR_WANT_WRITE) {
++ rets = SSL_accept(serverssl);
++ if (rets <= 0)
++ err = SSL_get_error(serverssl, rets);
++ }
++
++ if (rets <= 0 && err != SSL_ERROR_WANT_READ) {
++ printf("Test %d failed: SSL_accept() failed %d, %d\n",
++ test, retc, err);
++ goto end;
++ }
++ if (++abortctr == MAXLOOPS) {
++ printf("Test %d failed: No progress made\n", test);
++ goto end;
++ }
++ } while (retc <=0 || rets <= 0);
++
++ /* Also frees the BIOs */
++ SSL_free(clientssl);
++ SSL_free(serverssl);
++ clientssl = serverssl = NULL;
++ }
++
++ printf("Test success\n");
++
++ end:
++ if (retc <= 0 || rets <= 0)
++ ERR_print_errors_fp(stderr);
++
++ SSL_free(clientssl);
++ SSL_free(serverssl);
++ SSL_CTX_free(clientctx);
++ SSL_CTX_free(serverctx);
++
++# ifndef OPENSSL_NO_CRYPTO_MDEBUG
++ CRYPTO_mem_leaks_fp(stderr);
++# endif
++
++ return (retc > 0 && rets > 0) ? 0 : 1;
++}
+diff --git a/test/asynctest.c b/test/asynctest.c
+index 4694fda..6728058 100644
+--- a/test/asynctest.c
++++ b/test/asynctest.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/bftest.c b/test/bftest.c
+index b5e6c51..eb8d8a6 100644
+--- a/test/bftest.c
++++ b/test/bftest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+@@ -80,7 +32,7 @@ int main(int argc, char *argv[])
+ # include <openssl/ebcdic.h>
+ # endif
+
+-static char *bf_key[2] = {
++static char bf_key[2][30] = {
+ "abcdefghijklmnopqrstuvwxyz",
+ "Who is John Galt?"
+ };
+diff --git a/test/bioprinttest.c b/test/bioprinttest.c
+new file mode 100644
+index 0000000..c69a79c
+--- /dev/null
++++ b/test/bioprinttest.c
+@@ -0,0 +1,225 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++#include <stdio.h>
++#include <string.h>
++#include <openssl/bio.h>
++
++static int justprint = 0;
++
++static char *fpexpected[][5] = {
++ /* 0 */ { "0.0000e+00", "0.0000", "0", "0.0000E+00", "0" },
++ /* 1 */ { "6.7000e-01", "0.6700", "0.67", "6.7000E-01", "0.67" },
++ /* 2 */ { "6.6667e-01", "0.6667", "0.6667", "6.6667E-01", "0.6667" },
++ /* 3 */ { "6.6667e-04", "0.0007", "0.0006667", "6.6667E-04", "0.0006667" },
++ /* 4 */ { "6.6667e-05", "0.0001", "6.667e-05", "6.6667E-05", "6.667E-05" },
++ /* 5 */ { "6.6667e+00", "6.6667", "6.667", "6.6667E+00", "6.667" },
++ /* 6 */ { "6.6667e+01", "66.6667", "66.67", "6.6667E+01", "66.67" },
++ /* 7 */ { "6.6667e+02", "666.6667", "666.7", "6.6667E+02", "666.7" },
++ /* 8 */ { "6.6667e+03", "6666.6667", "6667", "6.6667E+03", "6667" },
++ /* 9 */ { "6.6667e+04", "66666.6667", "6.667e+04", "6.6667E+04", "6.667E+04" },
++ /* 10 */ { "0.00000e+00", "0.00000", "0", "0.00000E+00", "0" },
++ /* 11 */ { "6.70000e-01", "0.67000", "0.67", "6.70000E-01", "0.67" },
++ /* 12 */ { "6.66667e-01", "0.66667", "0.66667", "6.66667E-01", "0.66667" },
++ /* 13 */ { "6.66667e-04", "0.00067", "0.00066667", "6.66667E-04", "0.00066667" },
++ /* 14 */ { "6.66667e-05", "0.00007", "6.6667e-05", "6.66667E-05", "6.6667E-05" },
++ /* 15 */ { "6.66667e+00", "6.66667", "6.6667", "6.66667E+00", "6.6667" },
++ /* 16 */ { "6.66667e+01", "66.66667", "66.667", "6.66667E+01", "66.667" },
++ /* 17 */ { "6.66667e+02", "666.66667", "666.67", "6.66667E+02", "666.67" },
++ /* 18 */ { "6.66667e+03", "6666.66667", "6666.7", "6.66667E+03", "6666.7" },
++ /* 19 */ { "6.66667e+04", "66666.66667", "66667", "6.66667E+04", "66667" },
++ /* 20 */ { " 0.0000e+00", " 0.0000", " 0", " 0.0000E+00", " 0" },
++ /* 21 */ { " 6.7000e-01", " 0.6700", " 0.67", " 6.7000E-01", " 0.67" },
++ /* 22 */ { " 6.6667e-01", " 0.6667", " 0.6667", " 6.6667E-01", " 0.6667" },
++ /* 23 */ { " 6.6667e-04", " 0.0007", " 0.0006667", " 6.6667E-04", " 0.0006667" },
++ /* 24 */ { " 6.6667e-05", " 0.0001", " 6.667e-05", " 6.6667E-05", " 6.667E-05" },
++ /* 25 */ { " 6.6667e+00", " 6.6667", " 6.667", " 6.6667E+00", " 6.667" },
++ /* 26 */ { " 6.6667e+01", " 66.6667", " 66.67", " 6.6667E+01", " 66.67" },
++ /* 27 */ { " 6.6667e+02", " 666.6667", " 666.7", " 6.6667E+02", " 666.7" },
++ /* 28 */ { " 6.6667e+03", " 6666.6667", " 6667", " 6.6667E+03", " 6667" },
++ /* 29 */ { " 6.6667e+04", " 66666.6667", " 6.667e+04", " 6.6667E+04", " 6.667E+04" },
++ /* 30 */ { " 0.00000e+00", " 0.00000", " 0", " 0.00000E+00", " 0" },
++ /* 31 */ { " 6.70000e-01", " 0.67000", " 0.67", " 6.70000E-01", " 0.67" },
++ /* 32 */ { " 6.66667e-01", " 0.66667", " 0.66667", " 6.66667E-01", " 0.66667" },
++ /* 33 */ { " 6.66667e-04", " 0.00067", " 0.00066667", " 6.66667E-04", " 0.00066667" },
++ /* 34 */ { " 6.66667e-05", " 0.00007", " 6.6667e-05", " 6.66667E-05", " 6.6667E-05" },
++ /* 35 */ { " 6.66667e+00", " 6.66667", " 6.6667", " 6.66667E+00", " 6.6667" },
++ /* 36 */ { " 6.66667e+01", " 66.66667", " 66.667", " 6.66667E+01", " 66.667" },
++ /* 37 */ { " 6.66667e+02", " 666.66667", " 666.67", " 6.66667E+02", " 666.67" },
++ /* 38 */ { " 6.66667e+03", " 6666.66667", " 6666.7", " 6.66667E+03", " 6666.7" },
++ /* 39 */ { " 6.66667e+04", " 66666.66667", " 66667", " 6.66667E+04", " 66667" },
++ /* 40 */ { "0e+00", "0", "0", "0E+00", "0" },
++ /* 41 */ { "7e-01", "1", "0.7", "7E-01", "0.7" },
++ /* 42 */ { "7e-01", "1", "0.7", "7E-01", "0.7" },
++ /* 43 */ { "7e-04", "0", "0.0007", "7E-04", "0.0007" },
++ /* 44 */ { "7e-05", "0", "7e-05", "7E-05", "7E-05" },
++ /* 45 */ { "7e+00", "7", "7", "7E+00", "7" },
++ /* 46 */ { "7e+01", "67", "7e+01", "7E+01", "7E+01" },
++ /* 47 */ { "7e+02", "667", "7e+02", "7E+02", "7E+02" },
++ /* 48 */ { "7e+03", "6667", "7e+03", "7E+03", "7E+03" },
++ /* 49 */ { "7e+04", "66667", "7e+04", "7E+04", "7E+04" },
++ /* 50 */ { "0.000000e+00", "0.000000", "0", "0.000000E+00", "0" },
++ /* 51 */ { "6.700000e-01", "0.670000", "0.67", "6.700000E-01", "0.67" },
++ /* 52 */ { "6.666667e-01", "0.666667", "0.666667", "6.666667E-01", "0.666667" },
++ /* 53 */ { "6.666667e-04", "0.000667", "0.000666667", "6.666667E-04", "0.000666667" },
++ /* 54 */ { "6.666667e-05", "0.000067", "6.66667e-05", "6.666667E-05", "6.66667E-05" },
++ /* 55 */ { "6.666667e+00", "6.666667", "6.66667", "6.666667E+00", "6.66667" },
++ /* 56 */ { "6.666667e+01", "66.666667", "66.6667", "6.666667E+01", "66.6667" },
++ /* 57 */ { "6.666667e+02", "666.666667", "666.667", "6.666667E+02", "666.667" },
++ /* 58 */ { "6.666667e+03", "6666.666667", "6666.67", "6.666667E+03", "6666.67" },
++ /* 59 */ { "6.666667e+04", "66666.666667", "66666.7", "6.666667E+04", "66666.7" },
++ /* 60 */ { "0.0000e+00", "000.0000", "00000000", "0.0000E+00", "00000000" },
++ /* 61 */ { "6.7000e-01", "000.6700", "00000.67", "6.7000E-01", "00000.67" },
++ /* 62 */ { "6.6667e-01", "000.6667", "000.6667", "6.6667E-01", "000.6667" },
++ /* 63 */ { "6.6667e-04", "000.0007", "0.0006667", "6.6667E-04", "0.0006667" },
++ /* 64 */ { "6.6667e-05", "000.0001", "6.667e-05", "6.6667E-05", "6.667E-05" },
++ /* 65 */ { "6.6667e+00", "006.6667", "0006.667", "6.6667E+00", "0006.667" },
++ /* 66 */ { "6.6667e+01", "066.6667", "00066.67", "6.6667E+01", "00066.67" },
++ /* 67 */ { "6.6667e+02", "666.6667", "000666.7", "6.6667E+02", "000666.7" },
++ /* 68 */ { "6.6667e+03", "6666.6667", "00006667", "6.6667E+03", "00006667" },
++ /* 69 */ { "6.6667e+04", "66666.6667", "6.667e+04", "6.6667E+04", "6.667E+04" },
++};
++
++static void dofptest(int test, double val, char *width, int prec, int *fail)
++{
++ char format[80], result[80];
++ int i;
++
++ for (i = 0; i < 5; i++) {
++ char *fspec = NULL;
++ switch (i) {
++ case 0:
++ fspec = "e";
++ break;
++ case 1:
++ fspec = "f";
++ break;
++ case 2:
++ fspec = "g";
++ break;
++ case 3:
++ fspec = "E";
++ break;
++ case 4:
++ fspec = "G";
++ break;
++ }
++
++ if (prec >= 0)
++ BIO_snprintf(format, sizeof(format), "%%%s.%d%s", width, prec,
++ fspec);
++ else
++ BIO_snprintf(format, sizeof(format), "%%%s%s", width, fspec);
++ BIO_snprintf(result, sizeof(result), format, val);
++
++ if (justprint) {
++ if (i == 0) {
++ printf(" /* %3d */ { \"%s\"", test, result);
++ } else {
++ printf(", \"%s\"", result);
++ }
++ } else {
++ if (strcmp(fpexpected[test][i], result) != 0) {
++ printf("Test %d(%d) failed. Expected \"%s\". Got \"%s\". "
++ "Format \"%s\"\n", test, i, fpexpected[test][i], result,
++ format);
++ *fail = 1;
++ }
++ }
++ }
++ if (justprint) {
++ printf(" },\n");
++ }
++}
++
++int main(int argc, char **argv)
++{
++ int test = 0;
++ int i;
++ int fail = 0;
++ int prec = -1;
++ char *width = "";
++ const double frac = 2.0/3.0;
++ char buf[80];
++
++ if (argc == 2 && strcmp(argv[1], "-expected") == 0) {
++ justprint = 1;
++ }
++
++ CRYPTO_set_mem_debug(1);
++ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
++
++ /* Tests for floating point format specifiers */
++ for (i = 0; i < 7; i++) {
++ switch (i) {
++ case 0:
++ prec = 4;
++ width = "";
++ break;
++ case 1:
++ prec = 5;
++ width = "";
++ break;
++ case 2:
++ prec = 4;
++ width = "12";
++ break;
++ case 3:
++ prec = 5;
++ width = "12";
++ break;
++ case 4:
++ prec = 0;
++ width = "";
++ break;
++ case 5:
++ prec = -1;
++ width = "";
++ break;
++ case 6:
++ prec = 4;
++ width = "08";
++ break;
++ }
++
++ dofptest(test++, 0.0, width, prec, &fail);
++ dofptest(test++, 0.67, width, prec, &fail);
++ dofptest(test++, frac, width, prec, &fail);
++ dofptest(test++, frac / 1000, width, prec, &fail);
++ dofptest(test++, frac / 10000, width, prec, &fail);
++ dofptest(test++, 6.0 + frac, width, prec, &fail);
++ dofptest(test++, 66.0 + frac, width, prec, &fail);
++ dofptest(test++, 666.0 + frac, width, prec, &fail);
++ dofptest(test++, 6666.0 + frac, width, prec, &fail);
++ dofptest(test++, 66666.0 + frac, width, prec, &fail);
++ }
++
++ /* Test excessively big number. Should fail */
++ if (BIO_snprintf(buf, sizeof(buf), "%f\n", 2 * (double)ULONG_MAX) != -1) {
++ printf("Test %d failed. Unexecpted success return from "
++ "BIO_snprintf()\n", test);
++ fail = 1;
++ }
++
++#ifndef OPENSSL_NO_CRYPTO_MDEBUG
++ if (CRYPTO_mem_leaks_fp(stderr) <= 0)
++ return 1;
++# endif
++
++ if (!justprint) {
++ if (fail) {
++ printf("FAIL\n");
++ return 1;
++ }
++ printf ("PASS\n");
++ }
++ return 0;
++}
++
++
+diff --git a/test/bntest.c b/test/bntest.c
+index 1ba9032..804406c 100644
+--- a/test/bntest.c
++++ b/test/bntest.c
+@@ -1,59 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+diff --git a/test/build.info b/test/build.info
+index 4fd4d99..84c881e 100644
+--- a/test/build.info
++++ b/test/build.info
+@@ -16,225 +16,242 @@ IF[{- !$disabled{tests} -}]
+ constant_time_test verify_extra_test clienthellotest \
+ packettest asynctest secmemtest srptest memleaktest \
+ dtlsv1listentest ct_test threadstest afalgtest d2i_test \
+- ssl_test_ctx_test ssl_test
++ ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
++ bioprinttest
+
+ SOURCE[aborttest]=aborttest.c
+- INCLUDE[aborttest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[aborttest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[aborttest]=../libcrypto
+
+ SOURCE[nptest]=nptest.c
+- INCLUDE[nptest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[nptest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[nptest]=../libcrypto
+
+ SOURCE[bntest]=bntest.c
+- INCLUDE[bntest]={- rel2abs(catdir($builddir,"../crypto/include")) -} {- rel2abs(catdir($builddir,"../include")) -} .. ../crypto/include ../include
++ INCLUDE[bntest]="{- rel2abs(catdir($builddir,"../crypto/include")) -}" "{- rel2abs(catdir($builddir,"../include")) -}" .. ../crypto/include ../include
+ DEPEND[bntest]=../libcrypto
+
+ SOURCE[ectest]=ectest.c
+- INCLUDE[ectest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[ectest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[ectest]=../libcrypto
+
+ SOURCE[ecdsatest]=ecdsatest.c
+- INCLUDE[ecdsatest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[ecdsatest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[ecdsatest]=../libcrypto
+
+ SOURCE[ecdhtest]=ecdhtest.c
+- INCLUDE[ecdhtest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[ecdhtest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[ecdhtest]=../libcrypto
+
+ SOURCE[gmdifftest]=gmdifftest.c
+- INCLUDE[gmdifftest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[gmdifftest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[gmdifftest]=../libcrypto
+
+ SOURCE[pbelutest]=pbelutest.c
+- INCLUDE[pbelutest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[pbelutest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[pbelutest]=../libcrypto
+
+ SOURCE[ideatest]=ideatest.c
+- INCLUDE[ideatest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[ideatest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[ideatest]=../libcrypto
+
+ SOURCE[md2test]=md2test.c
+- INCLUDE[md2test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[md2test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[md2test]=../libcrypto
+
+ SOURCE[md4test]=md4test.c
+- INCLUDE[md4test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[md4test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[md4test]=../libcrypto
+
+ SOURCE[md5test]=md5test.c
+- INCLUDE[md5test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[md5test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[md5test]=../libcrypto
+
+ SOURCE[hmactest]=hmactest.c
+- INCLUDE[hmactest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[hmactest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[hmactest]=../libcrypto
+
+ SOURCE[wp_test]=wp_test.c
+- INCLUDE[wp_test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[wp_test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[wp_test]=../libcrypto
+
+ SOURCE[rc2test]=rc2test.c
+- INCLUDE[rc2test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[rc2test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[rc2test]=../libcrypto
+
+ SOURCE[rc4test]=rc4test.c
+- INCLUDE[rc4test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[rc4test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[rc4test]=../libcrypto
+
+ SOURCE[rc5test]=rc5test.c
+- INCLUDE[rc5test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[rc5test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[rc5test]=../libcrypto
+
+ SOURCE[destest]=destest.c
+- INCLUDE[destest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[destest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[destest]=../libcrypto
+
+ SOURCE[sha1test]=sha1test.c
+- INCLUDE[sha1test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[sha1test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[sha1test]=../libcrypto
+
+ SOURCE[sha256t]=sha256t.c
+- INCLUDE[sha256t]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[sha256t]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[sha256t]=../libcrypto
+
+ SOURCE[sha512t]=sha512t.c
+- INCLUDE[sha512t]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[sha512t]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[sha512t]=../libcrypto
+
+ SOURCE[mdc2test]=mdc2test.c
+- INCLUDE[mdc2test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[mdc2test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[mdc2test]=../libcrypto
+
+ SOURCE[rmdtest]=rmdtest.c
+- INCLUDE[rmdtest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[rmdtest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[rmdtest]=../libcrypto
+
+ SOURCE[randtest]=randtest.c
+- INCLUDE[randtest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[randtest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[randtest]=../libcrypto
+
+ SOURCE[dhtest]=dhtest.c
+- INCLUDE[dhtest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[dhtest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[dhtest]=../libcrypto
+
+ SOURCE[enginetest]=enginetest.c
+- INCLUDE[enginetest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[enginetest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[enginetest]=../libcrypto
+
+ SOURCE[casttest]=casttest.c
+- INCLUDE[casttest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[casttest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[casttest]=../libcrypto
+
+ SOURCE[bftest]=bftest.c
+- INCLUDE[bftest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[bftest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[bftest]=../libcrypto
+
+ SOURCE[ssltest_old]=ssltest_old.c
+- INCLUDE[ssltest_old]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[ssltest_old]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[ssltest_old]=../libcrypto ../libssl
+
+ SOURCE[dsatest]=dsatest.c
+- INCLUDE[dsatest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[dsatest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[dsatest]=../libcrypto
+
+ SOURCE[exptest]=exptest.c
+- INCLUDE[exptest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[exptest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[exptest]=../libcrypto
+
+ SOURCE[rsa_test]=rsa_test.c
+- INCLUDE[rsa_test]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[rsa_test]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[rsa_test]=../libcrypto
+
+ SOURCE[evp_test]=evp_test.c
+- INCLUDE[evp_test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[evp_test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[evp_test]=../libcrypto
+
+ SOURCE[evp_extra_test]=evp_extra_test.c
+- INCLUDE[evp_extra_test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[evp_extra_test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[evp_extra_test]=../libcrypto
+
+ SOURCE[igetest]=igetest.c
+- INCLUDE[igetest]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[igetest]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[igetest]=../libcrypto
+
+ SOURCE[v3nametest]=v3nametest.c
+- INCLUDE[v3nametest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[v3nametest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[v3nametest]=../libcrypto
+
+ SOURCE[danetest]=danetest.c
+- INCLUDE[danetest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[danetest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[danetest]=../libcrypto ../libssl
+
+ SOURCE[heartbeat_test]=heartbeat_test.c testutil.c
+- INCLUDE[heartbeat_test]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[heartbeat_test]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[heartbeat_test]=../libcrypto ../libssl
+
+ SOURCE[p5_crpt2_test]=p5_crpt2_test.c
+- INCLUDE[p5_crpt2_test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[p5_crpt2_test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[p5_crpt2_test]=../libcrypto
+
+ SOURCE[constant_time_test]=constant_time_test.c
+- INCLUDE[constant_time_test]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[constant_time_test]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[constant_time_test]=../libcrypto
+
+ SOURCE[verify_extra_test]=verify_extra_test.c
+- INCLUDE[verify_extra_test]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[verify_extra_test]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[verify_extra_test]=../libcrypto
+
+ SOURCE[clienthellotest]=clienthellotest.c
+- INCLUDE[clienthellotest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[clienthellotest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[clienthellotest]=../libcrypto ../libssl
+
+ SOURCE[packettest]=packettest.c
+- INCLUDE[packettest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[packettest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[packettest]=../libcrypto
+
+ SOURCE[asynctest]=asynctest.c
+- INCLUDE[asynctest]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[asynctest]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[asynctest]=../libcrypto
+
+ SOURCE[secmemtest]=secmemtest.c
+- INCLUDE[secmemtest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[secmemtest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[secmemtest]=../libcrypto
+
+ SOURCE[srptest]=srptest.c
+- INCLUDE[srptest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[srptest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[srptest]=../libcrypto
+
+ SOURCE[memleaktest]=memleaktest.c
+- INCLUDE[memleaktest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[memleaktest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
+ DEPEND[memleaktest]=../libcrypto
+
+ SOURCE[dtlsv1listentest]=dtlsv1listentest.c
+- INCLUDE[dtlsv1listentest]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[dtlsv1listentest]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[dtlsv1listentest]=../libssl
+
+ SOURCE[ct_test]=ct_test.c testutil.c
+- INCLUDE[ct_test]={- rel2abs(catdir($builddir,"../include")) -} ../crypto/include ../include
++ INCLUDE[ct_test]="{- rel2abs(catdir($builddir,"../include")) -}" ../crypto/include ../include
+ DEPEND[ct_test]=../libcrypto
+
+ SOURCE[threadstest]=threadstest.c
+- INCLUDE[threadstest]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[threadstest]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[threadstest]=../libcrypto
+
+ SOURCE[afalgtest]=afalgtest.c
+- INCLUDE[afalgtest]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[afalgtest]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[afalgtest]=../libcrypto
+
+ SOURCE[d2i_test]=d2i_test.c testutil.c
+- INCLUDE[d2i_test]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[d2i_test]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[d2i_test]=../libcrypto
+
+ SOURCE[ssl_test_ctx_test]=ssl_test_ctx_test.c ssl_test_ctx.c testutil.c
+- INCLUDE[ssl_test_ctx_test]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[ssl_test_ctx_test]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[ssl_test_ctx_test]=../libcrypto
+
+ SOURCE[ssl_test]=ssl_test.c ssl_test_ctx.c testutil.c handshake_helper.c
+- INCLUDE[ssl_test]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
++ INCLUDE[ssl_test]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
+ DEPEND[ssl_test]=../libcrypto ../libssl
+
++ SOURCE[cipherlist_test]=cipherlist_test.c testutil.c
++ INCLUDE[cipherlist_test]="{- rel2abs(catdir($builddir,"../include")) -}" .. ../include
++ DEPEND[cipherlist_test]=../libcrypto ../libssl
++
+ INCLUDE[testutil.o]=..
+- INCLUDE[ssl_test_ctx.o]={- rel2abs(catdir($builddir,"../include")) -} ../include
+- INCLUDE[handshake_helper.o]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ INCLUDE[ssl_test_ctx.o]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
++ INCLUDE[handshake_helper.o]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
++
++ SOURCE[x509aux]=x509aux.c
++ INCLUDE[x509aux]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
++ DEPEND[x509aux]=../libcrypto
++
++ SOURCE[asynciotest]=asynciotest.c
++ INCLUDE[asynciotest]="{- rel2abs(catdir($builddir,"../include")) -}" ../include
++ DEPEND[asynciotest]=../libcrypto ../libssl
++
++ SOURCE[bioprinttest]=bioprinttest.c
++ INCLUDE[bioprinttest]={- rel2abs(catdir($builddir,"../include")) -} ../include
++ DEPEND[bioprinttest]=../libcrypto
+ ENDIF
+diff --git a/test/casttest.c b/test/casttest.c
+index 79472d8..c2a0ab5 100644
+--- a/test/casttest.c
++++ b/test/casttest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c
+new file mode 100644
+index 0000000..e892f9d
+--- /dev/null
++++ b/test/cipherlist_test.c
+@@ -0,0 +1,212 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++#include <stdio.h>
++
++#include <openssl/opensslconf.h>
++#include <openssl/err.h>
++#include <openssl/e_os2.h>
++#include <openssl/ssl.h>
++#include <openssl/ssl3.h>
++#include <openssl/tls1.h>
++
++#include "e_os.h"
++#include "testutil.h"
++
++typedef struct cipherlist_test_fixture {
++ const char *test_case_name;
++ SSL_CTX *server;
++ SSL_CTX *client;
++} CIPHERLIST_TEST_FIXTURE;
++
++
++static CIPHERLIST_TEST_FIXTURE set_up(const char *const test_case_name)
++{
++ CIPHERLIST_TEST_FIXTURE fixture;
++ fixture.test_case_name = test_case_name;
++ fixture.server = SSL_CTX_new(TLS_server_method());
++ fixture.client = SSL_CTX_new(TLS_client_method());
++ OPENSSL_assert(fixture.client != NULL && fixture.server != NULL);
++ return fixture;
++}
++
++/*
++ * All ciphers in the DEFAULT cipherlist meet the default security level.
++ * However, default supported ciphers exclude SRP and PSK ciphersuites
++ * for which no callbacks have been set up.
++ *
++ * Supported ciphers also exclude TLSv1.2 ciphers if TLSv1.2 is disabled,
++ * and individual disabled algorithms. However, NO_RSA, NO_AES and NO_SHA
++ * are currently broken and should be considered mission impossible in libssl.
++ */
++static const uint32_t default_ciphers_in_order[] = {
++#ifndef OPENSSL_NO_TLS1_2
++# ifndef OPENSSL_NO_EC
++ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
++ TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
++# endif
++# ifndef OPENSSL_NO_DH
++ TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
++# endif
++
++# if !defined OPENSSL_NO_CHACHA && !defined OPENSSL_NO_POLY1305
++# ifndef OPENSSL_NO_EC
++ TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
++ TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
++# endif
++# ifndef OPENSSL_NO_DH
++ TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
++# endif
++# endif /* !OPENSSL_NO_CHACHA && !OPENSSL_NO_POLY1305 */
++
++# ifndef OPENSSL_NO_EC
++ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
++ TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
++# endif
++# ifndef OPENSSL_NO_DH
++ TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
++# endif
++# ifndef OPENSSL_NO_EC
++ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
++ TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
++# endif
++# ifndef OPENSSL_NO_DH
++ TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
++# endif
++# ifndef OPENSSL_NO_EC
++ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
++ TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
++# endif
++# ifndef OPENSSL_NO_DH
++ TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
++# endif
++#endif /* !OPENSSL_NO_TLS1_2 */
++
++#ifndef OPENSSL_NO_EC
++ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
++ TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
++#endif
++#ifndef OPENSSL_NO_DH
++ TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
++#endif
++#ifndef OPENSSL_NO_EC
++ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
++ TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
++#endif
++#ifndef OPENSSL_NO_DH
++ TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
++#endif
++
++#ifndef OPENSSL_NO_DES
++# ifndef OPENSSL_NO_EC
++ TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
++ TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
++# endif
++# ifndef OPENSSL_NO_DH
++ SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
++# endif
++#endif /* !OPENSSL_NO_DES */
++
++#ifndef OPENSSL_NO_TLS1_2
++ TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
++ TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
++ TLS1_CK_RSA_WITH_AES_256_SHA256,
++ TLS1_CK_RSA_WITH_AES_128_SHA256,
++#endif
++
++ TLS1_CK_RSA_WITH_AES_256_SHA,
++ TLS1_CK_RSA_WITH_AES_128_SHA,
++#ifndef OPENSSL_NO_DES
++ SSL3_CK_RSA_DES_192_CBC3_SHA,
++#endif
++};
++
++static int test_default_cipherlist(SSL_CTX *ctx)
++{
++ STACK_OF(SSL_CIPHER) *ciphers;
++ SSL *ssl;
++ int i, ret = 0, num_expected_ciphers, num_ciphers;
++ uint32_t expected_cipher_id, cipher_id;
++
++ ssl = SSL_new(ctx);
++ OPENSSL_assert(ssl != NULL);
++
++ ciphers = SSL_get1_supported_ciphers(ssl);
++ OPENSSL_assert(ciphers != NULL);
++ num_expected_ciphers = OSSL_NELEM(default_ciphers_in_order);
++ num_ciphers = sk_SSL_CIPHER_num(ciphers);
++ if (num_ciphers != num_expected_ciphers) {
++ fprintf(stderr, "Expected %d supported ciphers, got %d.\n",
++ num_expected_ciphers, num_ciphers);
++ goto err;
++ }
++
++ for (i = 0; i < num_ciphers; i++) {
++ expected_cipher_id = default_ciphers_in_order[i];
++ cipher_id = SSL_CIPHER_get_id(sk_SSL_CIPHER_value(ciphers, i));
++ if (cipher_id != expected_cipher_id) {
++ fprintf(stderr, "Wrong cipher at position %d: expected %x, "
++ "got %x\n", i, expected_cipher_id, cipher_id);
++ goto err;
++ }
++ }
++
++ ret = 1;
++
++ err:
++ sk_SSL_CIPHER_free(ciphers);
++ SSL_free(ssl);
++ return ret;
++}
++
++static int execute_test(CIPHERLIST_TEST_FIXTURE fixture)
++{
++ return test_default_cipherlist(fixture.server)
++ && test_default_cipherlist(fixture.client);
++}
++
++static void tear_down(CIPHERLIST_TEST_FIXTURE fixture)
++{
++ SSL_CTX_free(fixture.server);
++ SSL_CTX_free(fixture.client);
++ ERR_print_errors_fp(stderr);
++}
++
++#define SETUP_CIPHERLIST_TEST_FIXTURE() \
++ SETUP_TEST_FIXTURE(CIPHERLIST_TEST_FIXTURE, set_up)
++
++#define EXECUTE_CIPHERLIST_TEST() \
++ EXECUTE_TEST(execute_test, tear_down)
++
++static int test_default_cipherlist_implicit()
++{
++ SETUP_CIPHERLIST_TEST_FIXTURE();
++ EXECUTE_CIPHERLIST_TEST();
++}
++
++static int test_default_cipherlist_explicit()
++{
++ SETUP_CIPHERLIST_TEST_FIXTURE();
++ OPENSSL_assert(SSL_CTX_set_cipher_list(fixture.server, "DEFAULT"));
++ OPENSSL_assert(SSL_CTX_set_cipher_list(fixture.client, "DEFAULT"));
++ EXECUTE_CIPHERLIST_TEST();
++}
++
++int main(int argc, char **argv)
++{
++ int result = 0;
++
++ ADD_TEST(test_default_cipherlist_implicit);
++ ADD_TEST(test_default_cipherlist_explicit);
++
++ result = run_tests(argv[0]);
++
++ return result;
++}
+diff --git a/test/clienthellotest.c b/test/clienthellotest.c
+index 71c6650..1f1d44c 100644
+--- a/test/clienthellotest.c
++++ b/test/clienthellotest.c
+@@ -1,56 +1,10 @@
+-/* Written by Matt Caswell for the OpenSSL Project */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/test/cms-examples.pl b/test/cms-examples.pl
+index 2e95b48..ec1c5fa 100644
+--- a/test/cms-examples.pl
++++ b/test/cms-examples.pl
+@@ -1,54 +1,10 @@
+-# test/cms-examples.pl
+-# Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+-# project.
++#! /usr/bin/env perl
++# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# ====================================================================
+-# Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+-#
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# licensing at OpenSSL.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ # Perl script to run tests against S/MIME examples in RFC4134
+ # Assumes RFC is in current directory and called "rfc4134.txt"
+diff --git a/test/constant_time_test.c b/test/constant_time_test.c
+index faadcb7..3ee6a81 100644
+--- a/test/constant_time_test.c
++++ b/test/constant_time_test.c
+@@ -1,46 +1,10 @@
+-/*-
+- * Utilities for constant-time cryptography.
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Author: Emilia Kasper (emilia at openssl.org)
+- * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
+- * (Google).
+- * ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "internal/constant_time_locl.h"
+diff --git a/test/ct_test.c b/test/ct_test.c
+index 8175d16..8000ae6 100644
+--- a/test/ct_test.c
++++ b/test/ct_test.c
+@@ -1,55 +1,10 @@
+ /*
+- * Tests the Certificate Transparency public API.
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Author: Rob Percival (robpercival at google.com)
+- *
+- * ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <ctype.h>
+diff --git a/test/d2i-tests/bad-int-pad0.der b/test/d2i-tests/bad-int-pad0.der
+new file mode 100644
+index 0000000..46f6092
+Binary files /dev/null and b/test/d2i-tests/bad-int-pad0.der differ
+diff --git a/test/d2i-tests/bad-int-padminus1.der b/test/d2i-tests/bad-int-padminus1.der
+new file mode 100644
+index 0000000..a4b6bb9
+Binary files /dev/null and b/test/d2i-tests/bad-int-padminus1.der differ
+diff --git a/test/d2i-tests/bad_bio.der b/test/d2i-tests/bad_bio.der
+new file mode 100644
+index 0000000..8681f05
+Binary files /dev/null and b/test/d2i-tests/bad_bio.der differ
+diff --git a/test/d2i-tests/high_tag.der b/test/d2i-tests/high_tag.der
+new file mode 100644
+index 0000000..5c523ec
+Binary files /dev/null and b/test/d2i-tests/high_tag.der differ
+diff --git a/test/d2i-tests/int0.der b/test/d2i-tests/int0.der
+new file mode 100644
+index 0000000..bbfb76b
+Binary files /dev/null and b/test/d2i-tests/int0.der differ
+diff --git a/test/d2i-tests/int1.der b/test/d2i-tests/int1.der
+new file mode 100644
+index 0000000..26dd6b1
+Binary files /dev/null and b/test/d2i-tests/int1.der differ
+diff --git a/test/d2i-tests/intminus1.der b/test/d2i-tests/intminus1.der
+new file mode 100644
+index 0000000..e7c1cea
+Binary files /dev/null and b/test/d2i-tests/intminus1.der differ
+diff --git a/test/d2i_test.c b/test/d2i_test.c
+index 6ffdf55..8c99087 100644
+--- a/test/d2i_test.c
++++ b/test/d2i_test.c
+@@ -1,11 +1,10 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ /* Regression tests for ASN.1 parsing bugs. */
+@@ -16,19 +15,36 @@
+ #include "testutil.h"
+
+ #include <openssl/asn1.h>
++#include <openssl/asn1t.h>
+ #include <openssl/bio.h>
+ #include <openssl/err.h>
+ #include <openssl/x509.h>
+ #include <openssl/x509v3.h>
++#include "e_os.h"
+
+ static const ASN1_ITEM *item_type;
+ static const char *test_file;
+
++typedef enum {
++ ASN1_UNKNOWN,
++ ASN1_OK,
++ ASN1_BIO,
++ ASN1_DECODE,
++ ASN1_ENCODE,
++ ASN1_COMPARE
++} expected_error_t;
++
++typedef struct {
++ const char *str;
++ expected_error_t code;
++} error_enum;
++
++static expected_error_t expected_error = ASN1_UNKNOWN;
++
+ typedef struct d2i_test_fixture {
+ const char *test_case_name;
+ } D2I_TEST_FIXTURE;
+
+-
+ static D2I_TEST_FIXTURE set_up(const char *const test_case_name)
+ {
+ D2I_TEST_FIXTURE fixture;
+@@ -43,27 +59,59 @@ static int execute_test(D2I_TEST_FIXTURE fixture)
+ int ret = 0;
+ unsigned char buf[2048];
+ const unsigned char *buf_ptr = buf;
++ unsigned char *der = NULL;
++ int derlen;
+ int len;
+
+ if ((bio = BIO_new_file(test_file, "r")) == NULL)
+ return 0;
+
++ if (expected_error == ASN1_BIO) {
++ value = ASN1_item_d2i_bio(item_type, bio, NULL);
++ if (value == NULL)
++ ret = 1;
++ goto err;
++ }
++
+ /*
+- * We don't use ASN1_item_d2i_bio because it, apparently,
+- * errors too early for some inputs.
++ * Unless we are testing it we don't use ASN1_item_d2i_bio because it
++ * performs sanity checks on the input and can reject it before the
++ * decoder is called.
+ */
+ len = BIO_read(bio, buf, sizeof buf);
+ if (len < 0)
+ goto err;
+
+ value = ASN1_item_d2i(NULL, &buf_ptr, len, item_type);
+- if (value != NULL)
++ if (value == NULL) {
++ if (expected_error == ASN1_DECODE)
++ ret = 1;
+ goto err;
++ }
++
++ derlen = ASN1_item_i2d(value, &der, item_type);
+
+- ret = 1;
++ if (der == NULL || derlen < 0) {
++ if (expected_error == ASN1_ENCODE)
++ ret = 1;
++ goto err;
++ }
++
++ if (derlen != len || memcmp(der, buf, derlen) != 0) {
++ if (expected_error == ASN1_COMPARE)
++ ret = 1;
++ goto err;
++ }
++
++ if (expected_error == ASN1_OK)
++ ret = 1;
+
+ err:
++ /* Don't indicate success for memory allocation errors */
++ if (ret == 1 && ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
++ ret = 0;
+ BIO_free(bio);
++ OPENSSL_free(der);
+ ASN1_item_free(value, item_type);
+ return ret;
+ }
+@@ -93,19 +141,60 @@ int main(int argc, char **argv)
+ {
+ int result = 0;
+ const char *test_type_name;
+-
+- if (argc != 3)
++ const char *expected_error_string;
++
++ size_t i;
++ static ASN1_ITEM_EXP *items[] = {
++ ASN1_ITEM_ref(ASN1_ANY),
++ ASN1_ITEM_ref(X509),
++ ASN1_ITEM_ref(GENERAL_NAME),
++ ASN1_ITEM_ref(ASN1_INTEGER)
++ };
++
++ static error_enum expected_errors[] = {
++ {"OK", ASN1_OK},
++ {"BIO", ASN1_BIO},
++ {"decode", ASN1_DECODE},
++ {"encode", ASN1_ENCODE},
++ {"compare", ASN1_COMPARE}
++ };
++
++ if (argc != 4) {
++ fprintf(stderr,
++ "Usage: d2i_test item_name expected_error file.der\n");
+ return 1;
++ }
+
+ test_type_name = argv[1];
+- test_file = argv[2];
+-
+- if (strcmp(test_type_name, "generalname") == 0) {
+- item_type = ASN1_ITEM_rptr(GENERAL_NAME);
+- } else if (strcmp(test_type_name, "x509") == 0) {
+- item_type = ASN1_ITEM_rptr(X509);
+- } else {
+- fprintf(stderr, "Bad type %s\n", test_type_name);
++ expected_error_string = argv[2];
++ test_file = argv[3];
++
++ for (i = 0; i < OSSL_NELEM(items); i++) {
++ const ASN1_ITEM *it = ASN1_ITEM_ptr(items[i]);
++ if (strcmp(test_type_name, it->sname) == 0) {
++ item_type = it;
++ break;
++ }
++ }
++ if (item_type == NULL) {
++ fprintf(stderr, "Unknown type %s\n", test_type_name);
++ fprintf(stderr, "Supported types:\n");
++ for (i = 0; i < OSSL_NELEM(items); i++) {
++ const ASN1_ITEM *it = ASN1_ITEM_ptr(items[i]);
++ fprintf(stderr, "\t%s\n", it->sname);
++ }
++ return 1;
++ }
++
++ for (i = 0; i < OSSL_NELEM(expected_errors); i++) {
++ if (strcmp(expected_errors[i].str, expected_error_string) == 0) {
++ expected_error = expected_errors[i].code;
++ break;
++ }
++ }
++
++ if (expected_error == ASN1_UNKNOWN) {
++ fprintf(stderr, "Unknown expected error %s\n", expected_error_string);
+ return 1;
+ }
+
+diff --git a/test/danetest.c b/test/danetest.c
+index 5bca1aa..d473b12 100644
+--- a/test/danetest.c
++++ b/test/danetest.c
+@@ -1,50 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -114,7 +74,7 @@ static void print_errors(void)
+
+ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain)
+ {
+- int ret;
++ int ret = -1;
+ X509_STORE_CTX *store_ctx;
+ SSL_CTX *ssl_ctx = SSL_get_SSL_CTX(ssl);
+ X509_STORE *store = SSL_CTX_get_cert_store(ssl_ctx);
+@@ -125,8 +85,9 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain)
+ return -1;
+
+ if (!X509_STORE_CTX_init(store_ctx, store, cert, chain))
+- return 0;
+- X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, ssl);
++ goto end;
++ if (!X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, ssl))
++ goto end;
+
+ X509_STORE_CTX_set_default(store_ctx,
+ SSL_is_server(ssl) ? "ssl_client" : "ssl_server");
+@@ -135,12 +96,13 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain)
+ store_ctx_dane_init(store_ctx, ssl);
+
+ if (SSL_get_verify_callback(ssl))
+- X509_STORE_CTX_set_verify_cb(store_ctx, SSL_get_verify_callback(ssl));
++ X509_STORE_CTX_set_verify_cb(store_ctx, SSL_get_verify_callback(ssl));
+
+ ret = X509_verify_cert(store_ctx);
+
+ SSL_set_verify_result(ssl, X509_STORE_CTX_get_error(store_ctx));
+ X509_STORE_CTX_cleanup(store_ctx);
++end:
+ X509_STORE_CTX_free(store_ctx);
+
+ return (ret);
+@@ -153,52 +115,52 @@ static STACK_OF(X509) *load_chain(BIO *fp, int nelem)
+ char *header = 0;
+ unsigned char *data = 0;
+ long len;
+- char *errtype = 0; /* if error: cert or pkey? */
++ char *errtype = 0; /* if error: cert or pkey? */
+ STACK_OF(X509) *chain;
+ typedef X509 *(*d2i_X509_t)(X509 **, const unsigned char **, long);
+
+ if ((chain = sk_X509_new_null()) == 0) {
+- perror("malloc");
+- exit(1);
++ perror("malloc");
++ exit(1);
+ }
+
+ for (count = 0;
+- count < nelem && errtype == 0
++ count < nelem && errtype == 0
+ && PEM_read_bio(fp, &name, &header, &data, &len);
+- ++count) {
+- const unsigned char *p = data;
+-
+- if (strcmp(name, PEM_STRING_X509) == 0
+- || strcmp(name, PEM_STRING_X509_TRUSTED) == 0
+- || strcmp(name, PEM_STRING_X509_OLD) == 0) {
+- d2i_X509_t d = strcmp(name, PEM_STRING_X509_TRUSTED) ?
+- d2i_X509_AUX : d2i_X509;
+- X509 *cert = d(0, &p, len);
+-
+- if (cert == 0 || (p - data) != len)
+- errtype = "certificate";
+- else if (sk_X509_push(chain, cert) == 0) {
+- perror("malloc");
+- goto err;
+- }
+- } else {
+- fprintf(stderr, "unexpected chain file object: %s\n", name);
+- goto err;
+- }
+-
+- /*
+- * If any of these were null, PEM_read() would have failed.
+- */
+- OPENSSL_free(name);
+- OPENSSL_free(header);
+- OPENSSL_free(data);
++ ++count) {
++ const unsigned char *p = data;
++
++ if (strcmp(name, PEM_STRING_X509) == 0
++ || strcmp(name, PEM_STRING_X509_TRUSTED) == 0
++ || strcmp(name, PEM_STRING_X509_OLD) == 0) {
++ d2i_X509_t d = strcmp(name, PEM_STRING_X509_TRUSTED) ?
++ d2i_X509_AUX : d2i_X509;
++ X509 *cert = d(0, &p, len);
++
++ if (cert == 0 || (p - data) != len)
++ errtype = "certificate";
++ else if (sk_X509_push(chain, cert) == 0) {
++ perror("malloc");
++ goto err;
++ }
++ } else {
++ fprintf(stderr, "unexpected chain file object: %s\n", name);
++ goto err;
++ }
++
++ /*
++ * If any of these were null, PEM_read() would have failed.
++ */
++ OPENSSL_free(name);
++ OPENSSL_free(header);
++ OPENSSL_free(data);
+ }
+
+ if (errtype) {
+- fprintf(stderr, "error reading: malformed %s\n", errtype);
++ fprintf(stderr, "error reading: malformed %s\n", errtype);
+ goto err;
+ }
+-
++
+ if (count == nelem) {
+ ERR_clear_error();
+ return chain;
+@@ -252,19 +214,16 @@ static ossl_ssize_t hexdecode(const char *in, void *result)
+ return -1;
+
+ for (byte = 0; *in; ++in) {
+- char c;
++ int x;
+
+ if (isspace(_UC(*in)))
+ continue;
+- c = tolower(_UC(*in));
+- if ('0' <= c && c <= '9') {
+- byte |= c - '0';
+- } else if ('a' <= c && c <= 'f') {
+- byte |= c - 'a' + 10;
+- } else {
++ x = OPENSSL_hexchar2int(*in);
++ if (x < 0) {
+ OPENSSL_free(ret);
+ return 0;
+ }
++ byte |= (char)x;
+ if ((nibble ^= 1) == 0) {
+ *cp++ = byte;
+ byte = 0;
+@@ -475,7 +434,7 @@ int main(int argc, char *argv[])
+ progname = argv[0];
+ if (argc != 4) {
+ test_usage();
+- EXIT(1);
++ EXIT(ret);
+ }
+ basedomain = argv[1];
+ CAfile = argv[2];
+@@ -492,10 +451,9 @@ int main(int argc, char *argv[])
+ if (f == NULL) {
+ fprintf(stderr, "%s: Error opening tlsa record file: '%s': %s\n",
+ progname, tlsafile, strerror(errno));
+- return 0;
++ EXIT(ret);
+ }
+
+-
+ ctx = SSL_CTX_new(TLS_client_method());
+ if (SSL_CTX_dane_enable(ctx) <= 0) {
+ print_errors();
+diff --git a/test/destest.c b/test/destest.c
+index a544f41..389d0c8 100644
+--- a/test/destest.c
++++ b/test/destest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/dhtest.c b/test/dhtest.c
+index fb1c2df..c0551d5 100644
+--- a/test/dhtest.c
++++ b/test/dhtest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -635,7 +587,7 @@ static int run_rfc5114_tests(void)
+ OPENSSL_free(Z1);
+ OPENSSL_free(Z2);
+
+- fprintf(stderr, "Initalisation error RFC5114 set %d\n", i + 1);
++ fprintf(stderr, "Initialisation error RFC5114 set %d\n", i + 1);
+ ERR_print_errors_fp(stderr);
+ return 0;
+ err:
+diff --git a/test/dsatest.c b/test/dsatest.c
+index 1945f35..c64a911 100644
+--- a/test/dsatest.c
++++ b/test/dsatest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/dtlsv1listentest.c b/test/dtlsv1listentest.c
+index 6eb2e5c..cc7e5f7 100644
+--- a/test/dtlsv1listentest.c
++++ b/test/dtlsv1listentest.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <string.h>
+diff --git a/test/dummytest.c b/test/dummytest.c
+deleted file mode 100644
+index 25ce77b..0000000
+--- a/test/dummytest.c
++++ /dev/null
+@@ -1,57 +0,0 @@
+-#include <stdio.h>
+-#include <stdlib.h>
+-#include <string.h>
+-#include <ctype.h>
+-#include <openssl/crypto.h>
+-#include <openssl/e_os2.h>
+-#include <openssl/buffer.h>
+-
+-int main(int argc, char *argv[])
+-{
+- char *p, *q = 0, *program;
+-
+- p = strrchr(argv[0], '/');
+- if (!p)
+- p = strrchr(argv[0], '\\');
+-#ifdef OPENSSL_SYS_VMS
+- if (!p)
+- p = strrchr(argv[0], ']');
+- if (p)
+- q = strrchr(p, '>');
+- if (q)
+- p = q;
+- if (!p)
+- p = strrchr(argv[0], ':');
+- q = 0;
+-#endif
+- if (p)
+- p++;
+- if (!p)
+- p = argv[0];
+- if (p)
+- q = strchr(p, '.');
+- if (p && !q)
+- q = p + strlen(p);
+-
+- if (!p)
+- program = OPENSSL_strdup("(unknown)");
+- else {
+- program = OPENSSL_malloc((q - p) + 1);
+- strncpy(program, p, q - p);
+- program[q - p] = '\0';
+- }
+-
+- for (p = program; *p; p++)
+- if (islower((unsigned char)(*p)))
+- *p = toupper((unsigned char)(*p));
+-
+- q = strstr(program, "TEST");
+- if (q > p && q[-1] == '_')
+- q--;
+- *q = '\0';
+-
+- printf("No %s support\n", program);
+-
+- OPENSSL_free(program);
+- return (0);
+-}
+diff --git a/test/ecdhtest.c b/test/ecdhtest.c
+index 356f3e9..b327847 100644
+--- a/test/ecdhtest.c
++++ b/test/ecdhtest.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+@@ -12,59 +21,6 @@
+ * Sun Microsystems Laboratories.
+ *
+ */
+-/* ====================================================================
+- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
+- *
+- */
+
+ #include <stdio.h>
+ #include <stdlib.h>
+diff --git a/test/ecdhtest_cavs.h b/test/ecdhtest_cavs.h
+index 632d02d..ab3ac22 100644
+--- a/test/ecdhtest_cavs.h
++++ b/test/ecdhtest_cavs.h
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #ifndef ECDHTEST_CAVS_H
+ #define ECDHTEST_CAVS_H
+
+diff --git a/test/ecdsatest.c b/test/ecdsatest.c
+index f5b753a..932ea3b 100644
+--- a/test/ecdsatest.c
++++ b/test/ecdsatest.c
+@@ -1,59 +1,12 @@
+ /*
+- * Written by Nils Larsch for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+diff --git a/test/ectest.c b/test/ectest.c
+index bbc7ed0..98963bb 100644
+--- a/test/ectest.c
++++ b/test/ectest.c
+@@ -1,59 +1,12 @@
+ /*
+- * Originally written by Bodo Moeller for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+diff --git a/test/enginetest.c b/test/enginetest.c
+index 873b4ea..21cd20a 100644
+--- a/test/enginetest.c
++++ b/test/enginetest.c
+@@ -1,59 +1,10 @@
+ /*
+- * Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL project
+- * 2000.
+- */
+-/* ====================================================================
+- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
+index dbcfb7c..9217f3a 100644
+--- a/test/evp_extra_test.c
++++ b/test/evp_extra_test.c
+@@ -1,69 +1,10 @@
+-/* Copyright (c) 2014, Google Inc.
+- *
+- * Permission to use, copy, modify, and/or distribute this software for any
+- * purpose with or without fee is hereby granted, provided that the above
+- * copyright notice and this permission notice appear in all copies.
+- *
+- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/evp_test.c b/test/evp_test.c
+index 56c821b..f820e25 100644
+--- a/test/evp_test.c
++++ b/test/evp_test.c
+@@ -1,54 +1,10 @@
+ /*
+- * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+- * project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -251,7 +207,7 @@ struct evp_test {
+ /* start line of current test */
+ unsigned int start_line;
+ /* Error string for test */
+- const char *err;
++ const char *err, *aux_err;
+ /* Expected error value of test */
+ char *expected_err;
+ /* Number of tests */
+@@ -364,8 +320,13 @@ static int check_test_error(struct evp_test *t)
+ if (!t->err && !t->expected_err)
+ return 1;
+ if (t->err && !t->expected_err) {
+- fprintf(stderr, "Test line %d: unexpected error %s\n",
+- t->start_line, t->err);
++ if (t->aux_err != NULL) {
++ fprintf(stderr, "Test line %d(%s): unexpected error %s\n",
++ t->start_line, t->aux_err, t->err);
++ } else {
++ fprintf(stderr, "Test line %d: unexpected error %s\n",
++ t->start_line, t->err);
++ }
+ print_expected(t);
+ return 0;
+ }
+@@ -830,7 +791,8 @@ static int cipher_test_parse(struct evp_test *t, const char *keyword,
+ return 0;
+ }
+
+-static int cipher_test_enc(struct evp_test *t, int enc)
++static int cipher_test_enc(struct evp_test *t, int enc,
++ size_t out_misalign, size_t inp_misalign)
+ {
+ struct cipher_data *cdat = t->data;
+ unsigned char *in, *out, *tmp = NULL;
+@@ -854,9 +816,31 @@ static int cipher_test_enc(struct evp_test *t, int enc)
+ out = cdat->plaintext;
+ out_len = cdat->plaintext_len;
+ }
+- tmp = OPENSSL_malloc(in_len + 2 * EVP_MAX_BLOCK_LENGTH);
+- if (!tmp)
+- goto err;
++ if (inp_misalign == (size_t)-1) {
++ /*
++ * Exercise in-place encryption
++ */
++ tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH);
++ if (!tmp)
++ goto err;
++ in = memcpy(tmp + out_misalign, in, in_len);
++ } else {
++ inp_misalign += 16 - ((out_misalign + in_len) & 15);
++ /*
++ * 'tmp' will store both output and copy of input. We make the copy
++ * of input to specifically aligned part of 'tmp'. So we just
++ * figured out how much padding would ensure the required alignment,
++ * now we allocate extended buffer and finally copy the input just
++ * past inp_misalign in expression below. Output will be written
++ * past out_misalign...
++ */
++ tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
++ inp_misalign + in_len);
++ if (!tmp)
++ goto err;
++ in = memcpy(tmp + out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
++ inp_misalign, in, in_len);
++ }
+ err = "CIPHERINIT_ERROR";
+ if (!EVP_CipherInit_ex(ctx, cdat->cipher, NULL, NULL, NULL, enc))
+ goto err;
+@@ -918,20 +902,20 @@ static int cipher_test_enc(struct evp_test *t, int enc)
+ }
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
+ err = "CIPHERUPDATE_ERROR";
+- if (!EVP_CipherUpdate(ctx, tmp, &tmplen, in, in_len))
++ if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len))
+ goto err;
+ if (cdat->aead == EVP_CIPH_CCM_MODE)
+ tmpflen = 0;
+ else {
+ err = "CIPHERFINAL_ERROR";
+- if (!EVP_CipherFinal_ex(ctx, tmp + tmplen, &tmpflen))
++ if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen))
+ goto err;
+ }
+ err = "LENGTH_MISMATCH";
+ if (out_len != (size_t)(tmplen + tmpflen))
+ goto err;
+ err = "VALUE_MISMATCH";
+- if (check_output(t, out, tmp, out_len))
++ if (check_output(t, out, tmp + out_misalign, out_len))
+ goto err;
+ if (enc && cdat->aead) {
+ unsigned char rtag[16];
+@@ -961,6 +945,8 @@ static int cipher_test_run(struct evp_test *t)
+ {
+ struct cipher_data *cdat = t->data;
+ int rv;
++ size_t out_misalign, inp_misalign;
++
+ if (!cdat->key) {
+ t->err = "NO_KEY";
+ return 0;
+@@ -976,24 +962,41 @@ static int cipher_test_run(struct evp_test *t)
+ t->err = "NO_TAG";
+ return 0;
+ }
+- if (cdat->enc) {
+- rv = cipher_test_enc(t, 1);
+- /* Not fatal errors: return */
+- if (rv != 1) {
+- if (rv < 0)
+- return 0;
+- return 1;
+- }
+- }
+- if (cdat->enc != 1) {
+- rv = cipher_test_enc(t, 0);
+- /* Not fatal errors: return */
+- if (rv != 1) {
+- if (rv < 0)
+- return 0;
+- return 1;
++ for (out_misalign = 0; out_misalign <= 1; out_misalign++) {
++ static char aux_err[64];
++ t->aux_err = aux_err;
++ for (inp_misalign = (size_t)-1; inp_misalign != 2; inp_misalign++) {
++ if (inp_misalign == (size_t)-1) {
++ /* kludge: inp_misalign == -1 means "exercise in-place" */
++ BIO_snprintf(aux_err, sizeof(aux_err), "%s in-place",
++ out_misalign ? "misaligned" : "aligned");
++ } else {
++ BIO_snprintf(aux_err, sizeof(aux_err), "%s output and %s input",
++ out_misalign ? "misaligned" : "aligned",
++ inp_misalign ? "misaligned" : "aligned");
++ }
++ if (cdat->enc) {
++ rv = cipher_test_enc(t, 1, out_misalign, inp_misalign);
++ /* Not fatal errors: return */
++ if (rv != 1) {
++ if (rv < 0)
++ return 0;
++ return 1;
++ }
++ }
++ if (cdat->enc != 1) {
++ rv = cipher_test_enc(t, 0, out_misalign, inp_misalign);
++ /* Not fatal errors: return */
++ if (rv != 1) {
++ if (rv < 0)
++ return 0;
++ return 1;
++ }
++ }
+ }
+ }
++ t->aux_err = NULL;
++
+ return 1;
+ }
+
+diff --git a/test/exdatatest.c b/test/exdatatest.c
+index 96105bb..8e35068 100644
+--- a/test/exdatatest.c
++++ b/test/exdatatest.c
+@@ -1,56 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <assert.h>
+ #include <string.h>
+diff --git a/test/exptest.c b/test/exptest.c
+index 6880268..f7df9cf 100644
+--- a/test/exptest.c
++++ b/test/exptest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/generate_ssl_tests.pl b/test/generate_ssl_tests.pl
+index 713fb3f..ac584fd 100644
+--- a/test/generate_ssl_tests.pl
++++ b/test/generate_ssl_tests.pl
+@@ -1,5 +1,10 @@
+-#! /usr/bin/perl
+-# -*- mode: perl; -*-
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ ## SSL testcase generator
+
+diff --git a/test/gmdifftest.c b/test/gmdifftest.c
+index 57c6a3d..73c910d 100644
+--- a/test/gmdifftest.c
++++ b/test/gmdifftest.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2001-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/test/handshake_helper.c b/test/handshake_helper.c
+index 4682d45..8f1359e 100644
+--- a/test/handshake_helper.c
++++ b/test/handshake_helper.c
+@@ -1,16 +1,16 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #include <string.h>
+
+ #include <openssl/bio.h>
++#include <openssl/x509_vfy.h>
+ #include <openssl/ssl.h>
+
+ #include "handshake_helper.h"
+@@ -40,6 +40,37 @@ static void info_callback(const SSL *s, int where, int ret)
+ }
+ }
+
++static int verify_reject_callback(X509_STORE_CTX *ctx, void *arg) {
++ X509_STORE_CTX_set_error(ctx, X509_V_ERR_APPLICATION_VERIFICATION);
++ return 0;
++}
++
++static int verify_accept_callback(X509_STORE_CTX *ctx, void *arg) {
++ return 1;
++}
++
++/*
++ * Configure callbacks and other properties that can't be set directly
++ * in the server/client CONF.
++ */
++static void configure_handshake(SSL_CTX *server_ctx, SSL_CTX *client_ctx,
++ const SSL_TEST_CTX *test_ctx)
++{
++ switch (test_ctx->client_verify_callback) {
++ case SSL_TEST_VERIFY_ACCEPT_ALL:
++ SSL_CTX_set_cert_verify_callback(client_ctx, &verify_accept_callback,
++ NULL);
++ break;
++ case SSL_TEST_VERIFY_REJECT_ALL:
++ SSL_CTX_set_cert_verify_callback(client_ctx, &verify_reject_callback,
++ NULL);
++ break;
++ default:
++ break;
++ }
++}
++
++
+ typedef enum {
+ PEER_SUCCESS,
+ PEER_RETRY,
+@@ -139,7 +170,8 @@ static handshake_status_t handshake_status(peer_status_t last_status,
+ return INTERNAL_ERROR;
+ }
+
+-HANDSHAKE_RESULT do_handshake(SSL_CTX *server_ctx, SSL_CTX *client_ctx)
++HANDSHAKE_RESULT do_handshake(SSL_CTX *server_ctx, SSL_CTX *client_ctx,
++ const SSL_TEST_CTX *test_ctx)
+ {
+ SSL *server, *client;
+ BIO *client_to_server, *server_to_client;
+@@ -149,6 +181,8 @@ HANDSHAKE_RESULT do_handshake(SSL_CTX *server_ctx, SSL_CTX *client_ctx)
+ peer_status_t client_status = PEER_RETRY, server_status = PEER_RETRY;
+ handshake_status_t status = HANDSHAKE_RETRY;
+
++ configure_handshake(server_ctx, client_ctx, test_ctx);
++
+ server = SSL_new(server_ctx);
+ client = SSL_new(client_ctx);
+ OPENSSL_assert(server != NULL && client != NULL);
+diff --git a/test/handshake_helper.h b/test/handshake_helper.h
+index 56dfb19..7f7484a 100644
+--- a/test/handshake_helper.h
++++ b/test/handshake_helper.h
+@@ -1,11 +1,10 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #ifndef HEADER_HANDSHAKE_HELPER_H
+@@ -30,6 +29,7 @@ typedef struct handshake_result {
+ } HANDSHAKE_RESULT;
+
+ /* Do a handshake and report some information about the result. */
+-HANDSHAKE_RESULT do_handshake(SSL_CTX *server_ctx, SSL_CTX *client_ctx);
++HANDSHAKE_RESULT do_handshake(SSL_CTX *server_ctx, SSL_CTX *client_ctx,
++ const SSL_TEST_CTX *test_ctx);
+
+ #endif /* HEADER_HANDSHAKE_HELPER_H */
+diff --git a/test/heartbeat_test.c b/test/heartbeat_test.c
+index 2fda576..906736c 100644
+--- a/test/heartbeat_test.c
++++ b/test/heartbeat_test.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /*-
+ * Unit test for TLS heartbeats.
+ *
+@@ -92,7 +101,7 @@ static HEARTBEAT_TEST_FIXTURE set_up(const char *const test_case_name,
+ goto fail;
+ }
+
+- if (!ssl_init_wbio_buffer(fixture.s, 1)) {
++ if (!ssl_init_wbio_buffer(fixture.s)) {
+ fprintf(stderr, "Failed to set up wbio buffer for test: %s\n",
+ test_case_name);
+ setup_ok = 0;
+diff --git a/test/hmactest.c b/test/hmactest.c
+index 2ceec5f..145c467 100644
+--- a/test/hmactest.c
++++ b/test/hmactest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/ideatest.c b/test/ideatest.c
+index 0f68ebd..3849670 100644
+--- a/test/ideatest.c
++++ b/test/ideatest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/igetest.c b/test/igetest.c
+index aca8f85..1245860 100644
+--- a/test/igetest.c
++++ b/test/igetest.c
+@@ -1,51 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++/*
++ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/crypto.h>
+diff --git a/test/md2test.c b/test/md2test.c
+index ccf4659..5d94e5f 100644
+--- a/test/md2test.c
++++ b/test/md2test.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/md4test.c b/test/md4test.c
+index d7168a1..9c2e7fd 100644
+--- a/test/md4test.c
++++ b/test/md4test.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/md5test.c b/test/md5test.c
+index 2c75890..f39b907 100644
+--- a/test/md5test.c
++++ b/test/md5test.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/mdc2test.c b/test/mdc2test.c
+index 2177a0e..dc8dd58 100644
+--- a/test/mdc2test.c
++++ b/test/mdc2test.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -95,7 +47,7 @@ int main(int argc, char *argv[])
+ unsigned char md[MDC2_DIGEST_LENGTH];
+ int i;
+ EVP_MD_CTX *c;
+- static char *text = "Now is the time for all ";
++ static char text[] = "Now is the time for all ";
+
+ # ifdef CHARSET_EBCDIC
+ ebcdic2ascii(text, text, strlen(text));
+diff --git a/test/memleaktest.c b/test/memleaktest.c
+index f894590..2b23df7 100644
+--- a/test/memleaktest.c
++++ b/test/memleaktest.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/methtest.c b/test/methtest.c
+index efec154..11aa233 100644
+--- a/test/methtest.c
++++ b/test/methtest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/nptest.c b/test/nptest.c
+index 9528851..62dd271 100644
+--- a/test/nptest.c
++++ b/test/nptest.c
+@@ -1,58 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+-
+ #include <stdio.h>
+ #include <string.h>
+
+diff --git a/test/p5_crpt2_test.c b/test/p5_crpt2_test.c
+index da45f70..5785519 100644
+--- a/test/p5_crpt2_test.c
++++ b/test/p5_crpt2_test.c
+@@ -1,50 +1,10 @@
+-/* Written by Christian Heimes, 2013 */
+ /*
+- * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
++ * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/packettest.c b/test/packettest.c
+index 57ef51b..58fc752 100644
+--- a/test/packettest.c
++++ b/test/packettest.c
+@@ -1,61 +1,12 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+-
+ #include "../ssl/packet_locl.h"
+
+ #define BUF_LEN 255
+diff --git a/test/pbelutest.c b/test/pbelutest.c
+index dafae78..e226d43 100644
+--- a/test/pbelutest.c
++++ b/test/pbelutest.c
+@@ -1,55 +1,10 @@
+-/* ====================================================================
+- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <openssl/evp.h>
+diff --git a/test/pkits-test.pl b/test/pkits-test.pl
+index 5c6b89f..ae7279c 100644
+--- a/test/pkits-test.pl
++++ b/test/pkits-test.pl
+@@ -1,54 +1,10 @@
+-# test/pkits-test.pl
+-# Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+-# project.
++#! /usr/bin/env perl
++# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# ====================================================================
+-# Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+-#
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# licensing at OpenSSL.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ # Perl utility to run PKITS tests for RFC3280 compliance.
+
+diff --git a/test/r160test.c b/test/r160test.c
+index b99fa3a..06033eb 100644
+--- a/test/r160test.c
++++ b/test/r160test.c
+@@ -1,56 +1,9 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+diff --git a/test/randtest.c b/test/randtest.c
+index dc0e84d..9f7a037 100644
+--- a/test/randtest.c
++++ b/test/randtest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/rc2test.c b/test/rc2test.c
+index 3890cf0..2d0a01d 100644
+--- a/test/rc2test.c
++++ b/test/rc2test.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/test/rc4test.c b/test/rc4test.c
+index 271fcf1..7a77b82 100644
+--- a/test/rc4test.c
++++ b/test/rc4test.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/rc5test.c b/test/rc5test.c
+index bb66154..6567bcb 100644
+--- a/test/rc5test.c
++++ b/test/rc5test.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ /*
+diff --git a/test/recipes/01-test_abort.t b/test/recipes/01-test_abort.t
+index 4a6cf97..2f121e2 100644
+--- a/test/recipes/01-test_abort.t
++++ b/test/recipes/01-test_abort.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test;
+
+diff --git a/test/recipes/01-test_ordinals.t b/test/recipes/01-test_ordinals.t
+index 070181d..473d05b 100755
+--- a/test/recipes/01-test_ordinals.t
++++ b/test/recipes/01-test_ordinals.t
+@@ -1,56 +1,10 @@
+-#!/usr/bin/perl
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use OpenSSL::Test qw/:DEFAULT srctop_file/;
+diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t
+new file mode 100644
+index 0000000..619519c
+--- /dev/null
++++ b/test/recipes/01-test_symbol_presence.t
+@@ -0,0 +1,115 @@
++#! /usr/bin/env perl
++# -*- mode: Perl -*-
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++use strict;
++use File::Spec::Functions qw(devnull);
++use OpenSSL::Test qw(:DEFAULT srctop_file bldtop_dir bldtop_file);
++use OpenSSL::Test::Utils;
++
++setup("test_symbol_presence");
++
++plan skip_all => "Only useful when building shared libraries"
++ if disabled("shared");
++
++my @libnames = ("crypto", "ssl");
++my $testcount = scalar @libnames;
++
++plan tests => $testcount * 2;
++
++note
++ "NOTE: developper test! It's possible that it won't run on your\n",
++ "platform, and that's perfectly fine. This is mainly for developers\n",
++ "on Unix to check that our shared libraries are consistent with the\n",
++ "ordinals (util/*.num in the source tree), something that should be\n",
++ "good enough a check for the other platforms as well.\n";
++
++foreach my $libname (@libnames) {
++ SKIP:
++ {
++ my $shlibpath = bldtop_file("lib" . $libname . ".so");
++ *OSTDERR = *STDERR;
++ *OSTDOUT = *STDOUT;
++ open STDERR, ">", devnull();
++ open STDOUT, ">", devnull();
++ my @nm_lines = map { s|\R$||; $_ } `nm -Pg $shlibpath 2> /dev/null`;
++ close STDERR;
++ close STDOUT;
++ *STDERR = *OSTDERR;
++ *STDOUT = *OSTDOUT;
++ skip "Can't run 'nm -Pg $shlibpath' => $?... ignoring", 2
++ unless $? == 0;
++
++ my $bldtop = bldtop_dir();
++ my @def_lines;
++ indir $bldtop => sub {
++ my $mkdefpath = srctop_file("util", "mkdef.pl");
++ @def_lines = map { s|\R$||; $_ } `$^X $mkdefpath $libname linux 2> /dev/null`;
++ ok($? == 0, "running 'cd $bldtop; $^X $mkdefpath $libname linux' => $?");
++ }, create => 0, cleanup => 0;
++
++ note "Number of lines in \@nm_lines before massaging: ", scalar @nm_lines;
++ note "Number of lines in \@def_lines before massaging: ", scalar @def_lines;
++
++ # Massage the nm output to only contain defined symbols
++ @nm_lines = sort map { s| .*||; $_ } grep(m|.* [BCDT] .*|, @nm_lines);
++
++ # Massage the mkdef.pl output to only contain global symbols
++ # The output we got is in Unix .map format, which has a global
++ # and a local section. We're only interested in the global
++ # section.
++ my $in_global = 0;
++ @def_lines =
++ sort
++ map { s|;||; s|\s+||g; $_ }
++ grep { $in_global = 1 if m|global:|;
++ $in_global = 0 if m|local:|;
++ $in_global && m|;|; } @def_lines;
++
++ note "Number of lines in \@nm_lines after massaging: ", scalar @nm_lines;
++ note "Number of lines in \@def_lines after massaging: ", scalar @def_lines;
++
++ # Maintain lists of symbols that are missing in the shared library,
++ # or that are extra.
++ my @missing = ();
++ my @extra = ();
++
++ while (scalar @nm_lines || scalar @def_lines) {
++ my $nm_first = $nm_lines[0];
++ my $def_first = $def_lines[0];
++
++ if (!defined($nm_first)) {
++ push @missing, shift @def_lines;
++ } elsif (!defined($def_first)) {
++ push @extra, shift @nm_lines;
++ } elsif ($nm_first gt $def_first) {
++ push @missing, shift @def_lines;
++ } elsif ($nm_first lt $def_first) {
++ push @extra, shift @nm_lines;
++ } else {
++ shift @def_lines;
++ shift @nm_lines;
++ }
++ }
++
++ if (scalar @missing) {
++ note "The following symbols are missing in lib$libname.so:";
++ foreach (@missing) {
++ note " $_";
++ }
++ }
++ if (scalar @extra) {
++ note "The following symbols are extra in lib$libname.so:";
++ foreach (@extra) {
++ note " $_";
++ }
++ }
++ ok(scalar @missing == 0,
++ "check that there are no missing symbols in lib$libname.so");
++ }
++}
+diff --git a/test/recipes/05-test_bf.t b/test/recipes/05-test_bf.t
+index 4794bf0..64c9609 100644
+--- a/test/recipes/05-test_bf.t
++++ b/test/recipes/05-test_bf.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_cast.t b/test/recipes/05-test_cast.t
+index 621e1ae..46c61da 100644
+--- a/test/recipes/05-test_cast.t
++++ b/test/recipes/05-test_cast.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_des.t b/test/recipes/05-test_des.t
+index 71de4b4..2e6a32b 100644
+--- a/test/recipes/05-test_des.t
++++ b/test/recipes/05-test_des.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_hmac.t b/test/recipes/05-test_hmac.t
+index ba7a92b..2059bcc 100644
+--- a/test/recipes/05-test_hmac.t
++++ b/test/recipes/05-test_hmac.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_idea.t b/test/recipes/05-test_idea.t
+index c43ba5c..ca2b767 100644
+--- a/test/recipes/05-test_idea.t
++++ b/test/recipes/05-test_idea.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_md2.t b/test/recipes/05-test_md2.t
+index 2175c5f..8781af0 100644
+--- a/test/recipes/05-test_md2.t
++++ b/test/recipes/05-test_md2.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_md4.t b/test/recipes/05-test_md4.t
+index 2337223..59a815b 100644
+--- a/test/recipes/05-test_md4.t
++++ b/test/recipes/05-test_md4.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_md5.t b/test/recipes/05-test_md5.t
+index e9331e2..3af4d55 100644
+--- a/test/recipes/05-test_md5.t
++++ b/test/recipes/05-test_md5.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_mdc2.t b/test/recipes/05-test_mdc2.t
+index 23e904c..181c90f 100644
+--- a/test/recipes/05-test_mdc2.t
++++ b/test/recipes/05-test_mdc2.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_rand.t b/test/recipes/05-test_rand.t
+index afa66a6..3b175fa 100644
+--- a/test/recipes/05-test_rand.t
++++ b/test/recipes/05-test_rand.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_rc2.t b/test/recipes/05-test_rc2.t
+index 423b3b7..77d9382 100644
+--- a/test/recipes/05-test_rc2.t
++++ b/test/recipes/05-test_rc2.t
+@@ -1,4 +1,10 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_rc4.t b/test/recipes/05-test_rc4.t
+index a16455f..a26c9b8 100644
+--- a/test/recipes/05-test_rc4.t
++++ b/test/recipes/05-test_rc4.t
+@@ -1,4 +1,10 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_rc5.t b/test/recipes/05-test_rc5.t
+index 4c5390a..fda0cd2 100644
+--- a/test/recipes/05-test_rc5.t
++++ b/test/recipes/05-test_rc5.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_rmd.t b/test/recipes/05-test_rmd.t
+index 7ad91c4..b1112e1 100644
+--- a/test/recipes/05-test_rmd.t
++++ b/test/recipes/05-test_rmd.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_sha1.t b/test/recipes/05-test_sha1.t
+index 310022e..21bb74e 100644
+--- a/test/recipes/05-test_sha1.t
++++ b/test/recipes/05-test_sha1.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_sha256.t b/test/recipes/05-test_sha256.t
+index 02058c7..071a45c 100644
+--- a/test/recipes/05-test_sha256.t
++++ b/test/recipes/05-test_sha256.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_sha512.t b/test/recipes/05-test_sha512.t
+index 6522ddd..4ce585c 100644
+--- a/test/recipes/05-test_sha512.t
++++ b/test/recipes/05-test_sha512.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/05-test_wp.t b/test/recipes/05-test_wp.t
+index e745f23..a042898 100644
+--- a/test/recipes/05-test_wp.t
++++ b/test/recipes/05-test_wp.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/10-test_bn.t b/test/recipes/10-test_bn.t
+index 7e728f4..e35498d 100644
+--- a/test/recipes/10-test_bn.t
++++ b/test/recipes/10-test_bn.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/10-test_exp.t b/test/recipes/10-test_exp.t
+index b8083e7..7e999c4 100644
+--- a/test/recipes/10-test_exp.t
++++ b/test/recipes/10-test_exp.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/15-test_dh.t b/test/recipes/15-test_dh.t
+index 35e9564..60cb54c 100644
+--- a/test/recipes/15-test_dh.t
++++ b/test/recipes/15-test_dh.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/15-test_dsa.t b/test/recipes/15-test_dsa.t
+index 22f971c..bf3b0d3 100644
+--- a/test/recipes/15-test_dsa.t
++++ b/test/recipes/15-test_dsa.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/15-test_ec.t b/test/recipes/15-test_ec.t
+index 48b8ce8..a1c704a 100644
+--- a/test/recipes/15-test_ec.t
++++ b/test/recipes/15-test_ec.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/15-test_ecdh.t b/test/recipes/15-test_ecdh.t
+index acccea8..f11cd06 100644
+--- a/test/recipes/15-test_ecdh.t
++++ b/test/recipes/15-test_ecdh.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/15-test_ecdsa.t b/test/recipes/15-test_ecdsa.t
+index 992bb96..82a8559 100644
+--- a/test/recipes/15-test_ecdsa.t
++++ b/test/recipes/15-test_ecdsa.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/15-test_rsa.t b/test/recipes/15-test_rsa.t
+index 42bba1d..07746f4 100644
+--- a/test/recipes/15-test_rsa.t
++++ b/test/recipes/15-test_rsa.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/20-test_enc.t b/test/recipes/20-test_enc.t
+index 2efcf70..88a5890 100644
+--- a/test/recipes/20-test_enc.t
++++ b/test/recipes/20-test_enc.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/25-test_crl.t b/test/recipes/25-test_crl.t
+index 8650bfc..f708ea8 100644
+--- a/test/recipes/25-test_crl.t
++++ b/test/recipes/25-test_crl.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/25-test_d2i.t b/test/recipes/25-test_d2i.t
+index a9c259d..77afe3f 100644
+--- a/test/recipes/25-test_d2i.t
++++ b/test/recipes/25-test_d2i.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+@@ -8,12 +15,67 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/;
+
+ setup("test_d2i");
+
+-plan tests => 2;
++plan tests => 13;
+
+-ok(run(test(["d2i_test", "x509",
++ok(run(test(["d2i_test", "X509", "decode",
+ srctop_file('test','d2i-tests','bad_cert.der')])),
+ "Running d2i_test bad_cert.der");
+
+-ok(run(test(["d2i_test", "generalname",
++ok(run(test(["d2i_test", "GENERAL_NAME", "decode",
+ srctop_file('test','d2i-tests','bad_generalname.der')])),
+ "Running d2i_test bad_generalname.der");
++
++ok(run(test(["d2i_test", "ASN1_ANY", "BIO",
++ srctop_file('test','d2i-tests','bad_bio.der')])),
++ "Running d2i_test bad_bio.der");
++# This test checks CVE-2016-2108. The data consists of an tag 258 and
++# two zero content octets. This is parsed as an ASN1_ANY type. If the
++# type is incorrectly interpreted as an ASN.1 INTEGER the two zero content
++# octets will be reject as invalid padding and this test will fail.
++# If the type is correctly interpreted it will by treated as an ASN1_STRING
++# type and the content octets copied verbatim.
++ok(run(test(["d2i_test", "ASN1_ANY", "OK",
++ srctop_file('test','d2i-tests','high_tag.der')])),
++ "Running d2i_test high_tag.der");
++
++# Above test data but interpeted as ASN.1 INTEGER: this will be rejected
++# because the tag is invalid.
++ok(run(test(["d2i_test", "ASN1_INTEGER", "decode",
++ srctop_file('test','d2i-tests','high_tag.der')])),
++ "Running d2i_test high_tag.der INTEGER");
++
++# Parse valid 0, 1 and -1 ASN.1 INTEGER as INTEGER or ANY.
++
++ok(run(test(["d2i_test", "ASN1_INTEGER", "OK",
++ srctop_file('test','d2i-tests','int0.der')])),
++ "Running d2i_test int0.der INTEGER");
++
++ok(run(test(["d2i_test", "ASN1_INTEGER", "OK",
++ srctop_file('test','d2i-tests','int1.der')])),
++ "Running d2i_test int1.der INTEGER");
++
++ok(run(test(["d2i_test", "ASN1_INTEGER", "OK",
++ srctop_file('test','d2i-tests','intminus1.der')])),
++ "Running d2i_test intminus1.der INTEGER");
++
++ok(run(test(["d2i_test", "ASN1_ANY", "OK",
++ srctop_file('test','d2i-tests','int0.der')])),
++ "Running d2i_test int0.der ANY");
++
++ok(run(test(["d2i_test", "ASN1_ANY", "OK",
++ srctop_file('test','d2i-tests','int1.der')])),
++ "Running d2i_test int1.der ANY");
++
++ok(run(test(["d2i_test", "ASN1_ANY", "OK",
++ srctop_file('test','d2i-tests','intminus1.der')])),
++ "Running d2i_test intminus1.der ANY");
++
++# Integers with illegal additional padding.
++
++ok(run(test(["d2i_test", "ASN1_INTEGER", "decode",
++ srctop_file('test','d2i-tests','bad-int-pad0.der')])),
++ "Running d2i_test bad-int-pad0.der INTEGER");
++
++ok(run(test(["d2i_test", "ASN1_INTEGER", "decode",
++ srctop_file('test','d2i-tests','bad-int-padminus1.der')])),
++ "Running d2i_test bad-int-padminus1.der INTEGER");
+diff --git a/test/recipes/25-test_gen.t b/test/recipes/25-test_gen.t
+index ce4a5ee..6eac7ca 100644
+--- a/test/recipes/25-test_gen.t
++++ b/test/recipes/25-test_gen.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/25-test_pkcs7.t b/test/recipes/25-test_pkcs7.t
+index 6e9b397..724326b 100644
+--- a/test/recipes/25-test_pkcs7.t
++++ b/test/recipes/25-test_pkcs7.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/25-test_req.t b/test/recipes/25-test_req.t
+index fac9771..d5eb29b 100644
+--- a/test/recipes/25-test_req.t
++++ b/test/recipes/25-test_req.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/25-test_sid.t b/test/recipes/25-test_sid.t
+index 84444b3..b13cb5c 100644
+--- a/test/recipes/25-test_sid.t
++++ b/test/recipes/25-test_sid.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t
+index e025739..172eecb 100644
+--- a/test/recipes/25-test_verify.t
++++ b/test/recipes/25-test_verify.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/25-test_x509.t b/test/recipes/25-test_x509.t
+index 1572a06..3ff187d 100644
+--- a/test/recipes/25-test_x509.t
++++ b/test/recipes/25-test_x509.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/30-test_afalg.t b/test/recipes/30-test_afalg.t
+index e28bccb..c8cb67b 100644
+--- a/test/recipes/30-test_afalg.t
++++ b/test/recipes/30-test_afalg.t
+@@ -1,55 +1,10 @@
+-#!/usr/bin/perl
+-# ====================================================================
+-# Copyright (c) 2016 The OpenSSL Project. All rights reserved.
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use OpenSSL::Test qw/:DEFAULT bldtop_dir/;
+diff --git a/test/recipes/30-test_engine.t b/test/recipes/30-test_engine.t
+index c097b6f..03c96cd 100644
+--- a/test/recipes/30-test_engine.t
++++ b/test/recipes/30-test_engine.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t
+index 9ee24f4..c277fcd 100644
+--- a/test/recipes/30-test_evp.t
++++ b/test/recipes/30-test_evp.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/30-test_evp_extra.t b/test/recipes/30-test_evp_extra.t
+index 0f90b21..9a656b0 100644
+--- a/test/recipes/30-test_evp_extra.t
++++ b/test/recipes/30-test_evp_extra.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/30-test_pbelu.t b/test/recipes/30-test_pbelu.t
+index 635fb69..38b2d48 100644
+--- a/test/recipes/30-test_pbelu.t
++++ b/test/recipes/30-test_pbelu.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/40-test_rehash.t b/test/recipes/40-test_rehash.t
+index dd7f4ac..c5c90e0 100644
+--- a/test/recipes/40-test_rehash.t
++++ b/test/recipes/40-test_rehash.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/70-test_asyncio.t b/test/recipes/70-test_asyncio.t
+new file mode 100644
+index 0000000..c26f757
+--- /dev/null
++++ b/test/recipes/70-test_asyncio.t
+@@ -0,0 +1,22 @@
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++
++use OpenSSL::Test;
++use OpenSSL::Test::Utils;
++use OpenSSL::Test qw/:DEFAULT srctop_file/;
++
++setup("test_asyncio");
++
++plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build"
++ if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls"));
++
++plan tests => 1;
++
++ok(run(test(["asynciotest", srctop_file("apps", "server.pem"),
++ srctop_file("apps", "server.pem")])), "running asynciotest");
+diff --git a/test/recipes/70-test_clienthello.t b/test/recipes/70-test_clienthello.t
+index 2032d6d..ef0868f 100644
+--- a/test/recipes/70-test_clienthello.t
++++ b/test/recipes/70-test_clienthello.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test;
+ use OpenSSL::Test::Utils;
+diff --git a/test/recipes/70-test_packet.t b/test/recipes/70-test_packet.t
+index b1609d5..9bc6515 100644
+--- a/test/recipes/70-test_packet.t
++++ b/test/recipes/70-test_packet.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/70-test_sslcertstatus.t b/test/recipes/70-test_sslcertstatus.t
+index 298f6da..9eb5116 100755
+--- a/test/recipes/70-test_sslcertstatus.t
++++ b/test/recipes/70-test_sslcertstatus.t
+@@ -1,56 +1,10 @@
+-#!/usr/bin/perl
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
+@@ -72,6 +26,9 @@ plan skip_all => "$test_name needs the sock feature enabled"
+ plan skip_all => "$test_name needs the ocsp feature enabled"
+ if disabled("ocsp");
+
++plan skip_all => "$test_name needs TLS enabled"
++ if alldisabled(available_protocols("tls"));
++
+ $ENV{OPENSSL_ia32cap} = '~0x200000200000000';
+ my $proxy = TLSProxy::Proxy->new(
+ \&certstatus_filter,
+diff --git a/test/recipes/70-test_sslextension.t b/test/recipes/70-test_sslextension.t
+index 7d45ce2..1084c96 100755
+--- a/test/recipes/70-test_sslextension.t
++++ b/test/recipes/70-test_sslextension.t
+@@ -1,56 +1,10 @@
+-#!/usr/bin/perl
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
+@@ -69,6 +23,9 @@ plan skip_all => "$test_name needs the dynamic engine feature enabled"
+ plan skip_all => "$test_name needs the sock feature enabled"
+ if disabled("sock");
+
++plan skip_all => "$test_name needs TLS enabled"
++ if alldisabled(available_protocols("tls"));
++
+ $ENV{OPENSSL_ia32cap} = '~0x200000200000000';
+ my $proxy = TLSProxy::Proxy->new(
+ \&extension_filter,
+diff --git a/test/recipes/70-test_sslsessiontick.t b/test/recipes/70-test_sslsessiontick.t
+index cbd4c65..c30ac44 100755
+--- a/test/recipes/70-test_sslsessiontick.t
++++ b/test/recipes/70-test_sslsessiontick.t
+@@ -1,56 +1,10 @@
+-#!/usr/bin/perl
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
+@@ -70,6 +24,9 @@ plan skip_all => "$test_name needs the dynamic engine feature enabled"
+ plan skip_all => "$test_name needs the sock feature enabled"
+ if disabled("sock");
+
++plan skip_all => "$test_name needs TLS enabled"
++ if alldisabled(available_protocols("tls"));
++
+ $ENV{OPENSSL_ia32cap} = '~0x200000200000000';
+
+ sub checkmessages($$$$$$);
+@@ -88,7 +45,7 @@ my $proxy = TLSProxy::Proxy->new(
+ (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
+ );
+
+-plan tests => 8;
++plan tests => 10;
+
+ #Test 1: By default with no existing session we should get a session ticket
+ #Expected result: ClientHello extension seen; ServerHello extension seen
+@@ -171,6 +128,23 @@ $proxy->clientstart();
+ # NewSessionTicket message not seen; Abbreviated handshake.
+ checkmessages(8, "Empty ticket resumption test", 1, 0, 0, 0);
+
++#Test 9: Bad server sends the ServerHello extension but does not send a
++#NewSessionTicket
++#Expected result: Connection failure
++clearall();
++$proxy->serverflags("-no_ticket");
++$proxy->filter(\&inject_ticket_extension_filter);
++$proxy->start();
++ok(TLSProxy::Message->fail, "Server sends ticket extension but no ticket test");
++
++#Test10: Bad server does not send the ServerHello extension but does send a
++#NewSessionTicket
++#Expected result: Connection failure
++clearall();
++$proxy->serverflags("-no_ticket");
++$proxy->filter(\&inject_empty_ticket_filter);
++$proxy->start();
++ok(TLSProxy::Message->fail, "No server ticket extension but ticket sent test");
+
+ sub ticket_filter
+ {
+@@ -214,6 +188,26 @@ sub inject_empty_ticket_filter {
+ $proxy->message_list([@new_message_list]);
+ }
+
++sub inject_ticket_extension_filter
++{
++ my $proxy = shift;
++
++ # We're only interested in the initial ServerHello
++ if ($proxy->flight != 1) {
++ return;
++ }
++
++ foreach my $message (@{$proxy->message_list}) {
++ if ($message->mt == TLSProxy::Message::MT_SERVER_HELLO) {
++ #Add the session ticket extension to the ServerHello even though
++ #we are not going to send a NewSessionTicket message
++ $message->set_extension(TLSProxy::Message::EXT_SESSION_TICKET, "");
++
++ $message->repack();
++ }
++ }
++}
++
+ sub checkmessages($$$$$$)
+ {
+ my ($testno, $testname, $testch, $testsh, $testtickseen, $testhand) = @_;
+diff --git a/test/recipes/70-test_sslskewith0p.t b/test/recipes/70-test_sslskewith0p.t
+index ac88ed5..ca8dfe7 100755
+--- a/test/recipes/70-test_sslskewith0p.t
++++ b/test/recipes/70-test_sslskewith0p.t
+@@ -1,56 +1,10 @@
+-#!/usr/bin/perl
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
+@@ -72,6 +26,9 @@ plan skip_all => "dh is not supported by this OpenSSL build"
+ plan skip_all => "$test_name needs the sock feature enabled"
+ if disabled("sock");
+
++plan skip_all => "$test_name needs TLS enabled"
++ if alldisabled(available_protocols("tls"));
++
+ $ENV{OPENSSL_ia32cap} = '~0x200000200000000';
+ my $proxy = TLSProxy::Proxy->new(
+ \&ske_0_p_filter,
+diff --git a/test/recipes/70-test_sslvertol.t b/test/recipes/70-test_sslvertol.t
+index c1ec38f..af82a8c 100755
+--- a/test/recipes/70-test_sslvertol.t
++++ b/test/recipes/70-test_sslvertol.t
+@@ -1,56 +1,10 @@
+-#!/usr/bin/perl
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
+@@ -69,6 +23,9 @@ plan skip_all => "$test_name needs the dynamic engine feature enabled"
+ plan skip_all => "$test_name needs the sock feature enabled"
+ if disabled("sock");
+
++plan skip_all => "$test_name needs TLS enabled"
++ if alldisabled(available_protocols("tls"));
++
+ $ENV{OPENSSL_ia32cap} = '~0x200000200000000';
+ my $proxy = TLSProxy::Proxy->new(
+ \&vers_tolerance_filter,
+diff --git a/test/recipes/70-test_tlsextms.t b/test/recipes/70-test_tlsextms.t
+index 24abfcf..6cc04ff 100644
+--- a/test/recipes/70-test_tlsextms.t
++++ b/test/recipes/70-test_tlsextms.t
+@@ -1,56 +1,10 @@
+-#!/usr/bin/perl
+-# Written by Stephen Henson for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
+@@ -70,6 +24,9 @@ plan skip_all => "$test_name needs the dynamic engine feature enabled"
+ plan skip_all => "$test_name needs the sock feature enabled"
+ if disabled("sock");
+
++plan skip_all => "$test_name needs TLS enabled"
++ if alldisabled(available_protocols("tls"));
++
+ $ENV{OPENSSL_ia32cap} = '~0x200000200000000';
+
+ sub checkmessages($$$$$);
+diff --git a/test/recipes/70-test_verify_extra.t b/test/recipes/70-test_verify_extra.t
+index 8c213e8..79a33cd 100644
+--- a/test/recipes/70-test_verify_extra.t
++++ b/test/recipes/70-test_verify_extra.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test qw/:DEFAULT srctop_file/;
+
+diff --git a/test/recipes/80-test_ca.t b/test/recipes/80-test_ca.t
+index 09d5ba6..cd42687 100644
+--- a/test/recipes/80-test_ca.t
++++ b/test/recipes/80-test_ca.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+@@ -17,17 +24,17 @@ rmtree("demoCA", { safe => 0 });
+
+ plan tests => 4;
+ SKIP: {
+- $ENV{OPENSSL_CONFIG} = "-config ".srctop_file("test", "CAss.cnf");
++ $ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "CAss.cnf").'"';
+ skip "failed creating CA structure", 3
+ if !ok(run(perlapp(["CA.pl","-newca"], stdin => undef)),
+ 'creating CA structure');
+
+- $ENV{OPENSSL_CONFIG} = "-config ".srctop_file("test", "Uss.cnf");
++ $ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "Uss.cnf").'"';
+ skip "failed creating new certificate request", 2
+ if !ok(run(perlapp(["CA.pl","-newreq"])),
+ 'creating CA structure');
+
+- $ENV{OPENSSL_CONFIG} = "-config ".$std_openssl_cnf;
++ $ENV{OPENSSL_CONFIG} = '-config "'.$std_openssl_cnf.'"';
+ skip "failed to sign certificate request", 1
+ if !is(yes(cmdstr(perlapp(["CA.pl", "-sign"]))), 0,
+ 'signing certificate request');
+diff --git a/test/recipes/80-test_cipherlist.t b/test/recipes/80-test_cipherlist.t
+new file mode 100644
+index 0000000..af9ac33
+--- /dev/null
++++ b/test/recipes/80-test_cipherlist.t
+@@ -0,0 +1,18 @@
++#! /usr/bin/perl
++
++use strict;
++use warnings;
++
++use OpenSSL::Test::Simple;
++use OpenSSL::Test;
++use OpenSSL::Test::Utils qw(alldisabled available_protocols);
++
++setup("test_cipherlist");
++
++my $no_anytls = alldisabled(available_protocols("tls"));
++
++# If we have no protocols, then we also have no supported ciphers.
++plan skip_all => "No SSL/TLS protocol is supported by this OpenSSL build."
++ if $no_anytls;
++
++simple_test("test_cipherlist", "cipherlist_test", "cipherlist");
+diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
+index 645f37a..40fcf7c 100644
+--- a/test/recipes/80-test_cms.t
++++ b/test/recipes/80-test_cms.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/80-test_ct.t b/test/recipes/80-test_ct.t
+index 9685b95..9c717b2 100644
+--- a/test/recipes/80-test_ct.t
++++ b/test/recipes/80-test_ct.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test qw/:DEFAULT srctop_file srctop_dir/;
+ use OpenSSL::Test::Simple;
+diff --git a/test/recipes/80-test_dane.t b/test/recipes/80-test_dane.t
+index 6436735..527e663 100644
+--- a/test/recipes/80-test_dane.t
++++ b/test/recipes/80-test_dane.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/80-test_dtlsv1listen.t b/test/recipes/80-test_dtlsv1listen.t
+index e7371ca..dd1bb35 100644
+--- a/test/recipes/80-test_dtlsv1listen.t
++++ b/test/recipes/80-test_dtlsv1listen.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/80-test_ocsp.t b/test/recipes/80-test_ocsp.t
+index ae4bf85..103a7ae 100644
+--- a/test/recipes/80-test_ocsp.t
++++ b/test/recipes/80-test_ocsp.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t
+index abb6528..07f1291 100644
+--- a/test/recipes/80-test_ssl_new.t
++++ b/test/recipes/80-test_ssl_new.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+@@ -13,8 +20,10 @@ setup("test_ssl_new");
+
+ $ENV{TEST_CERTS_DIR} = srctop_dir("test", "certs");
+
+-my @conf_srcs = glob(srctop_file("test", "ssl-tests", "*.conf"));
+-my @conf_files = map {basename($_)} @conf_srcs;
++my @conf_srcs = glob('"'.srctop_file("test", "ssl-tests", "*.conf.in").'"');
++map { s/;.*// } @conf_srcs if $^O eq "VMS";
++my @conf_files = map { basename($_) } @conf_srcs;
++map { s/\.in// } @conf_files;
+
+ # 02-protocol-version.conf test results depend on the configuration of enabled
+ # protocols. We only verify generated sources in the default configuration.
+@@ -32,7 +41,7 @@ foreach my $conf (@conf_files) {
+
+ # We hard-code the number of tests to double-check that the globbing above
+ # finds all files as expected.
+-plan tests => 2; # = scalar @conf_files
++plan tests => 3; # = scalar @conf_srcs
+
+ sub test_conf {
+ plan tests => 3;
+diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t
+index 879ab7f..b41e67a 100644
+--- a/test/recipes/80-test_ssl_old.t
++++ b/test/recipes/80-test_ssl_old.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+@@ -29,6 +36,7 @@ my $digest = "-sha1";
+ my @reqcmd = ("openssl", "req");
+ my @x509cmd = ("openssl", "x509", $digest);
+ my @verifycmd = ("openssl", "verify");
++my @gendsacmd = ("openssl", "gendsa");
+ my $dummycnf = srctop_file("apps", "openssl.cnf");
+
+ my $CAkey = "keyCA.ss";
+@@ -71,10 +79,7 @@ my $client_sess="client.ss";
+ # new format in ssl_test.c and add recipes to 80-test_ssl_new.t instead.
+ plan tests =>
+ 1 # For testss
+- + 1 # For ssltest_old -test_cipherlist
+ + 14 # For the first testssl
+- + 16 # For the first testsslproxy
+- + 16 # For the second testsslproxy
+ ;
+
+ subtest 'test_ss' => sub {
+@@ -89,21 +94,8 @@ subtest 'test_ss' => sub {
+ }
+ };
+
+-my $check = ok(run(test(["ssltest_old","-test_cipherlist"])), "running ssltest_old");
+-
+- SKIP: {
+- skip "ssltest_old ended with error, skipping the rest", 3
+- if !$check;
+-
+- note('test_ssl -- key U');
+- testssl("keyU.ss", $Ucert, $CAcert);
+-
+- note('test_ssl -- key P1');
+- testsslproxy("keyP1.ss", "certP1.ss", "intP1.ss", "AB");
+-
+- note('test_ssl -- key P2');
+- testsslproxy("keyP2.ss", "certP2.ss", "intP2.ss", "BC");
+- }
++note('test_ssl -- key U');
++testssl("keyU.ss", $Ucert, $CAcert);
+
+ # -----------
+ # subtest functions
+@@ -114,6 +106,7 @@ sub testss {
+
+ my @req_dsa = ("-newkey",
+ "dsa:".srctop_file("apps", "dsa1024.pem"));
++ my $dsaparams = srctop_file("apps", "dsa1024.pem");
+ my @req_new;
+ if ($no_rsa) {
+ @req_new = @req_dsa;
+@@ -184,14 +177,18 @@ sub testss {
+ plan skip_all => "skipping DSA certificate creation"
+ if $no_dsa;
+
+- plan tests => 4;
++ plan tests => 5;
+
+ SKIP: {
+ $ENV{CN2} = "DSA Certificate";
++ skip 'failure', 4 unless
++ ok(run(app([@gendsacmd, "-out", $Dkey,
++ $dsaparams],
++ stdout => "err.ss")),
++ "make a DSA key");
+ skip 'failure', 3 unless
+- ok(run(app([@reqcmd, "-config", $Uconf,
+- "-out", $Dreq, "-keyout", $Dkey,
+- @req_dsa],
++ ok(run(app([@reqcmd, "-new", "-config", $Uconf,
++ "-out", $Dreq, "-key", $Dkey],
+ stdout => "err.ss")),
+ "make a DSA user cert request");
+ skip 'failure', 2 unless
+@@ -832,77 +829,3 @@ sub testssl {
+ }
+ };
+ }
+-
+-sub testsslproxy {
+- my $key = shift || srctop_file("apps","server.pem");
+- my $cert = shift || srctop_file("apps","server.pem");
+- my $CAtmp = shift;
+- my @CA = $CAtmp ? ("-CAfile", $CAtmp) : ("-CApath", bldtop_dir("certs"));
+- my @extra = @_;
+-
+- my @ssltest = ("ssltest_old",
+- "-s_key", $key, "-s_cert", $cert,
+- "-c_key", $key, "-c_cert", $cert);
+-
+- # plan tests => 16;
+-
+- note('Testing a lot of proxy conditions.');
+-
+- # We happen to know that certP1.ss has policy letters "AB" and
+- # certP2.ss has policy letters "BC". However, because certP2.ss
+- # has certP1.ss as issuer, when it's used, both their policy
+- # letters get combined into just "B".
+- # The policy letter(s) then get filtered with the given auth letter
+- # in the table below, and the result gets tested with the given
+- # condition. For details, read ssltest_old.c
+- #
+- # certfilename => [ [ auth, cond, expected result ] ... ]
+- my %expected = ( "certP1.ss" => [ [ [ 'A', 'A' ], 1 ],
+- [ [ 'A', 'B' ], 0 ],
+- [ [ 'A', 'C' ], 0 ],
+- [ [ 'A', 'A|B&!C' ], 1 ],
+- [ [ 'B', 'A' ], 0 ],
+- [ [ 'B', 'B' ], 1 ],
+- [ [ 'B', 'C' ], 0 ],
+- [ [ 'B', 'A|B&!C' ], 1 ],
+- [ [ 'C', 'A' ], 0 ],
+- [ [ 'C', 'B' ], 0 ],
+- [ [ 'C', 'C' ], 0 ],
+- [ [ 'C', 'A|B&!C' ], 0 ],
+- [ [ 'BC', 'A' ], 0 ],
+- [ [ 'BC', 'B' ], 1 ],
+- [ [ 'BC', 'C' ], 0 ],
+- [ [ 'BC', 'A|B&!C' ], 1 ] ],
+- "certP2.ss" => [ [ [ 'A', 'A' ], 0 ],
+- [ [ 'A', 'B' ], 0 ],
+- [ [ 'A', 'C' ], 0 ],
+- [ [ 'A', 'A|B&!C' ], 0 ],
+- [ [ 'B', 'A' ], 0 ],
+- [ [ 'B', 'B' ], 1 ],
+- [ [ 'B', 'C' ], 0 ],
+- [ [ 'B', 'A|B&!C' ], 1 ],
+- [ [ 'C', 'A' ], 0 ],
+- [ [ 'C', 'B' ], 0 ],
+- [ [ 'C', 'C' ], 0 ],
+- [ [ 'C', 'A|B&!C' ], 0 ],
+- [ [ 'BC', 'A' ], 0 ],
+- [ [ 'BC', 'B' ], 1 ],
+- [ [ 'BC', 'C' ], 0 ],
+- [ [ 'BC', 'A|B&!C' ], 1 ] ] );
+-
+- SKIP: {
+- skip "Neither SSLv3 nor any TLS version are supported by this OpenSSL build", scalar(@{$expected{$cert}})
+- if $no_anytls;
+-
+- foreach (@{$expected{$cert}}) {
+- my $auth = $_->[0]->[0];
+- my $cond = $_->[0]->[1];
+- my $res = $_->[1];
+- is(run(test([@ssltest, "-server_auth", @CA,
+- "-proxy", "-proxy_auth", $auth,
+- "-proxy_cond", $cond])), $res,
+- "test tlsv1, server auth, proxy auth $auth and cond $cond (expect "
+- .($res ? "success" : "failure").")");
+- }
+- }
+-}
+diff --git a/test/recipes/80-test_ssl_test_ctx.t b/test/recipes/80-test_ssl_test_ctx.t
+index 210e4e8..c593491 100644
+--- a/test/recipes/80-test_ssl_test_ctx.t
++++ b/test/recipes/80-test_ssl_test_ctx.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/80-test_tsa.t b/test/recipes/80-test_tsa.t
+index f2ceeeb..cf3378b 100644
+--- a/test/recipes/80-test_tsa.t
++++ b/test/recipes/80-test_tsa.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/80-test_x509aux.t b/test/recipes/80-test_x509aux.t
+new file mode 100644
+index 0000000..65ba5fc
+--- /dev/null
++++ b/test/recipes/80-test_x509aux.t
+@@ -0,0 +1,27 @@
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++
++use strict;
++use warnings;
++use OpenSSL::Test qw/:DEFAULT srctop_file/;
++use OpenSSL::Test::Utils;
++
++setup("test_x509aux");
++
++plan skip_all => "test_dane uses ec which is not supported by this OpenSSL build"
++ if disabled("ec");
++
++plan tests => 1; # The number of tests being performed
++
++ok(run(test(["x509aux",
++ srctop_file("test", "certs", "roots.pem"),
++ srctop_file("test", "certs", "root+anyEKU.pem"),
++ srctop_file("test", "certs", "root-anyEKU.pem"),
++ srctop_file("test", "certs", "root-cert.pem")]
++ )), "x509aux tests");
+diff --git a/test/recipes/90-test_async.t b/test/recipes/90-test_async.t
+index dfee578..e0f1870 100644
+--- a/test/recipes/90-test_async.t
++++ b/test/recipes/90-test_async.t
+@@ -1,4 +1,11 @@
+-#!/usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/90-test_bioprint.t b/test/recipes/90-test_bioprint.t
+new file mode 100644
+index 0000000..b86e828
+--- /dev/null
++++ b/test/recipes/90-test_bioprint.t
+@@ -0,0 +1,12 @@
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++
++use OpenSSL::Test::Simple;
++
++simple_test("test_bioprint", "bioprinttest");
+diff --git a/test/recipes/90-test_constant_time.t b/test/recipes/90-test_constant_time.t
+index cfdb578..6fa73bf 100644
+--- a/test/recipes/90-test_constant_time.t
++++ b/test/recipes/90-test_constant_time.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/90-test_gmdiff.t b/test/recipes/90-test_gmdiff.t
+index 115445e..f2cce41 100644
+--- a/test/recipes/90-test_gmdiff.t
++++ b/test/recipes/90-test_gmdiff.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/90-test_heartbeat.t b/test/recipes/90-test_heartbeat.t
+index a139c9a..90d6a67 100644
+--- a/test/recipes/90-test_heartbeat.t
++++ b/test/recipes/90-test_heartbeat.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/90-test_ige.t b/test/recipes/90-test_ige.t
+index f008350..2ab4bd2 100644
+--- a/test/recipes/90-test_ige.t
++++ b/test/recipes/90-test_ige.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/90-test_memleak.t b/test/recipes/90-test_memleak.t
+index bc72f2e..52357c7 100644
+--- a/test/recipes/90-test_memleak.t
++++ b/test/recipes/90-test_memleak.t
+@@ -1,4 +1,11 @@
+-#! /usr/bi/nperl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test;
+
+diff --git a/test/recipes/90-test_networking.t b/test/recipes/90-test_networking.t
+index 85de81a..4f984cb 100644
+--- a/test/recipes/90-test_networking.t
++++ b/test/recipes/90-test_networking.t
+@@ -1,56 +1,10 @@
+-#!/usr/bin/perl
+-# Written by Richard Levitte for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 2015-2016 The OpenSSL Project. All rights reserved.
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_file bldtop_dir/;
+diff --git a/test/recipes/90-test_np.t b/test/recipes/90-test_np.t
+index a0d8b4b..08bb84b 100644
+--- a/test/recipes/90-test_np.t
++++ b/test/recipes/90-test_np.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/90-test_p5_crpt2.t b/test/recipes/90-test_p5_crpt2.t
+index 838e0d7..710dc8b 100644
+--- a/test/recipes/90-test_p5_crpt2.t
++++ b/test/recipes/90-test_p5_crpt2.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/90-test_secmem.t b/test/recipes/90-test_secmem.t
+index 59f3bdd..d197c48 100644
+--- a/test/recipes/90-test_secmem.t
++++ b/test/recipes/90-test_secmem.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/90-test_srp.t b/test/recipes/90-test_srp.t
+index 9110319..7026c35 100644
+--- a/test/recipes/90-test_srp.t
++++ b/test/recipes/90-test_srp.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/90-test_threads.t b/test/recipes/90-test_threads.t
+index a08d8b0..56d5338 100755
+--- a/test/recipes/90-test_threads.t
++++ b/test/recipes/90-test_threads.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/90-test_v3name.t b/test/recipes/90-test_v3name.t
+index 2a8a472..2e144e5 100644
+--- a/test/recipes/90-test_v3name.t
++++ b/test/recipes/90-test_v3name.t
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use OpenSSL::Test::Simple;
+
+diff --git a/test/recipes/bc.pl b/test/recipes/bc.pl
+index f7d4dc6..dbb5842 100644
+--- a/test/recipes/bc.pl
++++ b/test/recipes/bc.pl
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/recipes/tconversion.pl b/test/recipes/tconversion.pl
+index eeb25d0..e5fa9de 100644
+--- a/test/recipes/tconversion.pl
++++ b/test/recipes/tconversion.pl
+@@ -1,4 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use strict;
+ use warnings;
+diff --git a/test/rmdtest.c b/test/rmdtest.c
+index 867a20e..7f1e72e 100644
+--- a/test/rmdtest.c
++++ b/test/rmdtest.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -75,16 +27,15 @@ int main(int argc, char *argv[])
+ # include <openssl/ebcdic.h>
+ # endif
+
+-static char *test[] = {
+- "",
+- "a",
+- "abc",
+- "message digest",
+- "abcdefghijklmnopqrstuvwxyz",
+- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+- "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+- NULL,
++static char test[][100] = {
++ { "" },
++ { "a" },
++ { "abc" },
++ { "message digest" },
++ { "abcdefghijklmnopqrstuvwxyz" },
++ { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
++ { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
++ { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
+ };
+
+ static char *ret[] = {
+@@ -101,30 +52,27 @@ static char *ret[] = {
+ static char *pt(unsigned char *md);
+ int main(int argc, char *argv[])
+ {
+- int i, err = 0;
+- char **P, **R;
++ unsigned int i;
++ int err = 0;
++ char **R;
+ char *p;
+ unsigned char md[RIPEMD160_DIGEST_LENGTH];
+
+- P = test;
+ R = ret;
+- i = 1;
+- while (*P != NULL) {
++ for (i = 0; i < OSSL_NELEM(test); i++) {
+ # ifdef CHARSET_EBCDIC
+- ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P));
++ ebcdic2ascii(test[i], test[i], strlen(test[i]));
+ # endif
+- EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_ripemd160(),
++ EVP_Digest(test[i], strlen(test[i]), md, NULL, EVP_ripemd160(),
+ NULL);
+ p = pt(md);
+ if (strcmp(p, (char *)*R) != 0) {
+- printf("error calculating RIPEMD160 on '%s'\n", *P);
++ printf("error calculating RIPEMD160 on '%s'\n", test[i]);
+ printf("got %s instead of %s\n", p, *R);
+ err++;
+ } else
+- printf("test %d ok\n", i);
+- i++;
++ printf("test %d ok\n", i + 1);
+ R++;
+- P++;
+ }
+ EXIT(err);
+ }
+diff --git a/test/rsa_test.c b/test/rsa_test.c
+index 2bc21b0..c8e68db 100644
+--- a/test/rsa_test.c
++++ b/test/rsa_test.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ /* test vectors from p1ovect1.txt */
+
+ #include <stdio.h>
+diff --git a/test/run_tests.pl b/test/run_tests.pl
+index f7bd623..6ce1521 100644
+--- a/test/run_tests.pl
++++ b/test/run_tests.pl
+@@ -1,8 +1,19 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use warnings;
+
++# Recognise VERBOSE and V which is common on other projects.
++BEGIN {
++ $ENV{HARNESS_VERBOSE} = "yes" if $ENV{VERBOSE} || $ENV{V};
++}
++
+ use File::Spec::Functions qw/catdir catfile curdir abs2rel rel2abs/;
+ use File::Basename;
+ use Test::Harness qw/runtests $switches/;
+@@ -28,16 +39,16 @@ if (@ARGV) {
+ @tests = @ARGV;
+ }
+ my $list_mode = scalar(grep /^list$/, @tests) != 0;
+-if (grep /^alltests|list$/, @tests) {
++if (grep /^(alltests|list)$/, @tests) {
+ @tests = grep {
+ basename($_) =~ /^[0-9][0-9]-[^\.]*\.t$/
+- } glob(catfile($recipesdir,"*.t"));
++ } glob('"'.catfile($recipesdir,"*.t").'"');
+ } else {
+ my @t = ();
+ foreach (@tests) {
+ push @t, grep {
+ basename($_) =~ /^[0-9][0-9]-[^\.]*\.t$/
+- } glob(catfile($recipesdir,"*-$_.t"));
++ } glob('"'.catfile($recipesdir,"*-$_.t").'"');
+ }
+ @tests = @t;
+ }
+diff --git a/test/secmemtest.c b/test/secmemtest.c
+index 7a77291..c31f391 100644
+--- a/test/secmemtest.c
++++ b/test/secmemtest.c
+@@ -1,32 +1,101 @@
++/*
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
+
+ #include <openssl/crypto.h>
+
++#define perror_line() perror_line1(__LINE__)
++#define perror_line1(l) perror_line2(l)
++#define perror_line2(l) perror("failed " #l)
++
+ int main(int argc, char **argv)
+ {
+ #if defined(OPENSSL_SYS_LINUX) || defined(OPENSSL_SYS_UNIX)
+- char *p = NULL, *q = NULL;
++ char *p = NULL, *q = NULL, *r = NULL, *s = NULL;
+
++ r = OPENSSL_secure_malloc(20);
++ /* r = non-secure 20 */
++ if (r == NULL) {
++ perror_line();
++ return 1;
++ }
+ if (!CRYPTO_secure_malloc_init(4096, 32)) {
+- perror("failed");
++ perror_line();
++ return 1;
++ }
++ if (CRYPTO_secure_allocated(r)) {
++ perror_line();
+ return 1;
+ }
+ p = OPENSSL_secure_malloc(20);
++ /* r = non-secure 20, p = secure 20 */
+ if (!CRYPTO_secure_allocated(p)) {
+- perror("failed 1");
++ perror_line();
++ return 1;
++ }
++ /* 20 secure -> 32-byte minimum allocaton unit */
++ if (CRYPTO_secure_used() != 32) {
++ perror_line();
+ return 1;
+ }
+ q = OPENSSL_malloc(20);
++ /* r = non-secure 20, p = secure 20, q = non-secure 20 */
+ if (CRYPTO_secure_allocated(q)) {
+- perror("failed 1");
++ perror_line();
++ return 1;
++ }
++ s = OPENSSL_secure_malloc(20);
++ /* r = non-secure 20, p = secure 20, q = non-secure 20, s = secure 20 */
++ if (!CRYPTO_secure_allocated(s)) {
++ perror_line();
++ return 1;
++ }
++ /* 2 * 20 secure -> 64 bytes allocated */
++ if (CRYPTO_secure_used() != 64) {
++ perror_line();
+ return 1;
+ }
+ OPENSSL_secure_free(p);
++ /* 20 secure -> 32 bytes allocated */
++ if (CRYPTO_secure_used() != 32) {
++ perror_line();
++ return 1;
++ }
+ OPENSSL_free(q);
+- CRYPTO_secure_malloc_done();
++ /* should not complete, as secure memory is still allocated */
++ if (CRYPTO_secure_malloc_done()) {
++ perror_line();
++ return 1;
++ }
++ if (!CRYPTO_secure_malloc_initialized()) {
++ perror_line();
++ return 1;
++ }
++ OPENSSL_secure_free(s);
++ /* secure memory should now be 0, so done should complete */
++ if (CRYPTO_secure_used() != 0) {
++ perror_line();
++ return 1;
++ }
++ if (!CRYPTO_secure_malloc_done()) {
++ perror_line();
++ return 1;
++ }
++ if (CRYPTO_secure_malloc_initialized()) {
++ perror_line();
++ return 1;
++ }
++ /* this can complete - it was not really secure */
++ OPENSSL_secure_free(r);
+ #else
+ /* Should fail. */
+ if (CRYPTO_secure_malloc_init(4096, 32)) {
+- perror("failed");
++ perror_line();
+ return 1;
+ }
+ #endif
+diff --git a/test/sha1test.c b/test/sha1test.c
+index ada37d1..9ff959e 100644
+--- a/test/sha1test.c
++++ b/test/sha1test.c
+@@ -1,58 +1,10 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -67,10 +19,9 @@
+ # include <openssl/ebcdic.h>
+ #endif
+
+-static char *test[] = {
+- "abc",
+- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+- NULL,
++static char test[][80] = {
++ { "abc" },
++ { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }
+ };
+
+ static char *ret[] = {
+@@ -83,34 +34,29 @@ static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+ static char *pt(unsigned char *md);
+ int main(int argc, char *argv[])
+ {
+- int i, err = 0;
+- char **P, **R;
++ unsigned int i;
++ int err = 0;
++ char **R;
+ static unsigned char buf[1000];
+ char *p, *r;
+ EVP_MD_CTX *c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+
+-#ifdef CHARSET_EBCDIC
+- ebcdic2ascii(test[0], test[0], strlen(test[0]));
+- ebcdic2ascii(test[1], test[1], strlen(test[1]));
+-#endif
+-
+ c = EVP_MD_CTX_new();
+- P = test;
+ R = ret;
+- i = 1;
+- while (*P != NULL) {
+- EVP_Digest(*P, strlen((char *)*P), md, NULL, EVP_sha1(), NULL);
++ for (i = 0; i < OSSL_NELEM(test); i++) {
++# ifdef CHARSET_EBCDIC
++ ebcdic2ascii(test[i], test[i], strlen(test[i]));
++# endif
++ EVP_Digest(test[i], strlen(test[i]), md, NULL, EVP_sha1(), NULL);
+ p = pt(md);
+ if (strcmp(p, (char *)*R) != 0) {
+- printf("error calculating SHA1 on '%s'\n", *P);
++ printf("error calculating SHA1 on '%s'\n", test[i]);
+ printf("got %s instead of %s\n", p, *R);
+ err++;
+ } else
+- printf("test %d ok\n", i);
+- i++;
++ printf("test %d ok\n", i + 1);
+ R++;
+- P++;
+ }
+
+ memset(buf, 'a', 1000);
+diff --git a/test/sha256t.c b/test/sha256t.c
+index d88c805..315d10f 100644
+--- a/test/sha256t.c
++++ b/test/sha256t.c
+@@ -1,7 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- * ====================================================================
++/*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <string.h>
+ #include <stdlib.h>
+diff --git a/test/sha512t.c b/test/sha512t.c
+index 714fed6..e741b27 100644
+--- a/test/sha512t.c
++++ b/test/sha512t.c
+@@ -1,7 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+- * ====================================================================
++/*
++ * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <string.h>
+ #include <stdlib.h>
+diff --git a/test/srptest.c b/test/srptest.c
+index 8379535..8d0aaa3 100644
+--- a/test/srptest.c
++++ b/test/srptest.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <openssl/opensslconf.h>
+ #ifdef OPENSSL_NO_SRP
+
+diff --git a/test/ssl-tests/03-custom_verify.conf b/test/ssl-tests/03-custom_verify.conf
+new file mode 100644
+index 0000000..182a95d
+--- /dev/null
++++ b/test/ssl-tests/03-custom_verify.conf
+@@ -0,0 +1,238 @@
++# Generated with generate_ssl_tests.pl
++
++num_tests = 9
++
++test-0 = 0-verify-success
++test-1 = 1-verify-custom-reject
++test-2 = 2-verify-custom-allow
++test-3 = 3-noverify-success
++test-4 = 4-noverify-ignore-custom-reject
++test-5 = 5-noverify-accept-custom-allow
++test-6 = 6-verify-fail-no-root
++test-7 = 7-verify-custom-success-no-root
++test-8 = 8-verify-custom-fail-no-root
++# ===========================================================
++
++[0-verify-success]
++ssl_conf = 0-verify-success-ssl
++
++[0-verify-success-ssl]
++server = 0-verify-success-server
++client = 0-verify-success-client
++
++[0-verify-success-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++
++[0-verify-success-client]
++CipherString = DEFAULT
++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
++VerifyMode = Peer
++
++
++[test-0]
++ExpectedResult = Success
++
++
++# ===========================================================
++
++[1-verify-custom-reject]
++ssl_conf = 1-verify-custom-reject-ssl
++
++[1-verify-custom-reject-ssl]
++server = 1-verify-custom-reject-server
++client = 1-verify-custom-reject-client
++
++[1-verify-custom-reject-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++
++[1-verify-custom-reject-client]
++CipherString = DEFAULT
++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
++VerifyMode = Peer
++
++
++[test-1]
++ClientAlert = HandshakeFailure
++ClientVerifyCallback = RejectAll
++ExpectedResult = ClientFail
++
++
++# ===========================================================
++
++[2-verify-custom-allow]
++ssl_conf = 2-verify-custom-allow-ssl
++
++[2-verify-custom-allow-ssl]
++server = 2-verify-custom-allow-server
++client = 2-verify-custom-allow-client
++
++[2-verify-custom-allow-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++
++[2-verify-custom-allow-client]
++CipherString = DEFAULT
++VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
++VerifyMode = Peer
++
++
++[test-2]
++ClientVerifyCallback = AcceptAll
++ExpectedResult = Success
++
++
++# ===========================================================
++
++[3-noverify-success]
++ssl_conf = 3-noverify-success-ssl
++
++[3-noverify-success-ssl]
++server = 3-noverify-success-server
++client = 3-noverify-success-client
++
++[3-noverify-success-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++
++[3-noverify-success-client]
++CipherString = DEFAULT
++
++
++[test-3]
++ExpectedResult = Success
++
++
++# ===========================================================
++
++[4-noverify-ignore-custom-reject]
++ssl_conf = 4-noverify-ignore-custom-reject-ssl
++
++[4-noverify-ignore-custom-reject-ssl]
++server = 4-noverify-ignore-custom-reject-server
++client = 4-noverify-ignore-custom-reject-client
++
++[4-noverify-ignore-custom-reject-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++
++[4-noverify-ignore-custom-reject-client]
++CipherString = DEFAULT
++
++
++[test-4]
++ClientVerifyCallback = RejectAll
++ExpectedResult = Success
++
++
++# ===========================================================
++
++[5-noverify-accept-custom-allow]
++ssl_conf = 5-noverify-accept-custom-allow-ssl
++
++[5-noverify-accept-custom-allow-ssl]
++server = 5-noverify-accept-custom-allow-server
++client = 5-noverify-accept-custom-allow-client
++
++[5-noverify-accept-custom-allow-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++
++[5-noverify-accept-custom-allow-client]
++CipherString = DEFAULT
++
++
++[test-5]
++ClientVerifyCallback = AcceptAll
++ExpectedResult = Success
++
++
++# ===========================================================
++
++[6-verify-fail-no-root]
++ssl_conf = 6-verify-fail-no-root-ssl
++
++[6-verify-fail-no-root-ssl]
++server = 6-verify-fail-no-root-server
++client = 6-verify-fail-no-root-client
++
++[6-verify-fail-no-root-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++
++[6-verify-fail-no-root-client]
++CipherString = DEFAULT
++VerifyMode = Peer
++
++
++[test-6]
++ClientAlert = UnknownCA
++ExpectedResult = ClientFail
++
++
++# ===========================================================
++
++[7-verify-custom-success-no-root]
++ssl_conf = 7-verify-custom-success-no-root-ssl
++
++[7-verify-custom-success-no-root-ssl]
++server = 7-verify-custom-success-no-root-server
++client = 7-verify-custom-success-no-root-client
++
++[7-verify-custom-success-no-root-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++
++[7-verify-custom-success-no-root-client]
++CipherString = DEFAULT
++VerifyMode = Peer
++
++
++[test-7]
++ClientVerifyCallback = AcceptAll
++ExpectedResult = Success
++
++
++# ===========================================================
++
++[8-verify-custom-fail-no-root]
++ssl_conf = 8-verify-custom-fail-no-root-ssl
++
++[8-verify-custom-fail-no-root-ssl]
++server = 8-verify-custom-fail-no-root-server
++client = 8-verify-custom-fail-no-root-client
++
++[8-verify-custom-fail-no-root-server]
++Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
++CipherString = DEFAULT
++PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
++
++
++[8-verify-custom-fail-no-root-client]
++CipherString = DEFAULT
++VerifyMode = Peer
++
++
++[test-8]
++ClientAlert = HandshakeFailure
++ClientVerifyCallback = RejectAll
++ExpectedResult = ClientFail
++
++
+diff --git a/test/ssl-tests/03-custom_verify.conf.in b/test/ssl-tests/03-custom_verify.conf.in
+new file mode 100644
+index 0000000..e2f9dc7
+--- /dev/null
++++ b/test/ssl-tests/03-custom_verify.conf.in
+@@ -0,0 +1,127 @@
++# -*- mode: perl; -*-
++
++## SSL test configurations
++
++package ssltests;
++
++our @tests = (
++
++ # Sanity-check that verification indeed succeeds without the
++ # restrictive callback.
++ {
++ name => "verify-success",
++ server => { },
++ client => { },
++ test => { "ExpectedResult" => "Success" },
++ },
++
++ # Same test as above but with a custom callback that always fails.
++ {
++ name => "verify-custom-reject",
++ server => { },
++ client => { },
++ test => {
++ "ClientVerifyCallback" => "RejectAll",
++ "ExpectedResult" => "ClientFail",
++ "ClientAlert" => "HandshakeFailure",
++ },
++ },
++
++ # Same test as above but with a custom callback that always succeeds.
++ {
++ name => "verify-custom-allow",
++ server => { },
++ client => { },
++ test => {
++ "ClientVerifyCallback" => "AcceptAll",
++ "ExpectedResult" => "Success",
++ },
++ },
++
++ # Sanity-check that verification indeed succeeds if peer verification
++ # is not requested.
++ {
++ name => "noverify-success",
++ server => { },
++ client => {
++ "VerifyMode" => undef,
++ "VerifyCAFile" => undef,
++ },
++ test => { "ExpectedResult" => "Success" },
++ },
++
++ # Same test as above but with a custom callback that always fails.
++ # The callback return has no impact on handshake success in this mode.
++ {
++ name => "noverify-ignore-custom-reject",
++ server => { },
++ client => {
++ "VerifyMode" => undef,
++ "VerifyCAFile" => undef,
++ },
++ test => {
++ "ClientVerifyCallback" => "RejectAll",
++ "ExpectedResult" => "Success",
++ },
++ },
++
++ # Same test as above but with a custom callback that always succeeds.
++ # The callback return has no impact on handshake success in this mode.
++ {
++ name => "noverify-accept-custom-allow",
++ server => { },
++ client => {
++ "VerifyMode" => undef,
++ "VerifyCAFile" => undef,
++ },
++ test => {
++ "ClientVerifyCallback" => "AcceptAll",
++ "ExpectedResult" => "Success",
++ },
++ },
++
++ # Sanity-check that verification indeed fails without the
++ # permissive callback.
++ {
++ name => "verify-fail-no-root",
++ server => { },
++ client => {
++ # Don't set up the client root file.
++ "VerifyCAFile" => undef,
++ },
++ test => {
++ "ExpectedResult" => "ClientFail",
++ "ClientAlert" => "UnknownCA",
++ },
++ },
++
++ # Same test as above but with a custom callback that always succeeds.
++ {
++ name => "verify-custom-success-no-root",
++ server => { },
++ client => {
++ "VerifyCAFile" => undef,
++ },
++ test => {
++ "ClientVerifyCallback" => "AcceptAll",
++ "ExpectedResult" => "Success"
++ },
++ },
++
++ # Same test as above but with a custom callback that always fails.
++ {
++ name => "verify-custom-fail-no-root",
++ server => { },
++ client => {
++ "VerifyCAFile" => undef,
++ },
++ test => {
++ "ClientVerifyCallback" => "RejectAll",
++ "ExpectedResult" => "ClientFail",
++ "ClientAlert" => "HandshakeFailure",
++ },
++ },
++
++
++
++);
+diff --git a/test/ssl-tests/ssltests_base.pm b/test/ssl-tests/ssltests_base.pm
+index 387043e..303224a 100644
+--- a/test/ssl-tests/ssltests_base.pm
++++ b/test/ssl-tests/ssltests_base.pm
+@@ -1,4 +1,10 @@
+ # -*- mode: perl; -*-
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ ## SSL test configurations
+
+diff --git a/test/ssl_test.c b/test/ssl_test.c
+index dfe71cb..a86f231 100644
+--- a/test/ssl_test.c
++++ b/test/ssl_test.c
+@@ -1,11 +1,10 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #include <stdio.h>
+@@ -44,8 +43,8 @@ static int check_result(HANDSHAKE_RESULT result, SSL_TEST_CTX *test_ctx)
+ {
+ if (result.result != test_ctx->expected_result) {
+ fprintf(stderr, "ExpectedResult mismatch: expected %s, got %s.\n",
+- ssl_test_result_t_name(test_ctx->expected_result),
+- ssl_test_result_t_name(result.result));
++ ssl_test_result_name(test_ctx->expected_result),
++ ssl_test_result_name(result.result));
+ return 0;
+ }
+ return 1;
+@@ -160,7 +159,7 @@ static int execute_test(SSL_TEST_FIXTURE fixture)
+ if (test_ctx == NULL)
+ goto err;
+
+- result = do_handshake(server_ctx, client_ctx);
++ result = do_handshake(server_ctx, client_ctx, test_ctx);
+
+ ret = check_test(result, test_ctx);
+
+diff --git a/test/ssl_test_ctx.c b/test/ssl_test_ctx.c
+index 0c1bbbd..cfad185 100644
+--- a/test/ssl_test_ctx.c
++++ b/test/ssl_test_ctx.c
+@@ -1,11 +1,10 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #include <string.h>
+@@ -71,7 +70,7 @@ __owur static int parse_expected_result(SSL_TEST_CTX *test_ctx, const char *valu
+ return 1;
+ }
+
+-const char *ssl_test_result_t_name(ssl_test_result_t result)
++const char *ssl_test_result_name(ssl_test_result_t result)
+ {
+ return enum_name(ssl_test_results, OSSL_NELEM(ssl_test_results), result);
+ }
+@@ -82,6 +81,7 @@ const char *ssl_test_result_t_name(ssl_test_result_t result)
+
+ static const test_enum ssl_alerts[] = {
+ {"UnknownCA", SSL_AD_UNKNOWN_CA},
++ {"HandshakeFailure", SSL_AD_HANDSHAKE_FAILURE},
+ };
+
+ __owur static int parse_alert(int *alert, const char *value)
+@@ -126,6 +126,34 @@ const char *ssl_protocol_name(int protocol)
+ return enum_name(ssl_protocols, OSSL_NELEM(ssl_protocols), protocol);
+ }
+
++/***********************/
++/* CertVerifyCallback. */
++/***********************/
++
++static const test_enum ssl_verify_callbacks[] = {
++ {"None", SSL_TEST_VERIFY_NONE},
++ {"AcceptAll", SSL_TEST_VERIFY_ACCEPT_ALL},
++ {"RejectAll", SSL_TEST_VERIFY_REJECT_ALL},
++};
++
++__owur static int parse_client_verify_callback(SSL_TEST_CTX *test_ctx,
++ const char *value)
++{
++ int ret_value;
++ if (!parse_enum(ssl_verify_callbacks, OSSL_NELEM(ssl_verify_callbacks),
++ &ret_value, value)) {
++ return 0;
++ }
++ test_ctx->client_verify_callback = ret_value;
++ return 1;
++}
++
++const char *ssl_verify_callback_name(ssl_verify_callback_t callback)
++{
++ return enum_name(ssl_verify_callbacks, OSSL_NELEM(ssl_verify_callbacks),
++ callback);
++}
++
+
+ /*************************************************************/
+ /* Known test options and their corresponding parse methods. */
+@@ -141,6 +169,7 @@ static const ssl_test_ctx_option ssl_test_ctx_options[] = {
+ { "ClientAlert", &parse_client_alert },
+ { "ServerAlert", &parse_server_alert },
+ { "Protocol", &parse_protocol },
++ { "ClientVerifyCallback", &parse_client_verify_callback },
+ };
+
+
+@@ -153,7 +182,6 @@ SSL_TEST_CTX *SSL_TEST_CTX_new()
+ SSL_TEST_CTX *ret;
+ ret = OPENSSL_zalloc(sizeof(*ret));
+ OPENSSL_assert(ret != NULL);
+- ret->expected_result = SSL_TEST_SUCCESS;
+ return ret;
+ }
+
+diff --git a/test/ssl_test_ctx.h b/test/ssl_test_ctx.h
+index a183272..fe92807 100644
+--- a/test/ssl_test_ctx.h
++++ b/test/ssl_test_ctx.h
+@@ -1,11 +1,10 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ #ifndef HEADER_SSL_TEST_CTX_H
+@@ -15,12 +14,18 @@
+ #include <openssl/ssl.h>
+
+ typedef enum {
+- SSL_TEST_SUCCESS, /* Default */
++ SSL_TEST_SUCCESS = 0, /* Default */
+ SSL_TEST_SERVER_FAIL,
+ SSL_TEST_CLIENT_FAIL,
+ SSL_TEST_INTERNAL_ERROR
+ } ssl_test_result_t;
+
++typedef enum {
++ SSL_TEST_VERIFY_NONE = 0, /* Default */
++ SSL_TEST_VERIFY_ACCEPT_ALL,
++ SSL_TEST_VERIFY_REJECT_ALL
++} ssl_verify_callback_t;
++
+ typedef struct ssl_test_ctx {
+ /* Test expectations. */
+ /* Defaults to SUCCESS. */
+@@ -34,11 +39,14 @@ typedef struct ssl_test_ctx {
+ /* Negotiated protocol version. 0 if no expectation. */
+ /* See ssl.h for protocol versions. */
+ int protocol;
++ /* One of a number of predefined custom callbacks. */
++ ssl_verify_callback_t client_verify_callback;
+ } SSL_TEST_CTX;
+
+-const char *ssl_test_result_t_name(ssl_test_result_t result);
++const char *ssl_test_result_name(ssl_test_result_t result);
+ const char *ssl_alert_name(int alert);
+ const char *ssl_protocol_name(int protocol);
++const char *ssl_verify_callback_name(ssl_verify_callback_t verify_callback);
+
+ /*
+ * Load the test case context from |conf|.
+diff --git a/test/ssl_test_ctx_test.c b/test/ssl_test_ctx_test.c
+index 3c6fa71..d24bcd7 100644
+--- a/test/ssl_test_ctx_test.c
++++ b/test/ssl_test_ctx_test.c
+@@ -1,11 +1,10 @@
+ /*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Licensed under the OpenSSL licenses, (the "License");
+- * you may not use this file except in compliance with the License.
+- * You may obtain a copy of the License at
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+- * or in the file LICENSE in the source distribution.
+ */
+
+ /*
+@@ -37,26 +36,32 @@ static int SSL_TEST_CTX_equal(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2)
+ {
+ if (ctx->expected_result != ctx2->expected_result) {
+ fprintf(stderr, "ExpectedResult mismatch: %s vs %s.\n",
+- ssl_test_result_t_name(ctx->expected_result),
+- ssl_test_result_t_name(ctx2->expected_result));
++ ssl_test_result_name(ctx->expected_result),
++ ssl_test_result_name(ctx2->expected_result));
+ return 0;
+ }
+ if (ctx->client_alert != ctx2->client_alert) {
+ fprintf(stderr, "ClientAlert mismatch: %s vs %s.\n",
+- ssl_alert_name(ctx->expected_result),
+- ssl_alert_name(ctx2->expected_result));
++ ssl_alert_name(ctx->client_alert),
++ ssl_alert_name(ctx2->client_alert));
+ return 0;
+ }
+ if (ctx->server_alert != ctx2->server_alert) {
+ fprintf(stderr, "ServerAlert mismatch: %s vs %s.\n",
+- ssl_alert_name(ctx->expected_result),
+- ssl_alert_name(ctx2->expected_result));
++ ssl_alert_name(ctx->server_alert),
++ ssl_alert_name(ctx2->server_alert));
+ return 0;
+ }
+ if (ctx->protocol != ctx2->protocol) {
+ fprintf(stderr, "ClientAlert mismatch: %s vs %s.\n",
+- ssl_protocol_name(ctx->expected_result),
+- ssl_protocol_name(ctx2->expected_result));
++ ssl_protocol_name(ctx->protocol),
++ ssl_protocol_name(ctx2->protocol));
++ return 0;
++ }
++ if (ctx->client_verify_callback != ctx2->client_verify_callback) {
++ fprintf(stderr, "ClientVerifyCallback mismatch: %s vs %s.\n",
++ ssl_verify_callback_name(ctx->client_verify_callback),
++ ssl_verify_callback_name(ctx2->client_verify_callback));
+ return 0;
+ }
+
+@@ -136,6 +141,7 @@ static int test_good_configuration()
+ fixture.expected_ctx->client_alert = SSL_AD_UNKNOWN_CA;
+ fixture.expected_ctx->server_alert = 0; /* No alert. */
+ fixture.expected_ctx->protocol = TLS1_1_VERSION;
++ fixture.expected_ctx->client_verify_callback = SSL_TEST_VERIFY_REJECT_ALL,
+ EXECUTE_SSL_TEST_CTX_TEST();
+ }
+
+@@ -144,6 +150,7 @@ static const char *bad_configurations[] = {
+ "ssltest_unknown_expected_result",
+ "ssltest_unknown_alert",
+ "ssltest_unknown_protocol",
++ "ssltest_unknown_verify_callback",
+ };
+
+ static int test_bad_configuration(int idx)
+diff --git a/test/ssl_test_ctx_test.conf b/test/ssl_test_ctx_test.conf
+index 2e6800e..3b14605 100644
+--- a/test/ssl_test_ctx_test.conf
++++ b/test/ssl_test_ctx_test.conf
+@@ -4,6 +4,7 @@
+ ExpectedResult = ServerFail
+ ClientAlert = UnknownCA
+ Protocol = TLSv1.1
++ClientVerifyCallback = RejectAll
+
+ [ssltest_unknown_option]
+ UnknownOption = Foo
+@@ -16,3 +17,6 @@ ServerAlert = Foo
+
+ [ssltest_unknown_protocol]
+ Protocol = Foo
++
++[ssltest_unknown_verify_callback]
++ClientVerifyCallback = Foo
+diff --git a/test/ssltest_old.c b/test/ssltest_old.c
+index 2fd7da8..f7db91c 100644
+--- a/test/ssltest_old.c
++++ b/test/ssltest_old.c
+@@ -1,112 +1,12 @@
+-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+- * All rights reserved.
+- *
+- * This package is an SSL implementation written
+- * by Eric Young (eay at cryptsoft.com).
+- * The implementation was written so as to conform with Netscapes SSL.
+- *
+- * This library is free for commercial and non-commercial use as long as
+- * the following conditions are aheared to. The following conditions
+- * apply to all code found in this distribution, be it the RC4, RSA,
+- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+- * included with this distribution is covered by the same copyright terms
+- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+- *
+- * Copyright remains Eric Young's, and as such any Copyright notices in
+- * the code are not to be removed.
+- * If this package is used in a product, Eric Young should be given attribution
+- * as the author of the parts of the library used.
+- * This can be in the form of a textual message at program startup or
+- * in documentation (online or textual) provided with the package.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the copyright
+- * notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in the
+- * documentation and/or other materials provided with the distribution.
+- * 3. All advertising materials mentioning features or use of this software
+- * must display the following acknowledgement:
+- * "This product includes cryptographic software written by
+- * Eric Young (eay at cryptsoft.com)"
+- * The word 'cryptographic' can be left out if the rouines from the library
+- * being used are not cryptographic related :-).
+- * 4. If you include any Windows specific code (or a derivative thereof) from
+- * the apps directory (application code) you must include an acknowledgement:
+- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- * The licence and distribution terms for any publically available version or
+- * derivative of this code cannot be changed. i.e. this code cannot simply be
+- * copied and put under another distribution licence
+- * [including the GNU Public Licence.]
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++/*
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ /* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+@@ -191,7 +91,6 @@
+ # include <openssl/ct.h>
+ #endif
+
+-#include "internal/threads.h"
+ #include "../ssl/ssl_locl.h"
+
+ /*
+@@ -223,9 +122,6 @@ static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
+ struct app_verify_arg {
+ char *string;
+ int app_verify;
+- int allow_proxy_certs;
+- char *proxy_auth;
+- char *proxy_cond;
+ };
+
+ #ifndef OPENSSL_NO_DH
+@@ -799,7 +695,6 @@ int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family,
+ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
+ clock_t *c_time);
+ int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
+-static int do_test_cipherlist(void);
+
+ static void sv_usage(void)
+ {
+@@ -810,10 +705,6 @@ static void sv_usage(void)
+ #endif
+ fprintf(stderr, " -server_auth - check server certificate\n");
+ fprintf(stderr, " -client_auth - do client authentication\n");
+- fprintf(stderr, " -proxy - allow proxy certificates\n");
+- fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
+- fprintf(stderr,
+- " -proxy_cond <val> - expression to test proxy policy rights\n");
+ fprintf(stderr, " -v - more output\n");
+ fprintf(stderr, " -d - debug output\n");
+ fprintf(stderr, " -reuse - use session-id reuse\n");
+@@ -870,10 +761,6 @@ static void sv_usage(void)
+ fprintf(stderr,
+ " -time - measure processor time used by client and server\n");
+ fprintf(stderr, " -zlib - use zlib compression\n");
+- fprintf(stderr,
+- " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
+- " When this option is requested, the cipherlist\n"
+- " tests are run instead of handshake tests.\n");
+ #ifndef OPENSSL_NO_NEXTPROTONEG
+ fprintf(stderr, " -npn_client - have client side offer NPN\n");
+ fprintf(stderr, " -npn_server - have server side offer NPN\n");
+@@ -1074,7 +961,7 @@ int main(int argc, char *argv[])
+ int client_auth = 0;
+ int server_auth = 0, i;
+ struct app_verify_arg app_verify_arg =
+- { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
++ { APP_CALLBACK_STRING, 0 };
+ char *p;
+ SSL_CTX *c_ctx = NULL;
+ const SSL_METHOD *meth = NULL;
+@@ -1102,7 +989,6 @@ int main(int argc, char *argv[])
+ COMP_METHOD *cm = NULL;
+ STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
+ #endif
+- int test_cipherlist = 0;
+ #ifdef OPENSSL_FIPS
+ int fips_mode = 0;
+ #endif
+@@ -1185,15 +1071,7 @@ int main(int argc, char *argv[])
+ server_auth = 1;
+ else if (strcmp(*argv, "-client_auth") == 0)
+ client_auth = 1;
+- else if (strcmp(*argv, "-proxy_auth") == 0) {
+- if (--argc < 1)
+- goto bad;
+- app_verify_arg.proxy_auth = *(++argv);
+- } else if (strcmp(*argv, "-proxy_cond") == 0) {
+- if (--argc < 1)
+- goto bad;
+- app_verify_arg.proxy_cond = *(++argv);
+- } else if (strcmp(*argv, "-v") == 0)
++ else if (strcmp(*argv, "-v") == 0)
+ verbose = 1;
+ else if (strcmp(*argv, "-d") == 0)
+ debug = 1;
+@@ -1313,13 +1191,9 @@ int main(int argc, char *argv[])
+ #endif
+ else if (strcmp(*argv, "-app_verify") == 0) {
+ app_verify_arg.app_verify = 1;
+- } else if (strcmp(*argv, "-proxy") == 0) {
+- app_verify_arg.allow_proxy_certs = 1;
+- } else if (strcmp(*argv, "-test_cipherlist") == 0) {
+- test_cipherlist = 1;
+ }
+ #ifndef OPENSSL_NO_NEXTPROTONEG
+- else if (strcmp(*argv, "-npn_client") == 0) {
++ else if (strcmp(*argv, "-npn_client") == 0) {
+ npn_client = 1;
+ } else if (strcmp(*argv, "-npn_server") == 0) {
+ npn_server = 1;
+@@ -1454,22 +1328,6 @@ int main(int argc, char *argv[])
+ goto end;
+ }
+
+- /*
+- * test_cipherlist prevails over protocol switch: we test the cipherlist
+- * for all enabled protocols.
+- */
+- if (test_cipherlist == 1) {
+- /*
+- * ensure that the cipher list are correctly sorted and exit
+- */
+- fprintf(stdout, "Testing cipherlist order only. Ignoring all "
+- "other options.\n");
+- if (do_test_cipherlist() == 0)
+- EXIT(1);
+- ret = 0;
+- goto end;
+- }
+-
+ if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) {
+ fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should "
+ "be requested.\n");
+@@ -3051,23 +2909,6 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
+ return (ret);
+ }
+
+-static CRYPTO_ONCE proxy_auth_ex_data_once = CRYPTO_ONCE_STATIC_INIT;
+-static volatile int proxy_auth_ex_data_idx = -1;
+-
+-static void do_get_proxy_auth_ex_data_idx(void)
+-{
+- proxy_auth_ex_data_idx = X509_STORE_CTX_get_ex_new_index(0,
+- "SSLtest for verify callback",
+- NULL, NULL, NULL);
+-}
+-
+-static int get_proxy_auth_ex_data_idx(void)
+-{
+- CRYPTO_THREAD_run_once(&proxy_auth_ex_data_once,
+- do_get_proxy_auth_ex_data_idx);
+- return proxy_auth_ex_data_idx;
+-}
+-
+ static int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+ char *s, buf[256];
+@@ -3100,341 +2941,13 @@ static int verify_callback(int ok, X509_STORE_CTX *ctx)
+ }
+ }
+
+- if (ok == 1) {
+- X509 *xs = X509_STORE_CTX_get_current_cert(ctx);
+- if (X509_get_extension_flags(xs) & EXFLAG_PROXY) {
+- unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
+- get_proxy_auth_ex_data_idx
+- ());
+-
+- if (letters) {
+- int found_any = 0;
+- int i;
+- PROXY_CERT_INFO_EXTENSION *pci =
+- X509_get_ext_d2i(xs, NID_proxyCertInfo,
+- NULL, NULL);
+-
+- switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
+- case NID_Independent:
+- /*
+- * Completely meaningless in this program, as there's no
+- * way to grant explicit rights to a specific PrC.
+- * Basically, using id-ppl-Independent is the perfect way
+- * to grant no rights at all.
+- */
+- fprintf(stderr, " Independent proxy certificate");
+- for (i = 0; i < 26; i++)
+- letters[i] = 0;
+- break;
+- case NID_id_ppl_inheritAll:
+- /*
+- * This is basically a NOP, we simply let the current
+- * rights stand as they are.
+- */
+- fprintf(stderr, " Proxy certificate inherits all");
+- break;
+- default:
+- s = (char *)
+- pci->proxyPolicy->policy->data;
+- i = pci->proxyPolicy->policy->length;
+-
+- /*
+- * The algorithm works as follows: it is assumed that
+- * previous iterations or the initial granted rights has
+- * already set some elements of `letters'. What we need
+- * to do is to clear those that weren't granted by the
+- * current PrC as well. The easiest way to do this is to
+- * add 1 to all the elements whose letters are given with
+- * the current policy. That way, all elements that are
+- * set by the current policy and were already set by
+- * earlier policies and through the original grant of
+- * rights will get the value 2 or higher. The last thing
+- * to do is to sweep through `letters' and keep the
+- * elements having the value 2 as set, and clear all the
+- * others.
+- */
+-
+- printf(" Certificate proxy rights = %*.*s", i,
+- i, s);
+- while (i-- > 0) {
+- int c = *s++;
+- if (isascii(c) && isalpha(c)) {
+- if (islower(c))
+- c = toupper(c);
+- letters[c - 'A']++;
+- }
+- }
+- for (i = 0; i < 26; i++)
+- if (letters[i] < 2)
+- letters[i] = 0;
+- else
+- letters[i] = 1;
+- }
+-
+- found_any = 0;
+- printf(", resulting proxy rights = ");
+- for (i = 0; i < 26; i++)
+- if (letters[i]) {
+- printf("%c", i + 'A');
+- found_any = 1;
+- }
+- if (!found_any)
+- printf("none");
+- printf("\n");
+-
+- PROXY_CERT_INFO_EXTENSION_free(pci);
+- }
+- }
+- }
+-
+ return (ok);
+ }
+
+-static void process_proxy_debug(int indent, const char *format, ...)
+-{
+- /* That's 80 > */
+- static const char indentation[] =
+- ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
+- ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
+- char my_format[256];
+- va_list args;
+-
+- BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
+- indent, indent, indentation, format);
+-
+- va_start(args, format);
+- vfprintf(stderr, my_format, args);
+- va_end(args);
+-}
+-
+-/*-
+- * Priority levels:
+- * 0 [!]var, ()
+- * 1 & ^
+- * 2 |
+- */
+-static int process_proxy_cond_adders(unsigned int letters[26],
+- const char *cond, const char **cond_end,
+- int *pos, int indent);
+-static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
+- const char **cond_end, int *pos, int indent)
+-{
+- int c;
+- int ok = 1;
+- int negate = 0;
+-
+- while (isspace((int)*cond)) {
+- cond++;
+- (*pos)++;
+- }
+- c = *cond;
+-
+- if (debug)
+- process_proxy_debug(indent,
+- "Start process_proxy_cond_val at position %d: %s\n",
+- *pos, cond);
+-
+- while (c == '!') {
+- negate = !negate;
+- cond++;
+- (*pos)++;
+- while (isspace((int)*cond)) {
+- cond++;
+- (*pos)++;
+- }
+- c = *cond;
+- }
+-
+- if (c == '(') {
+- cond++;
+- (*pos)++;
+- ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
+- indent + 1);
+- cond = *cond_end;
+- if (ok < 0)
+- goto end;
+- while (isspace((int)*cond)) {
+- cond++;
+- (*pos)++;
+- }
+- c = *cond;
+- if (c != ')') {
+- fprintf(stderr,
+- "Weird condition character in position %d: "
+- "%c\n", *pos, c);
+- ok = -1;
+- goto end;
+- }
+- cond++;
+- (*pos)++;
+- } else if (isascii(c) && isalpha(c)) {
+- if (islower(c))
+- c = toupper(c);
+- ok = letters[c - 'A'];
+- cond++;
+- (*pos)++;
+- } else {
+- fprintf(stderr,
+- "Weird condition character in position %d: " "%c\n", *pos, c);
+- ok = -1;
+- goto end;
+- }
+- end:
+- *cond_end = cond;
+- if (ok >= 0 && negate)
+- ok = !ok;
+-
+- if (debug)
+- process_proxy_debug(indent,
+- "End process_proxy_cond_val at position %d: %s, returning %d\n",
+- *pos, cond, ok);
+-
+- return ok;
+-}
+-
+-static int process_proxy_cond_multipliers(unsigned int letters[26],
+- const char *cond,
+- const char **cond_end, int *pos,
+- int indent)
+-{
+- int ok;
+- char c;
+-
+- if (debug)
+- process_proxy_debug(indent,
+- "Start process_proxy_cond_multipliers at position %d: %s\n",
+- *pos, cond);
+-
+- ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
+- cond = *cond_end;
+- if (ok < 0)
+- goto end;
+-
+- while (ok >= 0) {
+- while (isspace((int)*cond)) {
+- cond++;
+- (*pos)++;
+- }
+- c = *cond;
+-
+- switch (c) {
+- case '&':
+- case '^':
+- {
+- int save_ok = ok;
+-
+- cond++;
+- (*pos)++;
+- ok = process_proxy_cond_val(letters,
+- cond, cond_end, pos, indent + 1);
+- cond = *cond_end;
+- if (ok < 0)
+- break;
+-
+- switch (c) {
+- case '&':
+- ok &= save_ok;
+- break;
+- case '^':
+- ok ^= save_ok;
+- break;
+- default:
+- fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
+- " STOPPING\n");
+- EXIT(1);
+- }
+- }
+- break;
+- default:
+- goto end;
+- }
+- }
+- end:
+- if (debug)
+- process_proxy_debug(indent,
+- "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
+- *pos, cond, ok);
+-
+- *cond_end = cond;
+- return ok;
+-}
+-
+-static int process_proxy_cond_adders(unsigned int letters[26],
+- const char *cond, const char **cond_end,
+- int *pos, int indent)
+-{
+- int ok;
+- char c;
+-
+- if (debug)
+- process_proxy_debug(indent,
+- "Start process_proxy_cond_adders at position %d: %s\n",
+- *pos, cond);
+-
+- ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
+- indent + 1);
+- cond = *cond_end;
+- if (ok < 0)
+- goto end;
+-
+- while (ok >= 0) {
+- while (isspace((int)*cond)) {
+- cond++;
+- (*pos)++;
+- }
+- c = *cond;
+-
+- switch (c) {
+- case '|':
+- {
+- int save_ok = ok;
+-
+- cond++;
+- (*pos)++;
+- ok = process_proxy_cond_multipliers(letters,
+- cond, cond_end, pos,
+- indent + 1);
+- cond = *cond_end;
+- if (ok < 0)
+- break;
+-
+- switch (c) {
+- case '|':
+- ok |= save_ok;
+- break;
+- default:
+- fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
+- " STOPPING\n");
+- EXIT(1);
+- }
+- }
+- break;
+- default:
+- goto end;
+- }
+- }
+- end:
+- if (debug)
+- process_proxy_debug(indent,
+- "End process_proxy_cond_adders at position %d: %s, returning %d\n",
+- *pos, cond, ok);
+-
+- *cond_end = cond;
+- return ok;
+-}
+-
+-static int process_proxy_cond(unsigned int letters[26],
+- const char *cond, const char **cond_end)
+-{
+- int pos = 1;
+- return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
+-}
+-
+ static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
+ {
+ int ok = 1;
+ struct app_verify_arg *cb_arg = arg;
+- unsigned int letters[26]; /* only used with proxy_auth */
+
+ if (cb_arg->app_verify) {
+ char *s = NULL, buf[256];
+@@ -3452,61 +2965,9 @@ static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
+ }
+ return (1);
+ }
+- if (cb_arg->proxy_auth) {
+- int found_any = 0, i;
+- char *sp;
+-
+- for (i = 0; i < 26; i++)
+- letters[i] = 0;
+- for (sp = cb_arg->proxy_auth; *sp; sp++) {
+- int c = *sp;
+- if (isascii(c) && isalpha(c)) {
+- if (islower(c))
+- c = toupper(c);
+- letters[c - 'A'] = 1;
+- }
+- }
+-
+- printf(" Initial proxy rights = ");
+- for (i = 0; i < 26; i++)
+- if (letters[i]) {
+- printf("%c", i + 'A');
+- found_any = 1;
+- }
+- if (!found_any)
+- printf("none");
+- printf("\n");
+
+- X509_STORE_CTX_set_ex_data(ctx,
+- get_proxy_auth_ex_data_idx(), letters);
+- }
+- if (cb_arg->allow_proxy_certs) {
+- X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
+- }
+ ok = X509_verify_cert(ctx);
+
+- if (cb_arg->proxy_auth) {
+- if (ok > 0) {
+- const char *cond_end = NULL;
+-
+- ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
+-
+- if (ok < 0)
+- EXIT(3);
+- if (*cond_end) {
+- fprintf(stderr,
+- "Stopped processing condition before it's end.\n");
+- ok = 0;
+- }
+- if (!ok)
+- fprintf(stderr,
+- "Proxy rights check with condition '%s' invalid\n",
+- cb_arg->proxy_cond);
+- else
+- printf("Proxy rights check with condition '%s' ok\n",
+- cb_arg->proxy_cond);
+- }
+- }
+ return (ok);
+ }
+
+@@ -3726,33 +3187,3 @@ static unsigned int psk_server_callback(SSL *ssl, const char *identity,
+ return psk_len;
+ }
+ #endif
+-
+-static int do_test_cipherlist(void)
+-{
+-#ifndef OPENSSL_NO_TLS
+- int i = 0;
+- const SSL_METHOD *meth;
+- const SSL_CIPHER *ci, *tci = NULL;
+-
+- /*
+- * This is required because ssltest "cheats" and uses internal headers to
+- * call functions, thus avoiding auto-init
+- */
+- OPENSSL_init_crypto(0, NULL);
+- OPENSSL_init_ssl(0, NULL);
+-
+- meth = TLS_method();
+- tci = NULL;
+- while ((ci = meth->get_cipher(i++)) != NULL) {
+- if (tci != NULL)
+- if (ci->id >= tci->id) {
+- fprintf(stderr, "testing SSLv3 cipher list order: ");
+- fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
+- return 0;
+- }
+- tci = ci;
+- }
+-#endif
+-
+- return 1;
+-}
+diff --git a/test/testlib/OpenSSL/Test.pm b/test/testlib/OpenSSL/Test.pm
+index 28c915a..8a7d0a0 100644
+--- a/test/testlib/OpenSSL/Test.pm
++++ b/test/testlib/OpenSSL/Test.pm
+@@ -1,3 +1,10 @@
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ package OpenSSL::Test;
+
+ use strict;
+@@ -728,8 +735,8 @@ sub __exeext {
+ sub __test_file {
+ BAIL_OUT("Must run setup() first") if (! $test_name);
+
+- my $f = pop . __exeext();
+- $f = catfile($directories{BLDTEST}, at _,$f);
++ my $f = pop;
++ $f = catfile($directories{BLDTEST}, at _,$f . __exeext());
+ $f = catfile($directories{SRCTEST}, at _,$f) unless -x $f;
+ return $f;
+ }
+@@ -746,8 +753,8 @@ sub __perltest_file {
+ sub __apps_file {
+ BAIL_OUT("Must run setup() first") if (! $test_name);
+
+- my $f = pop . __exeext();
+- $f = catfile($directories{BLDAPPS}, at _,$f);
++ my $f = pop;
++ $f = catfile($directories{BLDAPPS}, at _,$f . __exeext());
+ $f = catfile($directories{SRCAPPS}, at _,$f) unless -x $f;
+ return $f;
+ }
+diff --git a/test/testlib/OpenSSL/Test/Simple.pm b/test/testlib/OpenSSL/Test/Simple.pm
+index b596e5f..c5a84d5 100644
+--- a/test/testlib/OpenSSL/Test/Simple.pm
++++ b/test/testlib/OpenSSL/Test/Simple.pm
+@@ -1,3 +1,10 @@
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ package OpenSSL::Test::Simple;
+
+ use strict;
+diff --git a/test/testlib/OpenSSL/Test/Utils.pm b/test/testlib/OpenSSL/Test/Utils.pm
+index da35b14..665bfc6 100644
+--- a/test/testlib/OpenSSL/Test/Utils.pm
++++ b/test/testlib/OpenSSL/Test/Utils.pm
+@@ -1,3 +1,10 @@
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ package OpenSSL::Test::Utils;
+
+ use strict;
+@@ -131,7 +138,7 @@ sub alldisabled {
+ return allof(@ret);
+ }
+
+-#!!! Kept for backward compatibility
++# !!! Kept for backward compatibility
+ # args:
+ # single string
+ sub disabled {
+diff --git a/test/testutil.c b/test/testutil.c
+index 3f63784..9a67630 100644
+--- a/test/testutil.c
++++ b/test/testutil.c
+@@ -1,58 +1,10 @@
+-/*-
+- * Utilities for writing OpenSSL unit tests.
+- *
+- * More information:
+- * http://wiki.openssl.org/index.php/How_To_Write_Unit_Tests_For_OpenSSL
+- *
+- * Author: Mike Bland (mbland at acm.org)
+- * Date: 2014-07-15
+- * ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include "testutil.h"
+diff --git a/test/testutil.h b/test/testutil.h
+index 2ae3d7d..0170a22 100644
+--- a/test/testutil.h
++++ b/test/testutil.h
+@@ -1,58 +1,10 @@
+-/*-
+- * Utilities for writing OpenSSL unit tests.
+- *
+- * More information:
+- * http://wiki.openssl.org/index.php/How_To_Write_Unit_Tests_For_OpenSSL
+- *
+- * Author: Mike Bland (mbland at acm.org)
+- * Date: 2014-06-07
+- * ====================================================================
+- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * licensing at OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++/*
++ * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #ifndef HEADER_TESTUTIL_H
+diff --git a/test/threadstest.c b/test/threadstest.c
+index e3a9ff5..db864b2 100644
+--- a/test/threadstest.c
++++ b/test/threadstest.c
+@@ -1,56 +1,15 @@
+-/* ====================================================================
+- * Copyright (c) 2016 The OpenSSL Project. All rights reserved.
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+
+ #include <openssl/crypto.h>
+-#include "internal/threads.h"
+
+ #if !defined(OPENSSL_THREADS) || defined(CRYPTO_TDEBUG)
+
+diff --git a/test/v3nametest.c b/test/v3nametest.c
+index ac5c9ff..648c1df 100644
+--- a/test/v3nametest.c
++++ b/test/v3nametest.c
+@@ -1,3 +1,12 @@
++/*
++ * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
+ #include <openssl/x509.h>
+ #include <openssl/x509v3.h>
+ #include "../e_os.h"
+diff --git a/test/verify_extra_test.c b/test/verify_extra_test.c
+index 8362de4..cbc6d8c 100644
+--- a/test/verify_extra_test.c
++++ b/test/verify_extra_test.c
+@@ -1,58 +1,10 @@
+ /*
+- * Written by Matt Caswell for the OpenSSL project.
+- */
+-/* ====================================================================
+- * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core at openssl.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay at cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh at cryptsoft.com).
++ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+diff --git a/test/wp_test.c b/test/wp_test.c
+index de7aa3d..40859ba 100644
+--- a/test/wp_test.c
++++ b/test/wp_test.c
+@@ -1,7 +1,12 @@
+-/* ====================================================================
+- * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+- * ====================================================================
++/*
++ * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
++
+ #include <stdio.h>
+ #include <string.h>
+ #include <stdlib.h>
+diff --git a/test/x509aux.c b/test/x509aux.c
+new file mode 100644
+index 0000000..4f00196
+--- /dev/null
++++ b/test/x509aux.c
+@@ -0,0 +1,226 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL licenses, (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ * https://www.openssl.org/source/license.html
++ * or in the file LICENSE in the source distribution.
++ */
++
++#include <stdio.h>
++#include <string.h>
++#include <errno.h>
++
++#include <openssl/x509.h>
++#include <openssl/pem.h>
++#include <openssl/conf.h>
++#include <openssl/err.h>
++
++#include "../e_os.h"
++
++static const char *progname;
++
++static void test_usage(void)
++{
++ fprintf(stderr, "usage: %s certfile\n", progname);
++}
++
++static void print_errors(void)
++{
++ unsigned long err;
++ char buffer[1024];
++ const char *file;
++ const char *data;
++ int line;
++ int flags;
++
++ while ((err = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
++ ERR_error_string_n(err, buffer, sizeof(buffer));
++ if (flags & ERR_TXT_STRING)
++ fprintf(stderr, "Error: %s:%s:%d:%s\n", buffer, file, line, data);
++ else
++ fprintf(stderr, "Error: %s:%s:%d\n", buffer, file, line);
++ }
++}
++
++static int test_certs(BIO *fp)
++{
++ int count;
++ char *name = 0;
++ char *header = 0;
++ unsigned char *data = 0;
++ long len;
++ typedef X509 *(*d2i_X509_t)(X509 **, const unsigned char **, long);
++ typedef int (*i2d_X509_t)(X509 *, unsigned char **);
++ int err = 0;
++
++ for (count = 0;
++ !err && PEM_read_bio(fp, &name, &header, &data, &len);
++ ++count) {
++ int trusted = strcmp(name, PEM_STRING_X509_TRUSTED) == 0;
++ d2i_X509_t d2i = trusted ? d2i_X509_AUX : d2i_X509;
++ i2d_X509_t i2d = trusted ? i2d_X509_AUX : i2d_X509;
++ X509 *cert = NULL;
++ const unsigned char *p = data;
++ unsigned char *buf = NULL;
++ unsigned char *bufp;
++ long enclen;
++
++ if (!trusted
++ && strcmp(name, PEM_STRING_X509) != 0
++ && strcmp(name, PEM_STRING_X509_OLD) != 0) {
++ fprintf(stderr, "unexpected PEM object: %s\n", name);
++ err = 1;
++ goto next;
++ }
++ cert = d2i(NULL, &p, len);
++
++ if (cert == NULL || (p - data) != len) {
++ fprintf(stderr, "error parsing input %s\n", name);
++ err = 1;
++ goto next;
++ }
++
++ /* Test traditional 2-pass encoding into caller allocated buffer */
++ enclen = i2d(cert, NULL);
++ if (len != enclen) {
++ fprintf(stderr, "encoded length %ld of %s != input length %ld\n",
++ enclen, name, len);
++ err = 1;
++ goto next;
++ }
++ if ((buf = bufp = OPENSSL_malloc(len)) == NULL) {
++ perror("malloc");
++ err = 1;
++ goto next;
++ }
++ enclen = i2d(cert, &bufp);
++ if (len != enclen) {
++ fprintf(stderr, "encoded length %ld of %s != input length %ld\n",
++ enclen, name, len);
++ err = 1;
++ goto next;
++ }
++ enclen = (long) (bufp - buf);
++ if (enclen != len) {
++ fprintf(stderr, "unexpected buffer position after encoding %s\n",
++ name);
++ err = 1;
++ goto next;
++ }
++ if (memcmp(buf, data, len) != 0) {
++ fprintf(stderr, "encoded content of %s does not match input\n",
++ name);
++ err = 1;
++ goto next;
++ }
++ OPENSSL_free(buf);
++ buf = NULL;
++
++ /* Test 1-pass encoding into library allocated buffer */
++ enclen = i2d(cert, &buf);
++ if (len != enclen) {
++ fprintf(stderr, "encoded length %ld of %s != input length %ld\n",
++ enclen, name, len);
++ err = 1;
++ goto next;
++ }
++ if (memcmp(buf, data, len) != 0) {
++ fprintf(stderr, "encoded content of %s does not match input\n",
++ name);
++ err = 1;
++ goto next;
++ }
++
++ if (trusted) {
++ /* Encode just the cert and compare with initial encoding */
++ OPENSSL_free(buf);
++ buf = NULL;
++
++ /* Test 1-pass encoding into library allocated buffer */
++ enclen = i2d(cert, &buf);
++ if (enclen > len) {
++ fprintf(stderr, "encoded length %ld of %s > input length %ld\n",
++ enclen, name, len);
++ err = 1;
++ goto next;
++ }
++ if (memcmp(buf, data, enclen) != 0) {
++ fprintf(stderr, "encoded cert content does not match input\n");
++ err = 1;
++ goto next;
++ }
++ }
++
++ /*
++ * If any of these were null, PEM_read() would have failed.
++ */
++ next:
++ X509_free(cert);
++ OPENSSL_free(buf);
++ OPENSSL_free(name);
++ OPENSSL_free(header);
++ OPENSSL_free(data);
++ }
++
++ if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) {
++ /* Reached end of PEM file */
++ if (count > 0) {
++ ERR_clear_error();
++ return 1;
++ }
++ }
++
++ /* Some other PEM read error */
++ print_errors();
++ return 0;
++}
++
++int main(int argc, char *argv[])
++{
++ BIO *bio_err;
++ const char *certfile;
++ const char *p;
++ int ret = 1;
++
++ progname = argv[0];
++ if (argc < 2) {
++ test_usage();
++ EXIT(ret);
++ }
++
++ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
++
++ p = getenv("OPENSSL_DEBUG_MEMORY");
++ if (p != NULL && strcmp(p, "on") == 0)
++ CRYPTO_set_mem_debug(1);
++ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
++
++ while ((certfile = *++argv) != NULL) {
++ BIO *f = BIO_new_file(certfile, "r");
++ int ok;
++
++ if (f == NULL) {
++ fprintf(stderr, "%s: Error opening cert file: '%s': %s\n",
++ progname, certfile, strerror(errno));
++ EXIT(ret);
++ }
++ ret = !(ok = test_certs(f));
++ BIO_free(f);
++
++ if (!ok) {
++ printf("%s ERROR\n", certfile);
++ ret = 1;
++ break;
++ }
++ printf("%s OK\n", certfile);
++ }
++
++#ifndef OPENSSL_NO_CRYPTO_MDEBUG
++ if (CRYPTO_mem_leaks(bio_err) <= 0)
++ ret = 1;
++#endif
++ BIO_free(bio_err);
++ EXIT(ret);
++}
+diff --git a/tools/Makefile.in b/tools/Makefile.in
+deleted file mode 100644
+index dec5f75..0000000
+--- a/tools/Makefile.in
++++ /dev/null
+@@ -1,62 +0,0 @@
+-#
+-# OpenSSL/tools/Makefile
+-#
+-
+-DIR= tools
+-TOP= ..
+-CC= cc
+-INCLUDES= -I$(TOP) -I../../include
+-CFLAG=-g
+-MAKEFILE= Makefile
+-
+-CFLAGS= $(INCLUDES) $(CFLAG)
+-
+-GENERAL=Makefile
+-APPS= c_rehash
+-MISC_APPS= c_hash c_info c_issuer c_name
+-
+-all: apps
+-
+-apps: $(APPS)
+-
+-install:
+- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+- @for i in $(APPS) ; \
+- do \
+- (cp $$i $(DESTDIR)$(INSTALLTOP)/bin/$$i.new; \
+- chmod 755 $(DESTDIR)$(INSTALLTOP)/bin/$$i.new; \
+- mv -f $(DESTDIR)$(INSTALLTOP)/bin/$$i.new $(DESTDIR)$(INSTALLTOP)/bin/$$i ); \
+- done;
+- @for i in $(MISC_APPS) ; \
+- do \
+- (cp $$i $(DESTDIR)$(OPENSSLDIR)/misc/$$i.new; \
+- chmod 755 $(DESTDIR)$(OPENSSLDIR)/misc/$$i.new; \
+- mv -f $(DESTDIR)$(OPENSSLDIR)/misc/$$i.new $(DESTDIR)$(OPENSSLDIR)/misc/$$i ); \
+- done;
+-
+-uninstall:
+- @for i in $(APPS) ; \
+- do \
+- echo $(RM) $(DESTDIR)$(INSTALLTOP)/bin/$$i; \
+- $(RM) $(DESTDIR)$(INSTALLTOP)/bin/$$i; \
+- done;
+- @for i in $(MISC_APPS) ; \
+- do \
+- echo $(RM) $(DESTDIR)$(OPENSSLDIR)/misc/$$i; \
+- $(RM) $(DESTDIR)$(OPENSSLDIR)/misc/$$i; \
+- done;
+-
+-errors:
+-
+-depend:
+-
+-clean:
+- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+-
+-errors:
+-
+-c_rehash: c_rehash.in
+- $(PERL) -I$(TOP) -Mconfigdata $(TOP)/util/dofile.pl -otools/Makefile c_rehash.in > c_rehash.new
+- mv c_rehash.new c_rehash
+-
+-# DO NOT DELETE THIS LINE -- make depend depends on it.
+diff --git a/tools/build.info b/tools/build.info
+index 3810fbc..059e582 100644
+--- a/tools/build.info
++++ b/tools/build.info
+@@ -1,4 +1,7 @@
++{- our $c_rehash_name =
++ $config{target} =~ /^(VC|vms)-/ ? "c_rehash.pl" : "c_rehash";
++ "" -}
+ IF[{- !$disabled{apps} -}]
+- SCRIPTS=c_rehash
+- SOURCE[c_rehash]=c_rehash.in
++ SCRIPTS={- $c_rehash_name -}
++ SOURCE[{- $c_rehash_name -}]=c_rehash.in
+ ENDIF
+diff --git a/util/TLSProxy/ClientHello.pm b/util/TLSProxy/ClientHello.pm
+index 0586cf9..ec739d2 100644
+--- a/util/TLSProxy/ClientHello.pm
++++ b/util/TLSProxy/ClientHello.pm
+@@ -1,55 +1,9 @@
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+
+diff --git a/util/TLSProxy/Message.pm b/util/TLSProxy/Message.pm
+index bbb0ad7..85d5d6b 100644
+--- a/util/TLSProxy/Message.pm
++++ b/util/TLSProxy/Message.pm
+@@ -1,55 +1,9 @@
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+
+diff --git a/util/TLSProxy/NewSessionTicket.pm b/util/TLSProxy/NewSessionTicket.pm
+index 4e8c713..e509985 100644
+--- a/util/TLSProxy/NewSessionTicket.pm
++++ b/util/TLSProxy/NewSessionTicket.pm
+@@ -1,54 +1,9 @@
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+
+diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm
+index fcbe248..3b03ea9 100644
+--- a/util/TLSProxy/Proxy.pm
++++ b/util/TLSProxy/Proxy.pm
+@@ -1,55 +1,9 @@
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+ use POSIX ":sys_wait_h";
+@@ -272,15 +226,19 @@ sub clientstart
+ do {
+ my $servaddr = $self->server_addr;
+ $servaddr =~ s/[\[\]]//g; # Remove [ and ]
+- $server_sock = $IP_factory->(
+- PeerAddr => $servaddr,
+- PeerPort => $self->server_port,
+- MultiHomed => 1,
+- Proto => 'tcp'
+- );
++ eval {
++ $server_sock = $IP_factory->(
++ PeerAddr => $servaddr,
++ PeerPort => $self->server_port,
++ MultiHomed => 1,
++ Proto => 'tcp'
++ );
++ };
+
+ $retry--;
+- if ($@ || !defined($server_sock)) {
++ #Some buggy IP factories can return a defined server_sock that hasn't
++ #actually connected, so we check peerport too
++ if ($@ || !defined($server_sock) || !defined($server_sock->peerport)) {
+ $server_sock->close() if defined($server_sock);
+ undef $server_sock;
+ if ($retry) {
+diff --git a/util/TLSProxy/Record.pm b/util/TLSProxy/Record.pm
+index 124f924..2a605e3 100644
+--- a/util/TLSProxy/Record.pm
++++ b/util/TLSProxy/Record.pm
+@@ -1,55 +1,9 @@
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+
+diff --git a/util/TLSProxy/ServerHello.pm b/util/TLSProxy/ServerHello.pm
+index 4798f22..ee2fd72 100644
+--- a/util/TLSProxy/ServerHello.pm
++++ b/util/TLSProxy/ServerHello.pm
+@@ -1,55 +1,9 @@
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+
+diff --git a/util/TLSProxy/ServerKeyExchange.pm b/util/TLSProxy/ServerKeyExchange.pm
+index a3973be..6e5b4cd 100644
+--- a/util/TLSProxy/ServerKeyExchange.pm
++++ b/util/TLSProxy/ServerKeyExchange.pm
+@@ -1,55 +1,9 @@
+-# Written by Matt Caswell for the OpenSSL project.
+-# ====================================================================
+-# Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
+-# Redistribution and use in source and binary forms, with or without
+-# modification, are permitted provided that the following conditions
+-# are met:
+-#
+-# 1. Redistributions of source code must retain the above copyright
+-# notice, this list of conditions and the following disclaimer.
+-#
+-# 2. Redistributions in binary form must reproduce the above copyright
+-# notice, this list of conditions and the following disclaimer in
+-# the documentation and/or other materials provided with the
+-# distribution.
+-#
+-# 3. All advertising materials mentioning features or use of this
+-# software must display the following acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+-#
+-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+-# endorse or promote products derived from this software without
+-# prior written permission. For written permission, please contact
+-# openssl-core at openssl.org.
+-#
+-# 5. Products derived from this software may not be called "OpenSSL"
+-# nor may "OpenSSL" appear in their names without prior written
+-# permission of the OpenSSL Project.
+-#
+-# 6. Redistributions of any form whatsoever must retain the following
+-# acknowledgment:
+-# "This product includes software developed by the OpenSSL Project
+-# for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+-#
+-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+-# OF THE POSSIBILITY OF SUCH DAMAGE.
+-# ====================================================================
+-#
+-# This product includes cryptographic software written by Eric Young
+-# (eay at cryptsoft.com). This product includes software written by Tim
+-# Hudson (tjh at cryptsoft.com).
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+
+diff --git a/util/ck_errf.pl b/util/ck_errf.pl
+index 922e5f6..7fc5367 100755
+--- a/util/ck_errf.pl
++++ b/util/ck_errf.pl
+@@ -1,5 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ # This is just a quick script to scan for cases where the 'error'
+ # function name in a XXXerr() macro is wrong.
+ #
+diff --git a/util/copy-if-different.pl b/util/copy-if-different.pl
+index ec99e08..2bf7835 100755
+--- a/util/copy-if-different.pl
++++ b/util/copy-if-different.pl
+@@ -1,4 +1,10 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use strict;
+
+@@ -12,7 +18,7 @@ my @filelist;
+
+ foreach my $arg (@ARGV) {
+ $arg =~ s|\\|/|g; # compensate for bug/feature in cygwin glob...
+- foreach (glob $arg)
++ foreach (glob qq("$arg"))
+ {
+ push @filelist, $_;
+ }
+diff --git a/util/copy.pl b/util/copy.pl
+index eba6d58..ef4d870 100644
+--- a/util/copy.pl
++++ b/util/copy.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ use Fcntl;
+
+@@ -19,7 +26,7 @@ foreach $arg (@ARGV) {
+ next;
+ }
+ $arg =~ s|\\|/|g; # compensate for bug/feature in cygwin glob...
+- foreach (glob $arg)
++ foreach (glob qq("$arg"))
+ {
+ push @filelist, $_;
+ }
+diff --git a/util/dirname.pl b/util/dirname.pl
+index d7a66d9..9838e19 100644
+--- a/util/dirname.pl
++++ b/util/dirname.pl
+@@ -1,4 +1,10 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ if ($#ARGV < 0) {
+ die "dirname.pl: too few arguments\n";
+diff --git a/util/doc-nit-check.pl b/util/doc-nit-check.pl
+new file mode 100644
+index 0000000..29599f3
+--- /dev/null
++++ b/util/doc-nit-check.pl
+@@ -0,0 +1,86 @@
++#! /usr/bin/env perl
++# Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++
++require 5.10.0;
++use warnings;
++use strict;
++use Pod::Checker;
++use File::Find;
++use File::Basename;
++
++my $temp = '/tmp/docnits.txt';
++my $OUT;
++
++my %mandatory_sections =
++ ( '*' => [ 'NAME', 'DESCRIPTION', 'COPYRIGHT' ],
++ 1 => [ 'SYNOPSIS', '(COMMAND\s+)?OPTIONS' ],
++ 3 => [ 'SYNOPSIS', 'RETURN\s+VALUES' ],
++ 5 => [ ],
++ 7 => [ ] );
++my %default_sections =
++ ( apps => 1,
++ crypto => 3,
++ ssl => 3 );
++
++sub check()
++{
++ my $filename = shift;
++ my $dirname = basename(dirname($filename));
++ my $contents = '';
++ {
++ local $/ = undef;
++ open POD, $filename or die "Couldn't open $filename, $!";
++ $contents = <POD>;
++ close POD;
++ }
++ print $OUT "$filename doesn't start with =pod\n"
++ if $contents !~ /^=pod/;
++ print $OUT "$filename doesn't end with =cut\n"
++ if $contents !~ /=cut\n$/;
++ print $OUT "$filename more than one cut line.\n"
++ if $contents =~ /=cut.*=cut/ms;
++ print $OUT "$filename missing copyright\n"
++ if $contents !~ /Copyright .* The OpenSSL Project Authors/;
++ print $OUT "$filename copyright not last\n"
++ if $contents =~ /head1 COPYRIGHT.*=head/ms;
++ print $OUT "$filename head2 in All uppercase\n"
++ if $contents =~ /head2.*[A-Z ]+\n/;
++
++ my $section = $default_sections{$dirname};
++ if ($contents =~ /^=for\s+comment\s+openssl_manual_section:\s*(\d+)\s*$/m) {
++ $section = $1;
++ }
++
++ foreach ((@{$mandatory_sections{'*'}}, @{$mandatory_sections{$section}})) {
++ print $OUT "$filename doesn't have a head1 section matching $_\n"
++ if $contents !~ /^=head1\s+${_}\s*$/m;
++ }
++
++ podchecker($filename, $OUT);
++}
++
++open $OUT, '>', $temp
++ or die "Can't open $temp, $!";
++foreach (@ARGV ? @ARGV : glob('*/*.pod')) {
++ &check($_);
++}
++close $OUT;
++
++my $count = 0;
++open $OUT, '<', $temp
++ or die "Can't read $temp, $!";
++while ( <$OUT> ) {
++ next if /\(section\) in.*deprecated/;
++ $count++;
++ print;
++}
++close $OUT;
++unlink $temp || warn "Can't remove $temp, $!";
++
++exit $count;
+diff --git a/util/dofile.pl b/util/dofile.pl
+index 983778f..e0333fe 100644
+--- a/util/dofile.pl
++++ b/util/dofile.pl
+@@ -1,5 +1,11 @@
+-#! /usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ # Reads one or more template files and runs it through Text::Template
+ #
+ # It is assumed that this scripts is called with -Mconfigdata, a module
+diff --git a/util/extract-names.pl b/util/extract-names.pl
+index 0f69335..2a24e1a 100644
+--- a/util/extract-names.pl
++++ b/util/extract-names.pl
+@@ -1,4 +1,11 @@
+-#!/usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ $/ = ""; # Eat a paragraph at once.
+ while(<STDIN>) {
+diff --git a/util/extract-section.pl b/util/extract-section.pl
+index 7a0ba4f..08b1a12 100644
+--- a/util/extract-section.pl
++++ b/util/extract-section.pl
+@@ -1,4 +1,10 @@
+-#!/usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ while(<STDIN>) {
+ if (/=for\s+comment\s+openssl_manual_section:(\S+)/)
+diff --git a/util/find-unused-errs b/util/find-unused-errs
+new file mode 100755
+index 0000000..d36789e
+--- /dev/null
++++ b/util/find-unused-errs
+@@ -0,0 +1,31 @@
++#! /bin/bash
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++# Find unused error function-names and reason-codes, and edit them
++# out of the source. Doesn't handle line-wrapping, might have to do
++# some manual cleanups to fix compile errors.
++
++export X1=/tmp/f.1.$$
++export X2=/tmp/f.2.$$
++
++cd include/openssl || exit 1
++grep '_[RF]_' * | awk '{print $3;}' | sort -u >$X1
++cd ../..
++
++for F in `cat $X1` ; do
++ git grep -l --full-name -F $F >$X2
++ NUM=`wc -l <$X2`
++ test $NUM -gt 2 && continue
++ echo $F
++ for FILE in `cat $X2` ; do
++ grep -v -w $F <$FILE >$FILE.new
++ mv $FILE.new $FILE
++ done
++done
++
++rm $X1 $X2
+diff --git a/util/fipslink.pl b/util/fipslink.pl
+index 7b16e04..18a9153 100644
+--- a/util/fipslink.pl
++++ b/util/fipslink.pl
+@@ -1,4 +1,10 @@
+-#!/usr/bin/perl
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ sub check_env
+ {
+diff --git a/util/incore b/util/incore
+index bb765b1..26fcf95 100755
+--- a/util/incore
++++ b/util/incore
+@@ -1,7 +1,11 @@
+-#!/usr/bin/env perl
+-#
+-# Copyright (c) 2011 The OpenSSL Project.
++#! /usr/bin/env perl
++# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ # The script embeds fingerprint into ELF executable object, either
+ # application binary or shared library.
+
+diff --git a/util/indent.pro b/util/indent.pro
+index b7958e3..71997cb 100644
+--- a/util/indent.pro
++++ b/util/indent.pro
+@@ -187,11 +187,8 @@
+ -T CRYPTO_EX_DATA_FUNCS
+ -T CRYPTO_EX_DATA_IMPL
+ -T CRYPTO_EX_dup
+--T CRYPTO_EX_dup
+--T CRYPTO_EX_free
+ -T CRYPTO_EX_free
+ -T CRYPTO_EX_new
+--T CRYPTO_EX_new
+ -T CRYPTO_MEM_LEAK_CB
+ -T CRYPTO_THREADID
+ -T CRYPTO_dynlock_value
+diff --git a/util/libcrypto.num b/util/libcrypto.num
+index 5339358..32c36d9 100644
+--- a/util/libcrypto.num
++++ b/util/libcrypto.num
+@@ -1,5 +1,5 @@
+ d2i_EC_PUBKEY 1 1_1_0 EXIST::FUNCTION:EC
+-b2i_PVK_bio 2 1_1_0 EXIST::FUNCTION:RC4
++b2i_PVK_bio 2 1_1_0 EXIST::FUNCTION:DSA,RC4
+ PEM_read_bio_NETSCAPE_CERT_SEQUENCE 3 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get0_chain 4 1_1_0 EXIST::FUNCTION:
+ COMP_expand_block 5 1_1_0 EXIST::FUNCTION:COMP
+@@ -31,7 +31,7 @@ GENERAL_NAME_get0_otherName 29 1_1_0 EXIST::FUNCTION:
+ ASN1_INTEGER_get_uint64 30 1_1_0 EXIST::FUNCTION:
+ EVP_DigestInit_ex 31 1_1_0 EXIST::FUNCTION:
+ CTLOG_new 32 1_1_0 EXIST::FUNCTION:CT
+-UI_get_result_minsize 33 1_1_0 EXIST::FUNCTION:
++UI_get_result_minsize 33 1_1_0 EXIST::FUNCTION:UI
+ EVP_PBE_alg_add_type 34 1_1_0 EXIST::FUNCTION:
+ EVP_cast5_ofb 35 1_1_0 EXIST::FUNCTION:CAST
+ d2i_PUBKEY_fp 36 1_1_0 EXIST::FUNCTION:STDIO
+@@ -40,7 +40,7 @@ BF_decrypt 38 1_1_0 EXIST::FUNCTION:BF
+ PEM_read_bio_PUBKEY 39 1_1_0 EXIST::FUNCTION:
+ X509_NAME_delete_entry 40 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_set_verify_recover 41 1_1_0 EXIST::FUNCTION:
+-UI_set_method 42 1_1_0 EXIST::FUNCTION:
++UI_set_method 42 1_1_0 EXIST::FUNCTION:UI
+ PKCS7_ISSUER_AND_SERIAL_it 43 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKCS7_ISSUER_AND_SERIAL_it 43 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ EC_GROUP_method_of 44 1_1_0 EXIST::FUNCTION:EC
+@@ -49,7 +49,7 @@ CRYPTO_set_dynlock_lock_callback 46 1_1_0 NOEXIST::FUNCTION:
+ X509_get0_signature 47 1_1_0 EXIST::FUNCTION:
+ X509_REVOKED_get0_extensions 48 1_1_0 EXIST::FUNCTION:
+ NETSCAPE_SPKI_verify 49 1_1_0 EXIST::FUNCTION:
+-i2d_OCSP_RESPONSE 50 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_RESPONSE 50 1_1_0 EXIST::FUNCTION:OCSP
+ ERR_peek_error 51 1_1_0 EXIST::FUNCTION:
+ X509v3_asid_validate_resource_set 52 1_1_0 EXIST::FUNCTION:RFC3779
+ PEM_write_bio_Parameters 53 1_1_0 EXIST::FUNCTION:
+@@ -57,7 +57,7 @@ CMS_SignerInfo_verify 54 1_1_0 EXIST::FUNCTION:CMS
+ X509v3_asid_is_canonical 55 1_1_0 EXIST::FUNCTION:RFC3779
+ ASN1_ENUMERATED_get 56 1_1_0 EXIST::FUNCTION:
+ EVP_MD_do_all_sorted 57 1_1_0 EXIST::FUNCTION:
+-OCSP_crl_reason_str 58 1_1_0 EXIST::FUNCTION:
++OCSP_crl_reason_str 58 1_1_0 EXIST::FUNCTION:OCSP
+ ENGINE_ctrl_cmd_string 59 1_1_0 EXIST::FUNCTION:ENGINE
+ ENGINE_finish 60 1_1_0 EXIST::FUNCTION:ENGINE
+ SRP_Calc_client_key 61 1_1_0 EXIST::FUNCTION:SRP
+@@ -68,7 +68,7 @@ DSO_bind_func 65 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_get_copy 66 1_1_0 EXIST::FUNCTION:
+ RSA_up_ref 67 1_1_0 EXIST::FUNCTION:RSA
+ EVP_PKEY_meth_set_ctrl 68 1_1_0 EXIST::FUNCTION:
+-OCSP_basic_sign 69 1_1_0 EXIST::FUNCTION:
++OCSP_basic_sign 69 1_1_0 EXIST::FUNCTION:OCSP
+ BN_GENCB_set 70 1_1_0 EXIST::FUNCTION:
+ BN_generate_prime 71 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_0_9_8
+ d2i_DSAPrivateKey_fp 72 1_1_0 EXIST::FUNCTION:DSA,STDIO
+@@ -79,7 +79,7 @@ ASN1_item_print 76 1_1_0 EXIST::FUNCTION:
+ CONF_set_nconf 77 1_1_0 EXIST::FUNCTION:
+ RAND_set_rand_method 78 1_1_0 EXIST::FUNCTION:
+ BN_GF2m_mod_mul 79 1_1_0 EXIST::FUNCTION:EC2M
+-UI_add_input_boolean 80 1_1_0 EXIST::FUNCTION:
++UI_add_input_boolean 80 1_1_0 EXIST::FUNCTION:UI
+ ASN1_TIME_adj 81 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_asn1_get0_info 82 1_1_0 EXIST::FUNCTION:
+ BN_add_word 83 1_1_0 EXIST::FUNCTION:
+@@ -88,14 +88,14 @@ EVP_PKEY_add1_attr_by_OBJ 85 1_1_0 EXIST::FUNCTION:
+ ASYNC_WAIT_CTX_get_all_fds 86 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_meth_set_do_cipher 87 1_1_0 EXIST::FUNCTION:
+ EVP_set_pw_prompt 88 1_1_0 EXIST::FUNCTION:UI
+-d2i_OCSP_RESPBYTES 89 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_RESPBYTES 89 1_1_0 EXIST::FUNCTION:OCSP
+ TS_REQ_get_ext_by_NID 90 1_1_0 EXIST::FUNCTION:TS
+ ASN1_item_ndef_i2d 91 1_1_0 EXIST::FUNCTION:
+-OCSP_archive_cutoff_new 92 1_1_0 EXIST::FUNCTION:
++OCSP_archive_cutoff_new 92 1_1_0 EXIST::FUNCTION:OCSP
+ DSA_size 93 1_1_0 EXIST::FUNCTION:DSA
+ IPAddressRange_free 94 1_1_0 EXIST::FUNCTION:RFC3779
+ CMS_ContentInfo_free 95 1_1_0 EXIST::FUNCTION:CMS
+-BIO_accept 96 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0
++BIO_accept 96 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK
+ X509_VERIFY_PARAM_set1_policies 97 1_1_0 EXIST::FUNCTION:
+ SCT_set0_extensions 98 1_1_0 EXIST::FUNCTION:CT
+ PKCS5_pbe2_set_scrypt 99 1_1_0 EXIST::FUNCTION:SCRYPT
+@@ -106,22 +106,22 @@ d2i_DHparams 103 1_1_0 EXIST::FUNCTION:DH
+ i2d_PKCS7_ENC_CONTENT 104 1_1_0 EXIST::FUNCTION:
+ DH_generate_key 105 1_1_0 EXIST::FUNCTION:DH
+ ENGINE_add_conf_module 106 1_1_0 EXIST::FUNCTION:ENGINE
+-BIO_new_socket 107 1_1_0 EXIST::FUNCTION:
++BIO_new_socket 107 1_1_0 EXIST::FUNCTION:SOCK
+ ASN1_OBJECT_free 108 1_1_0 EXIST::FUNCTION:
+ X509_REQ_get_extensions 109 1_1_0 EXIST::FUNCTION:
+ X509_get_version 110 1_1_0 EXIST::FUNCTION:
+-OCSP_CERTID_dup 111 1_1_0 EXIST::FUNCTION:
++OCSP_CERTID_dup 111 1_1_0 EXIST::FUNCTION:OCSP
+ RSA_PSS_PARAMS_free 112 1_1_0 EXIST::FUNCTION:RSA
+ i2d_TS_MSG_IMPRINT 113 1_1_0 EXIST::FUNCTION:TS
+ EC_POINT_mul 114 1_1_0 EXIST::FUNCTION:EC
+ WHIRLPOOL_Final 115 1_1_0 EXIST::FUNCTION:WHIRLPOOL
+ CMS_get1_ReceiptRequest 116 1_1_0 EXIST::FUNCTION:CMS
+-BIO_sock_non_fatal_error 117 1_1_0 EXIST::FUNCTION:
++BIO_sock_non_fatal_error 117 1_1_0 EXIST::FUNCTION:SOCK
+ HMAC_Update 118 1_1_0 EXIST::FUNCTION:
+ i2d_PKCS12 119 1_1_0 EXIST::FUNCTION:
+ EVP_BytesToKey 120 1_1_0 EXIST::FUNCTION:
+ ENGINE_set_default_pkey_asn1_meths 121 1_1_0 EXIST::FUNCTION:ENGINE
+-OCSP_BASICRESP_add1_ext_i2d 122 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_add1_ext_i2d 122 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_camellia_128_ctr 123 1_1_0 EXIST::FUNCTION:CAMELLIA
+ EVP_CIPHER_impl_ctx_size 124 1_1_0 EXIST::FUNCTION:
+ X509_CRL_get_nextUpdate 125 1_1_0 EXIST::FUNCTION:
+@@ -132,22 +132,22 @@ ASN1_STRING_TABLE_add 129 1_1_0 EXIST::FUNCTION:
+ d2i_ASIdentifiers 130 1_1_0 EXIST::FUNCTION:RFC3779
+ i2d_PKCS12_bio 131 1_1_0 EXIST::FUNCTION:
+ X509_to_X509_REQ 132 1_1_0 EXIST::FUNCTION:
+-OCSP_basic_add1_nonce 133 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_BASICRESP 134 1_1_0 EXIST::FUNCTION:
++OCSP_basic_add1_nonce 133 1_1_0 EXIST::FUNCTION:OCSP
++d2i_OCSP_BASICRESP 134 1_1_0 EXIST::FUNCTION:OCSP
+ X509v3_add_ext 135 1_1_0 EXIST::FUNCTION:
+ X509v3_addr_subset 136 1_1_0 EXIST::FUNCTION:RFC3779
+ CRYPTO_strndup 137 1_1_0 EXIST::FUNCTION:
+-OCSP_REQ_CTX_free 138 1_1_0 EXIST::FUNCTION:
++OCSP_REQ_CTX_free 138 1_1_0 EXIST::FUNCTION:OCSP
+ DSO_METHOD_dlfcn 139 1_1_0 NOEXIST::FUNCTION:
+ X509_STORE_new 140 1_1_0 EXIST::FUNCTION:
+ ASN1_TYPE_free 141 1_1_0 EXIST::FUNCTION:
+ PKCS12_BAGS_new 142 1_1_0 EXIST::FUNCTION:
+-CMAC_CTX_new 143 1_1_0 EXIST::FUNCTION:
++CMAC_CTX_new 143 1_1_0 EXIST::FUNCTION:CMAC
+ ASIdentifierChoice_new 144 1_1_0 EXIST::FUNCTION:RFC3779
+ EVP_PKEY_asn1_set_public 145 1_1_0 EXIST::FUNCTION:
+ IDEA_set_decrypt_key 146 1_1_0 EXIST::FUNCTION:IDEA
+ X509_STORE_CTX_set_flags 147 1_1_0 EXIST::FUNCTION:
+-BIO_ADDR_rawmake 148 1_1_0 EXIST::FUNCTION:
++BIO_ADDR_rawmake 148 1_1_0 EXIST::FUNCTION:SOCK
+ EVP_PKEY_asn1_set_ctrl 149 1_1_0 EXIST::FUNCTION:
+ EC_POINTs_mul 150 1_1_0 EXIST::FUNCTION:EC
+ ASN1_get_object 151 1_1_0 EXIST::FUNCTION:
+@@ -181,7 +181,7 @@ EVP_PKEY_delete_attr 178 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_CTX_key_length 179 1_1_0 EXIST::FUNCTION:
+ BIO_clear_flags 180 1_1_0 EXIST::FUNCTION:
+ i2d_DISPLAYTEXT 181 1_1_0 EXIST::FUNCTION:
+-OCSP_response_status 182 1_1_0 EXIST::FUNCTION:
++OCSP_response_status 182 1_1_0 EXIST::FUNCTION:OCSP
+ i2d_ASN1_PRINTABLESTRING 183 1_1_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_set_hostflags 184 1_1_0 EXIST::FUNCTION:
+ SCT_get0_log_id 185 1_1_0 EXIST::FUNCTION:CT
+@@ -201,7 +201,7 @@ EVP_PKEY_cmp 197 1_1_0 EXIST::FUNCTION:
+ d2i_X509_ALGORS 198 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY2PKCS8 199 1_1_0 EXIST::FUNCTION:
+ BN_nist_mod_256 200 1_1_0 EXIST::FUNCTION:
+-OCSP_request_add0_id 201 1_1_0 EXIST::FUNCTION:
++OCSP_request_add0_id 201 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_seed_cfb128 202 1_1_0 EXIST::FUNCTION:SEED
+ BASIC_CONSTRAINTS_free 203 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_flags 204 1_1_0 EXIST::FUNCTION:
+@@ -210,13 +210,13 @@ SCT_set_version 206 1_1_0 EXIST::FUNCTION:CT
+ CMS_add1_ReceiptRequest 207 1_1_0 EXIST::FUNCTION:CMS
+ d2i_CRL_DIST_POINTS 208 1_1_0 EXIST::FUNCTION:
+ X509_CRL_INFO_free 209 1_1_0 EXIST::FUNCTION:
+-ERR_load_UI_strings 210 1_1_0 EXIST::FUNCTION:
++ERR_load_UI_strings 210 1_1_0 EXIST::FUNCTION:UI
+ ERR_load_strings 211 1_1_0 EXIST::FUNCTION:
+ RSA_X931_hash_id 212 1_1_0 EXIST::FUNCTION:RSA
+ EC_KEY_set_method 213 1_1_0 EXIST::FUNCTION:EC
+ PEM_write_PKCS8_PRIV_KEY_INFO 214 1_1_0 EXIST::FUNCTION:
+ X509at_get0_data_by_OBJ 215 1_1_0 EXIST::FUNCTION:
+-b2i_PublicKey_bio 216 1_1_0 EXIST::FUNCTION:
++b2i_PublicKey_bio 216 1_1_0 EXIST::FUNCTION:DSA
+ s2i_ASN1_OCTET_STRING 217 1_1_0 EXIST::FUNCTION:
+ POLICYINFO_it 218 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ POLICYINFO_it 218 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+@@ -236,10 +236,10 @@ DIST_POINT_NAME_new 231 1_1_0 EXIST::FUNCTION:
+ X509_LOOKUP_file 232 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_set_decrypt 233 1_1_0 EXIST::FUNCTION:
+ EVP_rc2_ecb 234 1_1_0 EXIST::FUNCTION:RC2
+-i2b_PublicKey_bio 235 1_1_0 EXIST::FUNCTION:
++i2b_PublicKey_bio 235 1_1_0 EXIST::FUNCTION:DSA
+ d2i_ASN1_SET_ANY 236 1_1_0 EXIST::FUNCTION:
+ ASN1_item_i2d 238 1_1_0 EXIST::FUNCTION:
+-OCSP_copy_nonce 239 1_1_0 EXIST::FUNCTION:
++OCSP_copy_nonce 239 1_1_0 EXIST::FUNCTION:OCSP
+ OBJ_txt2nid 240 1_1_0 EXIST::FUNCTION:
+ SEED_set_key 241 1_1_0 EXIST::FUNCTION:SEED
+ EC_KEY_clear_flags 242 1_1_0 EXIST::FUNCTION:EC
+@@ -258,7 +258,7 @@ ENGINE_register_all_ciphers 254 1_1_0 EXIST::FUNCTION:ENGINE
+ SXNET_new 255 1_1_0 EXIST::FUNCTION:
+ EVP_camellia_256_ctr 256 1_1_0 EXIST::FUNCTION:CAMELLIA
+ d2i_PKCS8_PRIV_KEY_INFO 257 1_1_0 EXIST::FUNCTION:
+-OPENSSL_strncasecmp 258 1_1_0 EXIST::FUNCTION:
++OPENSSL_strncasecmp 258 1_1_0 NOEXIST::FUNCTION:
+ EVP_md2 259 1_1_0 EXIST::FUNCTION:MD2
+ RC2_ecb_encrypt 260 1_1_0 EXIST::FUNCTION:RC2
+ ENGINE_register_DH 261 1_1_0 EXIST::FUNCTION:ENGINE
+@@ -268,16 +268,16 @@ EVP_des_ede3 264 1_1_0 EXIST::FUNCTION:DES
+ PKCS7_add1_attrib_digest 265 1_1_0 EXIST::FUNCTION:
+ EC_POINT_get_affine_coordinates_GFp 266 1_1_0 EXIST::FUNCTION:EC
+ EVP_seed_ecb 267 1_1_0 EXIST::FUNCTION:SEED
+-BIO_dgram_sctp_wait_for_dry 268 1_1_0 EXIST::FUNCTION:SCTP
++BIO_dgram_sctp_wait_for_dry 268 1_1_0 EXIST::FUNCTION:DGRAM,SCTP
+ ASN1_OCTET_STRING_NDEF_it 269 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ ASN1_OCTET_STRING_NDEF_it 269 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ EVP_PKEY_asn1_get_count 270 1_1_0 EXIST::FUNCTION:
+ WHIRLPOOL_Init 271 1_1_0 EXIST::FUNCTION:WHIRLPOOL
+ EVP_OpenInit 272 1_1_0 EXIST::FUNCTION:RSA
+-OCSP_response_get1_basic 273 1_1_0 EXIST::FUNCTION:
++OCSP_response_get1_basic 273 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_gcm128_tag 274 1_1_0 EXIST::FUNCTION:
+-OCSP_parse_url 275 1_1_0 EXIST::FUNCTION:
+-UI_get0_test_string 276 1_1_0 EXIST::FUNCTION:
++OCSP_parse_url 275 1_1_0 EXIST::FUNCTION:OCSP
++UI_get0_test_string 276 1_1_0 EXIST::FUNCTION:UI
+ CRYPTO_secure_free 277 1_1_0 EXIST::FUNCTION:
+ DSA_print_fp 278 1_1_0 EXIST::FUNCTION:DSA,STDIO
+ X509_get_ext_d2i 279 1_1_0 EXIST::FUNCTION:
+@@ -302,53 +302,53 @@ PKCS8_set0_pbe 297 1_1_0 EXIST::FUNCTION:
+ PEM_write_bio_DSA_PUBKEY 298 1_1_0 EXIST::FUNCTION:DSA
+ PEM_X509_INFO_read_bio 299 1_1_0 EXIST::FUNCTION:
+ EC_GROUP_get0_order 300 1_1_0 EXIST::FUNCTION:EC
+-OCSP_BASICRESP_delete_ext 301 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_delete_ext 301 1_1_0 EXIST::FUNCTION:OCSP
+ PKCS12_get_attr_gen 302 1_1_0 EXIST::FUNCTION:
+ PKCS12_SAFEBAG_get0_safes 303 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_derive 304 1_1_0 EXIST::FUNCTION:
+-OCSP_BASICRESP_get_ext_by_NID 305 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_get_ext_by_NID 305 1_1_0 EXIST::FUNCTION:OCSP
+ OBJ_dup 306 1_1_0 EXIST::FUNCTION:
+ CMS_signed_get_attr_count 307 1_1_0 EXIST::FUNCTION:CMS
+ EC_get_builtin_curves 308 1_1_0 EXIST::FUNCTION:EC
+ i2d_ASN1_IA5STRING 309 1_1_0 EXIST::FUNCTION:
+-OCSP_check_nonce 310 1_1_0 EXIST::FUNCTION:
++OCSP_check_nonce 310 1_1_0 EXIST::FUNCTION:OCSP
+ X509_STORE_CTX_init 311 1_1_0 EXIST::FUNCTION:
+-OCSP_RESPONSE_free 312 1_1_0 EXIST::FUNCTION:
++OCSP_RESPONSE_free 312 1_1_0 EXIST::FUNCTION:OCSP
+ ENGINE_set_DH 313 1_1_0 EXIST::FUNCTION:ENGINE
+ EVP_CIPHER_CTX_set_flags 314 1_1_0 EXIST::FUNCTION:
+ err_free_strings_int 315 1_1_0 EXIST::FUNCTION:
+ PEM_write_bio_PKCS7_stream 316 1_1_0 EXIST::FUNCTION:
+ d2i_X509_CERT_AUX 317 1_1_0 EXIST::FUNCTION:
+-UI_process 318 1_1_0 EXIST::FUNCTION:
++UI_process 318 1_1_0 EXIST::FUNCTION:UI
+ X509_get_subject_name 319 1_1_0 EXIST::FUNCTION:
+ DH_get_1024_160 320 1_1_0 EXIST::FUNCTION:DH
+ i2d_ASN1_UNIVERSALSTRING 321 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_RESPID 322 1_1_0 EXIST::FUNCTION:
+-BIO_s_accept 323 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_RESPID 322 1_1_0 EXIST::FUNCTION:OCSP
++BIO_s_accept 323 1_1_0 EXIST::FUNCTION:SOCK
+ EVP_whirlpool 324 1_1_0 EXIST::FUNCTION:WHIRLPOOL
+-OCSP_ONEREQ_get1_ext_d2i 325 1_1_0 EXIST::FUNCTION:
++OCSP_ONEREQ_get1_ext_d2i 325 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_ESS_SIGNING_CERT 326 1_1_0 EXIST::FUNCTION:TS
+ EC_KEY_set_default_method 327 1_1_0 EXIST::FUNCTION:EC
+ X509_OBJECT_up_ref_count 328 1_1_0 EXIST::FUNCTION:
+ RAND_load_file 329 1_1_0 EXIST::FUNCTION:
+ BIO_ctrl_reset_read_request 330 1_1_0 EXIST::FUNCTION:
+ CRYPTO_ccm128_tag 331 1_1_0 EXIST::FUNCTION:
+-BIO_new_dgram_sctp 332 1_1_0 EXIST::FUNCTION:SCTP
++BIO_new_dgram_sctp 332 1_1_0 EXIST::FUNCTION:DGRAM,SCTP
+ d2i_RSAPrivateKey_fp 333 1_1_0 EXIST::FUNCTION:RSA,STDIO
+ s2i_ASN1_IA5STRING 334 1_1_0 EXIST::FUNCTION:
+-UI_get_ex_data 335 1_1_0 EXIST::FUNCTION:
++UI_get_ex_data 335 1_1_0 EXIST::FUNCTION:UI
+ EVP_EncryptUpdate 336 1_1_0 EXIST::FUNCTION:
+ SRP_create_verifier 337 1_1_0 EXIST::FUNCTION:SRP
+ TS_TST_INFO_print_bio 338 1_1_0 EXIST::FUNCTION:TS
+ X509_NAME_get_index_by_OBJ 339 1_1_0 EXIST::FUNCTION:
+-BIO_get_host_ip 340 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0
++BIO_get_host_ip 340 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK
+ PKCS7_add_certificate 341 1_1_0 EXIST::FUNCTION:
+ TS_REQ_get_ext 342 1_1_0 EXIST::FUNCTION:TS
+ X509_NAME_cmp 343 1_1_0 EXIST::FUNCTION:
+ DIST_POINT_it 344 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ DIST_POINT_it 344 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ PEM_read_X509_CRL 345 1_1_0 EXIST::FUNCTION:
+-sk_sort 346 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_sort 346 1_1_0 EXIST::FUNCTION:
+ CTLOG_STORE_load_file 347 1_1_0 EXIST::FUNCTION:CT
+ ASN1_SEQUENCE_it 348 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ ASN1_SEQUENCE_it 348 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+@@ -378,7 +378,7 @@ SEED_ecb_encrypt 370 1_1_0 EXIST::FUNCTION:SEED
+ X509_PUBKEY_get0_param 371 1_1_0 EXIST::FUNCTION:
+ ASN1_i2d_fp 372 1_1_0 EXIST::FUNCTION:STDIO
+ BIO_new_mem_buf 373 1_1_0 EXIST::FUNCTION:
+-UI_get_input_flags 374 1_1_0 EXIST::FUNCTION:
++UI_get_input_flags 374 1_1_0 EXIST::FUNCTION:UI
+ X509V3_EXT_REQ_add_nconf 375 1_1_0 EXIST::FUNCTION:
+ X509v3_asid_subset 376 1_1_0 EXIST::FUNCTION:RFC3779
+ RSA_check_key_ex 377 1_1_0 EXIST::FUNCTION:RSA
+@@ -393,7 +393,7 @@ DSO_get_filename 385 1_1_0 EXIST::FUNCTION:
+ CRYPTO_set_id_callback 386 1_1_0 NOEXIST::FUNCTION:
+ i2d_ASN1_SEQUENCE_ANY 387 1_1_0 EXIST::FUNCTION:
+ OPENSSL_strlcpy 388 1_1_0 EXIST::FUNCTION:
+-BIO_get_port 389 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0
++BIO_get_port 389 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK
+ DISPLAYTEXT_free 390 1_1_0 EXIST::FUNCTION:
+ BN_div 391 1_1_0 EXIST::FUNCTION:
+ RIPEMD160_Update 392 1_1_0 EXIST::FUNCTION:RMD160
+@@ -402,10 +402,10 @@ ASN1_OBJECT_new 394 1_1_0 EXIST::FUNCTION:
+ EVP_des_ede3_cfb8 395 1_1_0 EXIST::FUNCTION:DES
+ BIO_dump_indent_fp 396 1_1_0 EXIST::FUNCTION:STDIO
+ X509_NAME_ENTRY_get_data 397 1_1_0 EXIST::FUNCTION:
+-BIO_socket 398 1_1_0 EXIST::FUNCTION:
++BIO_socket 398 1_1_0 EXIST::FUNCTION:SOCK
+ EVP_PKEY_meth_get_derive 399 1_1_0 EXIST::FUNCTION:
+ ASN1_STRING_clear_free 400 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_REVOKEDINFO 401 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_REVOKEDINFO 401 1_1_0 EXIST::FUNCTION:OCSP
+ ASN1_STRING_print_ex_fp 402 1_1_0 EXIST::FUNCTION:STDIO
+ PKCS7_SIGNED_new 403 1_1_0 EXIST::FUNCTION:
+ CMS_get0_eContentType 404 1_1_0 EXIST::FUNCTION:CMS
+@@ -419,7 +419,7 @@ EVP_CipherFinal_ex 411 1_1_0 EXIST::FUNCTION:
+ d2i_DSA_PUBKEY 412 1_1_0 EXIST::FUNCTION:DSA
+ BN_CTX_get 413 1_1_0 EXIST::FUNCTION:
+ BN_to_montgomery 414 1_1_0 EXIST::FUNCTION:
+-X509_OBJECT_free_contents 415 1_1_0 EXIST::FUNCTION:
++X509_OBJECT_get0_X509_CRL 415 1_1_0 EXIST::FUNCTION:
+ EVP_camellia_128_cfb8 416 1_1_0 EXIST::FUNCTION:CAMELLIA
+ EC_KEY_METHOD_free 417 1_1_0 EXIST::FUNCTION:EC
+ TS_TST_INFO_set_policy_id 418 1_1_0 EXIST::FUNCTION:TS
+@@ -448,17 +448,17 @@ BN_GENCB_new 440 1_1_0 EXIST::FUNCTION:
+ X509_VAL_new 441 1_1_0 EXIST::FUNCTION:
+ NCONF_load 442 1_1_0 EXIST::FUNCTION:
+ ASN1_put_object 443 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_RESPONSE 444 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_RESPONSE 444 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_PublicKey 445 1_1_0 EXIST::FUNCTION:
+ ENGINE_set_ex_data 446 1_1_0 EXIST::FUNCTION:ENGINE
+ X509_get_default_private_dir 447 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_set0_dane 448 1_1_0 EXIST::FUNCTION:
+ EVP_des_ecb 449 1_1_0 EXIST::FUNCTION:DES
+-OCSP_resp_get0 450 1_1_0 EXIST::FUNCTION:
++OCSP_resp_get0 450 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_get_new_lockid 451 1_1_0 NOEXIST::FUNCTION:
+ RSA_X931_generate_key_ex 452 1_1_0 EXIST::FUNCTION:RSA
+ X509_get_serialNumber 453 1_1_0 EXIST::FUNCTION:
+-BIO_sock_should_retry 454 1_1_0 EXIST::FUNCTION:
++BIO_sock_should_retry 454 1_1_0 EXIST::FUNCTION:SOCK
+ ENGINE_get_digests 455 1_1_0 EXIST::FUNCTION:ENGINE
+ TS_MSG_IMPRINT_get_algo 456 1_1_0 EXIST::FUNCTION:TS
+ DH_new_method 457 1_1_0 EXIST::FUNCTION:DH
+@@ -474,7 +474,7 @@ OPENSSL_memcmp 466 1_1_0 EXIST::FUNCTION:
+ BUF_MEM_new 467 1_1_0 EXIST::FUNCTION:
+ DSO_set_filename 468 1_1_0 EXIST::FUNCTION:
+ DH_new 469 1_1_0 EXIST::FUNCTION:DH
+-OCSP_RESPID_free 470 1_1_0 EXIST::FUNCTION:
++OCSP_RESPID_free 470 1_1_0 EXIST::FUNCTION:OCSP
+ PKCS5_pbe2_set 471 1_1_0 EXIST::FUNCTION:
+ CRYPTO_THREADID_get_callback 472 1_1_0 NOEXIST::FUNCTION:
+ SCT_set_signature_nid 473 1_1_0 EXIST::FUNCTION:CT
+@@ -489,7 +489,7 @@ X509_CRL_sort 480 1_1_0 EXIST::FUNCTION:
+ i2d_RSA_PUBKEY_bio 481 1_1_0 EXIST::FUNCTION:RSA
+ ASN1_T61STRING_free 482 1_1_0 EXIST::FUNCTION:
+ PEM_write_CMS 483 1_1_0 EXIST::FUNCTION:CMS
+-sk_find 484 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_find 484 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_ciphers 485 1_1_0 EXIST::FUNCTION:ENGINE
+ EVP_rc2_ofb 486 1_1_0 EXIST::FUNCTION:RC2
+ EVP_PKEY_set1_RSA 487 1_1_0 EXIST::FUNCTION:RSA
+@@ -501,11 +501,11 @@ BN_GF2m_mod_sqr_arr 492 1_1_0 EXIST::FUNCTION:EC2M
+ ASN1_PRINTABLESTRING_it 493 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ ASN1_PRINTABLESTRING_it 493 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ BIO_f_cipher 494 1_1_0 EXIST::FUNCTION:
+-UI_destroy_method 495 1_1_0 EXIST::FUNCTION:
++UI_destroy_method 495 1_1_0 EXIST::FUNCTION:UI
+ BN_get_rfc3526_prime_3072 496 1_1_0 EXIST::FUNCTION:
+ X509_INFO_new 497 1_1_0 EXIST::FUNCTION:
+-OCSP_RESPDATA_it 498 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_RESPDATA_it 498 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_RESPDATA_it 498 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_RESPDATA_it 498 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ X509_CRL_print 499 1_1_0 EXIST::FUNCTION:
+ WHIRLPOOL_Update 500 1_1_0 EXIST::FUNCTION:WHIRLPOOL
+ DSA_get_ex_data 501 1_1_0 EXIST::FUNCTION:DSA
+@@ -516,17 +516,17 @@ PKCS7_cert_from_signer_info 505 1_1_0 EXIST::FUNCTION:
+ X509_TRUST_get_trust 506 1_1_0 EXIST::FUNCTION:
+ DES_string_to_key 507 1_1_0 EXIST::FUNCTION:DES
+ ERR_error_string 508 1_1_0 EXIST::FUNCTION:
+-BIO_new_connect 509 1_1_0 EXIST::FUNCTION:
++BIO_new_connect 509 1_1_0 EXIST::FUNCTION:SOCK
+ CRYPTO_get_lock_name 510 1_1_0 NOEXIST::FUNCTION:
+ DSA_new_method 511 1_1_0 EXIST::FUNCTION:DSA
+-OCSP_CERTID_new 512 1_1_0 EXIST::FUNCTION:
++OCSP_CERTID_new 512 1_1_0 EXIST::FUNCTION:OCSP
+ X509_CRL_get_signature_nid 513 1_1_0 EXIST::FUNCTION:
+ X509_policy_level_node_count 514 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_CERTSTATUS 515 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_CERTSTATUS 515 1_1_0 EXIST::FUNCTION:OCSP
+ X509V3_add1_i2d 516 1_1_0 EXIST::FUNCTION:
+ TS_TST_INFO_set_serial 517 1_1_0 EXIST::FUNCTION:TS
+-OCSP_RESPBYTES_new 518 1_1_0 EXIST::FUNCTION:
+-OCSP_SINGLERESP_delete_ext 519 1_1_0 EXIST::FUNCTION:
++OCSP_RESPBYTES_new 518 1_1_0 EXIST::FUNCTION:OCSP
++OCSP_SINGLERESP_delete_ext 519 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_get_dynlock_lock_callback 520 1_1_0 NOEXIST::FUNCTION:
+ EVP_MD_CTX_test_flags 521 1_1_0 EXIST::FUNCTION:
+ X509v3_addr_validate_path 522 1_1_0 EXIST::FUNCTION:RFC3779
+@@ -547,7 +547,7 @@ EC_KEY_get_flags 536 1_1_0 EXIST::FUNCTION:EC
+ ASN1_TYPE_cmp 537 1_1_0 EXIST::FUNCTION:
+ i2d_RSAPublicKey 538 1_1_0 EXIST::FUNCTION:RSA
+ EC_GROUP_get_trinomial_basis 539 1_1_0 EXIST::FUNCTION:EC,EC2M
+-BIO_ADDRINFO_protocol 540 1_1_0 EXIST::FUNCTION:
++BIO_ADDRINFO_protocol 540 1_1_0 EXIST::FUNCTION:SOCK
+ i2d_PBKDF2PARAM 541 1_1_0 EXIST::FUNCTION:
+ ENGINE_unregister_RAND 542 1_1_0 EXIST::FUNCTION:ENGINE
+ PEM_write_bio_RSAPrivateKey 543 1_1_0 EXIST::FUNCTION:RSA
+@@ -561,7 +561,7 @@ d2i_X509_CRL_fp 549 1_1_0 EXIST::FUNCTION:STDIO
+ i2d_RSA_PUBKEY 550 1_1_0 EXIST::FUNCTION:RSA
+ EVP_aes_128_ccm 551 1_1_0 EXIST::FUNCTION:
+ ECParameters_print 552 1_1_0 EXIST::FUNCTION:EC
+-OCSP_SINGLERESP_get1_ext_d2i 553 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_get1_ext_d2i 553 1_1_0 EXIST::FUNCTION:OCSP
+ RAND_status 554 1_1_0 EXIST::FUNCTION:
+ EVP_ripemd160 555 1_1_0 EXIST::FUNCTION:RMD160
+ EVP_MD_meth_set_final 556 1_1_0 EXIST::FUNCTION:
+@@ -585,7 +585,7 @@ SCT_verify 573 1_1_0 EXIST::FUNCTION:CT
+ d2i_X509 574 1_1_0 EXIST::FUNCTION:
+ a2i_ASN1_STRING 575 1_1_0 EXIST::FUNCTION:
+ EC_GROUP_get_mont_data 576 1_1_0 EXIST::FUNCTION:EC
+-CMAC_CTX_copy 577 1_1_0 EXIST::FUNCTION:
++CMAC_CTX_copy 577 1_1_0 EXIST::FUNCTION:CMAC
+ CRYPTO_set_add_lock_callback 578 1_1_0 NOEXIST::FUNCTION:
+ EVP_camellia_128_cfb128 579 1_1_0 EXIST::FUNCTION:CAMELLIA
+ DH_compute_key_padded 580 1_1_0 EXIST::FUNCTION:DH
+@@ -640,12 +640,12 @@ CRYPTO_secure_malloc_done 625 1_1_0 EXIST::FUNCTION:
+ RSA_OAEP_PARAMS_new 626 1_1_0 EXIST::FUNCTION:RSA
+ X509_NAME_free 627 1_1_0 EXIST::FUNCTION:
+ PKCS12_set_mac 628 1_1_0 EXIST::FUNCTION:
+-UI_get0_result_string 629 1_1_0 EXIST::FUNCTION:
++UI_get0_result_string 629 1_1_0 EXIST::FUNCTION:UI
+ TS_RESP_CTX_add_policy 630 1_1_0 EXIST::FUNCTION:TS
+ X509_REQ_dup 631 1_1_0 EXIST::FUNCTION:
+ CRYPTO_get_add_lock_callback 632 1_1_0 NOEXIST::FUNCTION:
+ d2i_DSA_PUBKEY_fp 633 1_1_0 EXIST::FUNCTION:DSA,STDIO
+-OCSP_REQ_CTX_nbio_d2i 634 1_1_0 EXIST::FUNCTION:
++OCSP_REQ_CTX_nbio_d2i 634 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_X509_REQ_fp 635 1_1_0 EXIST::FUNCTION:STDIO
+ DH_OpenSSL 636 1_1_0 EXIST::FUNCTION:DH
+ BN_get_rfc3526_prime_8192 637 1_1_0 EXIST::FUNCTION:
+@@ -654,10 +654,10 @@ X509_REVOKED_it 638 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:F
+ CRYPTO_THREAD_write_lock 639 1_1_0 EXIST::FUNCTION:
+ X509V3_NAME_from_section 640 1_1_0 EXIST::FUNCTION:
+ EC_POINT_set_compressed_coordinates_GFp 641 1_1_0 EXIST::FUNCTION:EC
+-OCSP_SINGLERESP_get0_id 642 1_1_0 EXIST::FUNCTION:
+-UI_add_info_string 643 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_get0_id 642 1_1_0 EXIST::FUNCTION:OCSP
++UI_add_info_string 643 1_1_0 EXIST::FUNCTION:UI
+ OBJ_NAME_remove 644 1_1_0 EXIST::FUNCTION:
+-UI_get_method 645 1_1_0 EXIST::FUNCTION:
++UI_get_method 645 1_1_0 EXIST::FUNCTION:UI
+ CONF_modules_unload 646 1_1_0 EXIST::FUNCTION:
+ CRYPTO_ccm128_encrypt_ccm64 647 1_1_0 EXIST::FUNCTION:
+ CRYPTO_secure_malloc_init 648 1_1_0 EXIST::FUNCTION:
+@@ -668,12 +668,12 @@ TS_RESP_verify_token 652 1_1_0 EXIST::FUNCTION:TS
+ PEM_read_bio_CMS 653 1_1_0 EXIST::FUNCTION:CMS
+ PEM_get_EVP_CIPHER_INFO 654 1_1_0 EXIST::FUNCTION:
+ X509V3_EXT_print 655 1_1_0 EXIST::FUNCTION:
+-i2d_OCSP_SINGLERESP 656 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_SINGLERESP 656 1_1_0 EXIST::FUNCTION:OCSP
+ ESS_CERT_ID_free 657 1_1_0 EXIST::FUNCTION:TS
+ PEM_SignInit 658 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_CTX_set_key_length 659 1_1_0 EXIST::FUNCTION:
+ X509_delete_ext 660 1_1_0 EXIST::FUNCTION:
+-OCSP_resp_get0_produced_at 661 1_1_0 EXIST::FUNCTION:
++OCSP_resp_get0_produced_at 661 1_1_0 EXIST::FUNCTION:OCSP
+ IDEA_encrypt 662 1_1_0 EXIST::FUNCTION:IDEA
+ CRYPTO_nistcts128_encrypt_block 663 1_1_0 EXIST::FUNCTION:
+ EVP_MD_do_all 664 1_1_0 EXIST::FUNCTION:
+@@ -686,8 +686,8 @@ PKCS5_pbe_set0_algor 670 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_table_flags 671 1_1_0 EXIST::FUNCTION:ENGINE
+ PKCS12_MAC_DATA_new 672 1_1_0 EXIST::FUNCTION:
+ X509_chain_up_ref 673 1_1_0 EXIST::FUNCTION:
+-OCSP_REQINFO_it 674 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_REQINFO_it 674 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_REQINFO_it 674 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_REQINFO_it 674 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ PKCS12_add_localkeyid 675 1_1_0 EXIST::FUNCTION:
+ PKCS12_SAFEBAG_get0_type 676 1_1_0 EXIST::FUNCTION:
+ X509_TRUST_set_default 677 1_1_0 EXIST::FUNCTION:
+@@ -704,11 +704,11 @@ AES_ige_encrypt 686 1_1_0 EXIST::FUNCTION:
+ d2i_SXNET 687 1_1_0 EXIST::FUNCTION:
+ CTLOG_get0_log_id 688 1_1_0 EXIST::FUNCTION:CT
+ CMS_RecipientInfo_ktri_get0_signer_id 689 1_1_0 EXIST::FUNCTION:CMS
+-OCSP_REQUEST_add1_ext_i2d 690 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_add1_ext_i2d 690 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_PBE_CipherInit 691 1_1_0 EXIST::FUNCTION:
+ DSA_dup_DH 692 1_1_0 EXIST::FUNCTION:DH,DSA
+ CONF_imodule_get_value 693 1_1_0 EXIST::FUNCTION:
+-OCSP_id_issuer_cmp 694 1_1_0 EXIST::FUNCTION:
++OCSP_id_issuer_cmp 694 1_1_0 EXIST::FUNCTION:OCSP
+ ASN1_INTEGER_free 695 1_1_0 EXIST::FUNCTION:
+ BN_get0_nist_prime_224 696 1_1_0 EXIST::FUNCTION:
+ OPENSSL_isservice 697 1_1_0 EXIST::FUNCTION:
+@@ -734,9 +734,9 @@ PKCS7_add_signature 716 1_1_0 EXIST::FUNCTION:
+ OBJ_ln2nid 717 1_1_0 EXIST::FUNCTION:
+ CRYPTO_128_unwrap 718 1_1_0 EXIST::FUNCTION:
+ BIO_new_PKCS7 719 1_1_0 EXIST::FUNCTION:
+-UI_get0_user_data 720 1_1_0 EXIST::FUNCTION:
++UI_get0_user_data 720 1_1_0 EXIST::FUNCTION:UI
+ TS_RESP_get_token 721 1_1_0 EXIST::FUNCTION:TS
+-OCSP_RESPID_new 722 1_1_0 EXIST::FUNCTION:
++OCSP_RESPID_new 722 1_1_0 EXIST::FUNCTION:OCSP
+ ASN1_SET_ANY_it 723 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ ASN1_SET_ANY_it 723 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ d2i_TS_RESP_bio 724 1_1_0 EXIST::FUNCTION:TS
+@@ -746,22 +746,22 @@ EC_POINT_hex2point 727 1_1_0 EXIST::FUNCTION:EC
+ X509v3_get_ext_by_critical 728 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_default_RSA 729 1_1_0 EXIST::FUNCTION:ENGINE
+ DSA_sign_setup 730 1_1_0 EXIST::FUNCTION:DSA
+-sk_new_null 731 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_new_null 731 1_1_0 EXIST::FUNCTION:
+ PEM_read_PKCS8 732 1_1_0 EXIST::FUNCTION:
+ BN_mod_sqr 733 1_1_0 EXIST::FUNCTION:
+ CAST_ofb64_encrypt 734 1_1_0 EXIST::FUNCTION:CAST
+ TXT_DB_write 735 1_1_0 EXIST::FUNCTION:
+-OCSP_REQUEST_get1_ext_d2i 736 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_get1_ext_d2i 736 1_1_0 EXIST::FUNCTION:OCSP
+ CMS_unsigned_add1_attr_by_NID 737 1_1_0 EXIST::FUNCTION:CMS
+ BN_mod_exp_mont 738 1_1_0 EXIST::FUNCTION:
+ d2i_DHxparams 739 1_1_0 EXIST::FUNCTION:DH
+ DH_size 740 1_1_0 EXIST::FUNCTION:DH
+ CONF_imodule_get_name 741 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_pkey_meth_engine 742 1_1_0 EXIST::FUNCTION:ENGINE
+-OCSP_BASICRESP_free 743 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_free 743 1_1_0 EXIST::FUNCTION:OCSP
+ BN_set_params 744 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_0_9_8
+ BN_add 745 1_1_0 EXIST::FUNCTION:
+-sk_free 746 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_free 746 1_1_0 EXIST::FUNCTION:
+ TS_TST_INFO_get_ext_d2i 747 1_1_0 EXIST::FUNCTION:TS
+ RSA_check_key 748 1_1_0 EXIST::FUNCTION:RSA
+ TS_MSG_IMPRINT_set_algo 749 1_1_0 EXIST::FUNCTION:TS
+@@ -774,22 +774,22 @@ EVP_CIPHER_meth_set_cleanup 755 1_1_0 EXIST::FUNCTION:
+ d2i_PKCS12_SAFEBAG 756 1_1_0 EXIST::FUNCTION:
+ EVP_MD_pkey_type 757 1_1_0 EXIST::FUNCTION:
+ X509_policy_node_get0_qualifiers 758 1_1_0 EXIST::FUNCTION:
+-OCSP_cert_status_str 759 1_1_0 EXIST::FUNCTION:
++OCSP_cert_status_str 759 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_MD_meth_get_flags 760 1_1_0 EXIST::FUNCTION:
+ ASN1_ENUMERATED_set 761 1_1_0 EXIST::FUNCTION:
+-UI_UTIL_read_pw 762 1_1_0 EXIST::FUNCTION:
++UI_UTIL_read_pw 762 1_1_0 EXIST::FUNCTION:UI
+ PKCS7_ENC_CONTENT_free 763 1_1_0 EXIST::FUNCTION:
+ CMS_RecipientInfo_type 764 1_1_0 EXIST::FUNCTION:CMS
+-OCSP_BASICRESP_get_ext 765 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_get_ext 765 1_1_0 EXIST::FUNCTION:OCSP
+ BN_lebin2bn 766 1_1_0 EXIST::FUNCTION:
+ AES_decrypt 767 1_1_0 EXIST::FUNCTION:
+ BIO_fd_should_retry 768 1_1_0 EXIST::FUNCTION:
+ ASN1_STRING_new 769 1_1_0 EXIST::FUNCTION:
+ ENGINE_init 770 1_1_0 EXIST::FUNCTION:ENGINE
+ TS_RESP_CTX_add_flags 771 1_1_0 EXIST::FUNCTION:TS
+-BIO_gethostbyname 772 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0
++BIO_gethostbyname 772 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK
+ X509V3_EXT_add 773 1_1_0 EXIST::FUNCTION:
+-UI_add_verify_string 774 1_1_0 EXIST::FUNCTION:
++UI_add_verify_string 774 1_1_0 EXIST::FUNCTION:UI
+ EVP_rc5_32_12_16_cfb64 775 1_1_0 EXIST::FUNCTION:RC5
+ PKCS7_dataVerify 776 1_1_0 EXIST::FUNCTION:
+ PKCS7_SIGNER_INFO_free 777 1_1_0 EXIST::FUNCTION:
+@@ -834,7 +834,7 @@ EVP_PKEY_set1_EC_KEY 815 1_1_0 EXIST::FUNCTION:EC
+ ECPKParameters_print_fp 816 1_1_0 EXIST::FUNCTION:EC,STDIO
+ GENERAL_SUBTREE_free 817 1_1_0 EXIST::FUNCTION:
+ RSA_blinding_off 818 1_1_0 EXIST::FUNCTION:RSA
+-i2d_OCSP_REVOKEDINFO 819 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_REVOKEDINFO 819 1_1_0 EXIST::FUNCTION:OCSP
+ X509V3_add_standard_extensions 820 1_1_0 EXIST::FUNCTION:
+ PEM_write_bio_RSA_PUBKEY 821 1_1_0 EXIST::FUNCTION:RSA
+ i2d_ASN1_UTF8STRING 822 1_1_0 EXIST::FUNCTION:
+@@ -842,10 +842,10 @@ TS_REQ_delete_ext 823 1_1_0 EXIST::FUNCTION:TS
+ PKCS7_DIGEST_free 824 1_1_0 EXIST::FUNCTION:
+ OBJ_nid2ln 825 1_1_0 EXIST::FUNCTION:
+ COMP_CTX_new 826 1_1_0 EXIST::FUNCTION:COMP
+-BIO_ADDR_family 827 1_1_0 EXIST::FUNCTION:
+-OCSP_RESPONSE_it 828 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_RESPONSE_it 828 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+-BIO_ADDRINFO_socktype 829 1_1_0 EXIST::FUNCTION:
++BIO_ADDR_family 827 1_1_0 EXIST::FUNCTION:SOCK
++OCSP_RESPONSE_it 828 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_RESPONSE_it 828 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
++BIO_ADDRINFO_socktype 829 1_1_0 EXIST::FUNCTION:SOCK
+ d2i_X509_REQ_bio 830 1_1_0 EXIST::FUNCTION:
+ EVP_PBE_cleanup 831 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get0_current_crl 832 1_1_0 EXIST::FUNCTION:
+@@ -854,13 +854,13 @@ EVP_PKEY_paramgen 834 1_1_0 EXIST::FUNCTION:
+ PEM_write_PKCS8PrivateKey_nid 835 1_1_0 EXIST::FUNCTION:STDIO
+ PKCS7_ATTR_VERIFY_it 836 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKCS7_ATTR_VERIFY_it 836 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+-OCSP_response_status_str 837 1_1_0 EXIST::FUNCTION:
++OCSP_response_status_str 837 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_gcm128_new 838 1_1_0 EXIST::FUNCTION:
+ SMIME_read_PKCS7 839 1_1_0 EXIST::FUNCTION:
+ EC_GROUP_copy 840 1_1_0 EXIST::FUNCTION:EC
+ ENGINE_set_ciphers 841 1_1_0 EXIST::FUNCTION:ENGINE
+-lh_doall_arg 842 1_1_0 EXIST::FUNCTION:
+-OCSP_REQUEST_get_ext_by_NID 843 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_doall_arg 842 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_get_ext_by_NID 843 1_1_0 EXIST::FUNCTION:OCSP
+ X509_REQ_get_attr_by_NID 844 1_1_0 EXIST::FUNCTION:
+ PBE2PARAM_new 845 1_1_0 EXIST::FUNCTION:
+ DES_ecb_encrypt 846 1_1_0 EXIST::FUNCTION:DES
+@@ -881,12 +881,12 @@ TXT_DB_insert 860 1_1_0 EXIST::FUNCTION:
+ EC_POINTs_make_affine 861 1_1_0 EXIST::FUNCTION:EC
+ RSA_padding_add_PKCS1_PSS 862 1_1_0 EXIST::FUNCTION:RSA
+ BF_options 863 1_1_0 EXIST::FUNCTION:BF
+-OCSP_BASICRESP_it 864 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_BASICRESP_it 864 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_BASICRESP_it 864 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_BASICRESP_it 864 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ X509_VERIFY_PARAM_get0_name 865 1_1_0 EXIST::FUNCTION:
+ TS_RESP_CTX_set_signer_digest 866 1_1_0 EXIST::FUNCTION:TS
+ X509_VERIFY_PARAM_set1_email 867 1_1_0 EXIST::FUNCTION:
+-BIO_sock_error 868 1_1_0 EXIST::FUNCTION:
++BIO_sock_error 868 1_1_0 EXIST::FUNCTION:SOCK
+ RSA_set_default_method 869 1_1_0 EXIST::FUNCTION:RSA
+ BN_GF2m_mod_sqrt_arr 870 1_1_0 EXIST::FUNCTION:EC2M
+ X509_get0_extensions 871 1_1_0 EXIST::FUNCTION:
+@@ -920,10 +920,10 @@ EVP_bf_cfb64 896 1_1_0 EXIST::FUNCTION:BF
+ PKCS7_sign_add_signer 897 1_1_0 EXIST::FUNCTION:
+ X509_print_ex 898 1_1_0 EXIST::FUNCTION:
+ PKCS7_add_recipient 899 1_1_0 EXIST::FUNCTION:
+-OCSP_SINGLERESP_add_ext 900 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_add_ext 900 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_X509_SIG 901 1_1_0 EXIST::FUNCTION:
+ X509_NAME_set 902 1_1_0 EXIST::FUNCTION:
+-sk_pop 903 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_pop 903 1_1_0 EXIST::FUNCTION:
+ ENGINE_register_ciphers 904 1_1_0 EXIST::FUNCTION:ENGINE
+ PKCS5_pbe2_set_iv 905 1_1_0 EXIST::FUNCTION:
+ ASN1_add_stable_module 906 1_1_0 EXIST::FUNCTION:
+@@ -935,7 +935,7 @@ DES_encrypt1 911 1_1_0 EXIST::FUNCTION:DES
+ BN_mod_lshift1_quick 912 1_1_0 EXIST::FUNCTION:
+ BN_get_rfc3526_prime_6144 913 1_1_0 EXIST::FUNCTION:
+ OBJ_obj2txt 914 1_1_0 EXIST::FUNCTION:
+-UI_set_result 915 1_1_0 EXIST::FUNCTION:
++UI_set_result 915 1_1_0 EXIST::FUNCTION:UI
+ EVP_EncodeUpdate 916 1_1_0 EXIST::FUNCTION:
+ PEM_write_bio_X509_CRL 917 1_1_0 EXIST::FUNCTION:
+ BN_cmp 918 1_1_0 EXIST::FUNCTION:
+@@ -977,7 +977,7 @@ ASN1_PRINTABLE_it 951 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:F
+ EVP_VerifyFinal 952 1_1_0 EXIST::FUNCTION:
+ TS_ASN1_INTEGER_print_bio 953 1_1_0 EXIST::FUNCTION:TS
+ X509_NAME_ENTRY_set_object 954 1_1_0 EXIST::FUNCTION:
+-BIO_s_socket 955 1_1_0 EXIST::FUNCTION:
++BIO_s_socket 955 1_1_0 EXIST::FUNCTION:SOCK
+ EVP_rc5_32_12_16_ecb 956 1_1_0 EXIST::FUNCTION:RC5
+ i2d_PKCS8_bio 957 1_1_0 EXIST::FUNCTION:
+ v2i_ASN1_BIT_STRING 958 1_1_0 EXIST::FUNCTION:
+@@ -1000,7 +1000,7 @@ d2i_DSAPublicKey 972 1_1_0 EXIST::FUNCTION:DSA
+ ENGINE_get_name 973 1_1_0 EXIST::FUNCTION:ENGINE
+ CRYPTO_THREAD_read_lock 974 1_1_0 EXIST::FUNCTION:
+ ASIdentifierChoice_free 975 1_1_0 EXIST::FUNCTION:RFC3779
+-BIO_dgram_sctp_msg_waiting 976 1_1_0 EXIST::FUNCTION:SCTP
++BIO_dgram_sctp_msg_waiting 976 1_1_0 EXIST::FUNCTION:DGRAM,SCTP
+ CRYPTO_get_dynlock_value 977 1_1_0 NOEXIST::FUNCTION:
+ BN_is_bit_set 978 1_1_0 EXIST::FUNCTION:
+ AES_ofb128_encrypt 979 1_1_0 EXIST::FUNCTION:
+@@ -1015,7 +1015,7 @@ ISSUING_DIST_POINT_free 987 1_1_0 EXIST::FUNCTION:
+ ASN1_UTCTIME_free 988 1_1_0 EXIST::FUNCTION:
+ ERR_load_TS_strings 989 1_1_0 EXIST::FUNCTION:TS
+ BN_nist_mod_func 990 1_1_0 EXIST::FUNCTION:
+-OCSP_ONEREQ_new 991 1_1_0 EXIST::FUNCTION:
++OCSP_ONEREQ_new 991 1_1_0 EXIST::FUNCTION:OCSP
+ DSA_SIG_new 992 1_1_0 EXIST::FUNCTION:DSA
+ DH_get_default_method 993 1_1_0 EXIST::FUNCTION:DH
+ PEM_proc_type 994 1_1_0 EXIST::FUNCTION:
+@@ -1028,11 +1028,11 @@ ASN1_BIT_STRING_it 1000 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION
+ ASN1_BIT_STRING_it 1000 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ PKCS12_decrypt_skey 1001 1_1_0 EXIST::FUNCTION:
+ ENGINE_register_EC 1002 1_1_0 EXIST::FUNCTION:ENGINE
+-OCSP_RESPONSE_new 1003 1_1_0 EXIST::FUNCTION:
++OCSP_RESPONSE_new 1003 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_cbc128_encrypt 1004 1_1_0 EXIST::FUNCTION:
+ i2d_RSAPublicKey_bio 1005 1_1_0 EXIST::FUNCTION:RSA
+ X509_chain_check_suiteb 1006 1_1_0 EXIST::FUNCTION:
+-i2d_OCSP_REQUEST 1007 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_REQUEST 1007 1_1_0 EXIST::FUNCTION:OCSP
+ BN_X931_generate_Xpq 1008 1_1_0 EXIST::FUNCTION:
+ ASN1_item_digest 1009 1_1_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_set_trust 1010 1_1_0 EXIST::FUNCTION:
+@@ -1043,13 +1043,13 @@ ASN1_UTCTIME_it 1013 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:
+ i2d_DSA_PUBKEY_fp 1014 1_1_0 EXIST::FUNCTION:DSA,STDIO
+ X509at_get_attr_by_OBJ 1015 1_1_0 EXIST::FUNCTION:
+ EVP_MD_CTX_copy_ex 1016 1_1_0 EXIST::FUNCTION:
+-UI_dup_error_string 1017 1_1_0 EXIST::FUNCTION:
+-lh_num_items 1018 1_1_0 EXIST::FUNCTION:
++UI_dup_error_string 1017 1_1_0 EXIST::FUNCTION:UI
++OPENSSL_LH_num_items 1018 1_1_0 EXIST::FUNCTION:
+ ERR_get_err_state_table 1019 1_1_0 NOEXIST::FUNCTION:
+ ASN1_INTEGER_cmp 1020 1_1_0 EXIST::FUNCTION:
+ X509_NAME_entry_count 1021 1_1_0 EXIST::FUNCTION:
+-UI_method_set_closer 1022 1_1_0 EXIST::FUNCTION:
+-lh_get_down_load 1023 1_1_0 EXIST::FUNCTION:
++UI_method_set_closer 1022 1_1_0 EXIST::FUNCTION:UI
++OPENSSL_LH_get_down_load 1023 1_1_0 EXIST::FUNCTION:
+ EVP_md4 1024 1_1_0 EXIST::FUNCTION:MD4
+ X509_set_subject_name 1025 1_1_0 EXIST::FUNCTION:
+ i2d_PKCS8PrivateKey_nid_bio 1026 1_1_0 EXIST::FUNCTION:
+@@ -1069,7 +1069,7 @@ TS_REQ_set_msg_imprint 1037 1_1_0 EXIST::FUNCTION:TS
+ BN_mod_sub_quick 1038 1_1_0 EXIST::FUNCTION:
+ SMIME_write_CMS 1039 1_1_0 EXIST::FUNCTION:CMS
+ i2d_DSAPublicKey 1040 1_1_0 EXIST::FUNCTION:DSA
+-DES_enc_write 1041 1_1_0 EXIST::FUNCTION:DES
++DES_enc_write 1041 1_1_0 NOEXIST::FUNCTION:
+ SMIME_text 1042 1_1_0 EXIST::FUNCTION:
+ PKCS7_add_recipient_info 1043 1_1_0 EXIST::FUNCTION:
+ BN_get_word 1044 1_1_0 EXIST::FUNCTION:
+@@ -1103,7 +1103,7 @@ X509_EXTENSION_set_data 1071 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_EC 1072 1_1_0 EXIST::FUNCTION:ENGINE
+ ASN1_STRING_copy 1073 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_encrypt_old 1074 1_1_0 EXIST::FUNCTION:
+-lh_free 1075 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_free 1075 1_1_0 EXIST::FUNCTION:
+ DES_is_weak_key 1076 1_1_0 EXIST::FUNCTION:DES
+ EVP_PKEY_verify 1077 1_1_0 EXIST::FUNCTION:
+ ERR_load_BIO_strings 1078 1_1_0 EXIST::FUNCTION:
+@@ -1125,7 +1125,7 @@ X509_print_ex_fp 1093 1_1_0 EXIST::FUNCTION:STDIO
+ ERR_load_PEM_strings 1094 1_1_0 EXIST::FUNCTION:
+ ENGINE_unregister_pkey_asn1_meths 1095 1_1_0 EXIST::FUNCTION:ENGINE
+ IPAddressFamily_free 1096 1_1_0 EXIST::FUNCTION:RFC3779
+-UI_method_get_prompt_constructor 1097 1_1_0 EXIST::FUNCTION:
++UI_method_get_prompt_constructor 1097 1_1_0 EXIST::FUNCTION:UI
+ ASN1_NULL_it 1098 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ ASN1_NULL_it 1098 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ X509_REQ_get_pubkey 1099 1_1_0 EXIST::FUNCTION:
+@@ -1160,7 +1160,7 @@ CRYPTO_cts128_encrypt 1126 1_1_0 EXIST::FUNCTION:
+ RC2_encrypt 1127 1_1_0 EXIST::FUNCTION:RC2
+ PEM_write 1128 1_1_0 EXIST::FUNCTION:STDIO
+ EVP_CIPHER_meth_get_get_asn1_params 1129 1_1_0 EXIST::FUNCTION:
+-i2d_OCSP_RESPBYTES 1130 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_RESPBYTES 1130 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_ASN1_UTF8STRING 1131 1_1_0 EXIST::FUNCTION:
+ EXTENDED_KEY_USAGE_it 1132 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ EXTENDED_KEY_USAGE_it 1132 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+@@ -1175,8 +1175,8 @@ ASN1_STRING_set_by_NID 1140 1_1_0 EXIST::FUNCTION:
+ PEM_write_bio_PKCS7 1141 1_1_0 EXIST::FUNCTION:
+ MDC2_Final 1142 1_1_0 EXIST::FUNCTION:MDC2
+ SMIME_crlf_copy 1143 1_1_0 EXIST::FUNCTION:
+-OCSP_REQUEST_get_ext_count 1144 1_1_0 EXIST::FUNCTION:
+-OCSP_REQ_CTX_new 1145 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_get_ext_count 1144 1_1_0 EXIST::FUNCTION:OCSP
++OCSP_REQ_CTX_new 1145 1_1_0 EXIST::FUNCTION:OCSP
+ X509_load_cert_crl_file 1146 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_new_mac_key 1147 1_1_0 EXIST::FUNCTION:
+ DIST_POINT_new 1148 1_1_0 EXIST::FUNCTION:
+@@ -1187,7 +1187,7 @@ X509_STORE_CTX_set0_param 1152 1_1_0 EXIST::FUNCTION:
+ DES_check_key_parity 1153 1_1_0 EXIST::FUNCTION:DES
+ EVP_aes_256_ocb 1154 1_1_0 EXIST::FUNCTION:OCB
+ X509_VAL_free 1155 1_1_0 EXIST::FUNCTION:
+-X509_STORE_get1_certs 1156 1_1_0 EXIST::FUNCTION:
++X509_STORE_CTX_get1_certs 1156 1_1_0 EXIST::FUNCTION:
+ PEM_write_RSA_PUBKEY 1157 1_1_0 EXIST::FUNCTION:RSA
+ PKCS12_SAFEBAG_get0_p8inf 1158 1_1_0 EXIST::FUNCTION:
+ X509_CRL_set_issuer_name 1159 1_1_0 EXIST::FUNCTION:
+@@ -1211,7 +1211,7 @@ SHA256 1175 1_1_0 EXIST::FUNCTION:
+ X509_LOOKUP_hash_dir 1176 1_1_0 EXIST::FUNCTION:
+ ASN1_BIT_STRING_check 1177 1_1_0 EXIST::FUNCTION:
+ ENGINE_set_default_RAND 1178 1_1_0 EXIST::FUNCTION:ENGINE
+-BIO_connect 1179 1_1_0 EXIST::FUNCTION:
++BIO_connect 1179 1_1_0 EXIST::FUNCTION:SOCK
+ TS_TST_INFO_add_ext 1180 1_1_0 EXIST::FUNCTION:TS
+ EVP_aes_192_ccm 1181 1_1_0 EXIST::FUNCTION:
+ X509V3_add_value 1182 1_1_0 EXIST::FUNCTION:
+@@ -1241,7 +1241,7 @@ OPENSSL_uni2asc 1205 1_1_0 EXIST::FUNCTION:
+ SCT_validation_status_string 1206 1_1_0 EXIST::FUNCTION:CT
+ PKCS7_add_attribute 1207 1_1_0 EXIST::FUNCTION:
+ ENGINE_register_DSA 1208 1_1_0 EXIST::FUNCTION:ENGINE
+-lh_node_stats 1209 1_1_0 EXIST::FUNCTION:STDIO
++OPENSSL_LH_node_stats 1209 1_1_0 EXIST::FUNCTION:STDIO
+ X509_policy_tree_free 1210 1_1_0 EXIST::FUNCTION:
+ EC_GFp_simple_method 1211 1_1_0 EXIST::FUNCTION:EC
+ X509_it 1212 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+@@ -1251,10 +1251,10 @@ MDC2_Update 1214 1_1_0 EXIST::FUNCTION:MDC2
+ EC_KEY_new_by_curve_name 1215 1_1_0 EXIST::FUNCTION:EC
+ X509_CRL_free 1216 1_1_0 EXIST::FUNCTION:
+ i2d_PKCS7_SIGN_ENVELOPE 1217 1_1_0 EXIST::FUNCTION:
+-OCSP_CERTSTATUS_it 1218 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_CERTSTATUS_it 1218 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_CERTSTATUS_it 1218 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_CERTSTATUS_it 1218 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ BIO_f_reliable 1219 1_1_0 EXIST::FUNCTION:
+-OCSP_resp_count 1220 1_1_0 EXIST::FUNCTION:
++OCSP_resp_count 1220 1_1_0 EXIST::FUNCTION:OCSP
+ i2d_X509_AUX 1221 1_1_0 EXIST::FUNCTION:
+ RSA_verify_PKCS1_PSS_mgf1 1222 1_1_0 EXIST::FUNCTION:RSA
+ X509_time_adj 1223 1_1_0 EXIST::FUNCTION:
+@@ -1288,12 +1288,12 @@ OPENSSL_DIR_read 1250 1_1_0 EXIST::FUNCTION:
+ CMS_add_smimecap 1251 1_1_0 EXIST::FUNCTION:CMS
+ X509_check_email 1252 1_1_0 EXIST::FUNCTION:
+ CRYPTO_cts128_decrypt_block 1253 1_1_0 EXIST::FUNCTION:
+-UI_method_get_opener 1254 1_1_0 EXIST::FUNCTION:
++UI_method_get_opener 1254 1_1_0 EXIST::FUNCTION:UI
+ EVP_aes_192_gcm 1255 1_1_0 EXIST::FUNCTION:
+ TS_CONF_set_tsa_name 1256 1_1_0 EXIST::FUNCTION:TS
+ X509_email_free 1257 1_1_0 EXIST::FUNCTION:
+ BIO_get_callback 1258 1_1_0 EXIST::FUNCTION:
+-sk_shift 1259 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_shift 1259 1_1_0 EXIST::FUNCTION:
+ i2d_X509_REVOKED 1260 1_1_0 EXIST::FUNCTION:
+ CMS_sign 1261 1_1_0 EXIST::FUNCTION:CMS
+ X509_STORE_add_cert 1262 1_1_0 EXIST::FUNCTION:
+@@ -1319,15 +1319,15 @@ ASN1_TIME_free 1281 1_1_0 EXIST::FUNCTION:
+ i2o_SCT_LIST 1282 1_1_0 EXIST::FUNCTION:CT
+ AES_encrypt 1283 1_1_0 EXIST::FUNCTION:
+ MD5_Init 1284 1_1_0 EXIST::FUNCTION:MD5
+-UI_add_error_string 1285 1_1_0 EXIST::FUNCTION:
++UI_add_error_string 1285 1_1_0 EXIST::FUNCTION:UI
+ X509_TRUST_cleanup 1286 1_1_0 EXIST::FUNCTION:
+ PEM_read_X509 1287 1_1_0 EXIST::FUNCTION:
+ EC_KEY_new_method 1288 1_1_0 EXIST::FUNCTION:EC
+ i2d_RSAPublicKey_fp 1289 1_1_0 EXIST::FUNCTION:RSA,STDIO
+ CRYPTO_ctr128_encrypt_ctr32 1290 1_1_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_move_peername 1291 1_1_0 EXIST::FUNCTION:
+-OCSP_SINGLERESP_it 1292 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_SINGLERESP_it 1292 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_SINGLERESP_it 1292 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_SINGLERESP_it 1292 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ BN_num_bits 1293 1_1_0 EXIST::FUNCTION:
+ X509_CRL_METHOD_free 1294 1_1_0 EXIST::FUNCTION:
+ PEM_read_NETSCAPE_CERT_SEQUENCE 1295 1_1_0 EXIST::FUNCTION:
+@@ -1342,11 +1342,11 @@ BN_rshift1 1303 1_1_0 EXIST::FUNCTION:
+ i2d_PKCS7_ENVELOPE 1304 1_1_0 EXIST::FUNCTION:
+ PBKDF2PARAM_it 1305 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PBKDF2PARAM_it 1305 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+-UI_get_result_maxsize 1306 1_1_0 EXIST::FUNCTION:
++UI_get_result_maxsize 1306 1_1_0 EXIST::FUNCTION:UI
+ PBEPARAM_it 1307 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PBEPARAM_it 1307 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ TS_ACCURACY_set_seconds 1308 1_1_0 EXIST::FUNCTION:TS
+-UI_get0_action_string 1309 1_1_0 EXIST::FUNCTION:
++UI_get0_action_string 1309 1_1_0 EXIST::FUNCTION:UI
+ RC2_decrypt 1310 1_1_0 EXIST::FUNCTION:RC2
+ OPENSSL_atexit 1311 1_1_0 EXIST::FUNCTION:
+ CMS_add_standard_smimecap 1312 1_1_0 EXIST::FUNCTION:CMS
+@@ -1359,7 +1359,7 @@ RAND_event 1318 1_1_0 EXIST:WIN32:FUNCTION:
+ i2d_PKCS12_fp 1319 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_get_init 1320 1_1_0 EXIST::FUNCTION:
+ X509_check_trust 1321 1_1_0 EXIST::FUNCTION:
+-b2i_PrivateKey 1322 1_1_0 EXIST::FUNCTION:
++b2i_PrivateKey 1322 1_1_0 EXIST::FUNCTION:DSA
+ HMAC_Init_ex 1323 1_1_0 EXIST::FUNCTION:
+ SMIME_read_CMS 1324 1_1_0 EXIST::FUNCTION:CMS
+ X509_subject_name_cmp 1325 1_1_0 EXIST::FUNCTION:
+@@ -1387,8 +1387,8 @@ PEM_write_bio_CMS_stream 1345 1_1_0 EXIST::FUNCTION:CMS
+ BIO_f_linebuffer 1346 1_1_0 EXIST::FUNCTION:
+ ASN1_item_d2i_bio 1347 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_flags 1348 1_1_0 EXIST::FUNCTION:ENGINE
+-OCSP_resp_find 1349 1_1_0 EXIST::FUNCTION:
+-lh_node_usage_stats_bio 1350 1_1_0 EXIST::FUNCTION:
++OCSP_resp_find 1349 1_1_0 EXIST::FUNCTION:OCSP
++OPENSSL_LH_node_usage_stats_bio 1350 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_encrypt 1351 1_1_0 EXIST::FUNCTION:
+ CRYPTO_cfb128_8_encrypt 1352 1_1_0 EXIST::FUNCTION:
+ SXNET_get_id_INTEGER 1353 1_1_0 EXIST::FUNCTION:
+@@ -1407,11 +1407,10 @@ ASN1_SCTX_get_app_data 1365 1_1_0 EXIST::FUNCTION:
+ X509_get_default_cert_file_env 1366 1_1_0 EXIST::FUNCTION:
+ X509v3_addr_validate_resource_set 1367 1_1_0 EXIST::FUNCTION:RFC3779
+ d2i_X509_VAL 1368 1_1_0 EXIST::FUNCTION:
+-_shadow_DES_rw_mode 1369 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES
+-_shadow_DES_rw_mode 1369 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES
++_shadow_DES_rw_mode 1369 1_1_0 NOEXIST::FUNCTION:
+ CRYPTO_gcm128_decrypt_ctr32 1370 1_1_0 EXIST::FUNCTION:
+ DHparams_print 1371 1_1_0 EXIST::FUNCTION:DH
+-sk_unshift 1372 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_unshift 1372 1_1_0 EXIST::FUNCTION:
+ BN_GENCB_set_old 1373 1_1_0 EXIST::FUNCTION:
+ PEM_write_bio_X509 1374 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_asn1_free 1375 1_1_0 EXIST::FUNCTION:
+@@ -1421,13 +1420,13 @@ PROXY_CERT_INFO_EXTENSION_it 1377 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:
+ CT_POLICY_EVAL_CTX_set0_cert 1378 1_1_0 EXIST::FUNCTION:CT
+ X509_NAME_hash 1379 1_1_0 EXIST::FUNCTION:
+ SCT_set_timestamp 1380 1_1_0 EXIST::FUNCTION:CT
+-UI_new 1381 1_1_0 EXIST::FUNCTION:
++UI_new 1381 1_1_0 EXIST::FUNCTION:UI
+ TS_REQ_get_msg_imprint 1382 1_1_0 EXIST::FUNCTION:TS
+ i2d_PKCS12_BAGS 1383 1_1_0 EXIST::FUNCTION:
+ RSA_memory_lock 1384 1_1_0 EXIST::FUNCTION:RSA
+ CERTIFICATEPOLICIES_free 1385 1_1_0 EXIST::FUNCTION:
+ X509V3_get_section 1386 1_1_0 EXIST::FUNCTION:
+-BIO_parse_hostserv 1387 1_1_0 EXIST::FUNCTION:
++BIO_parse_hostserv 1387 1_1_0 EXIST::FUNCTION:SOCK
+ EVP_PKEY_meth_set_cleanup 1388 1_1_0 EXIST::FUNCTION:
+ PROXY_CERT_INFO_EXTENSION_free 1389 1_1_0 EXIST::FUNCTION:
+ X509_dup 1390 1_1_0 EXIST::FUNCTION:
+@@ -1442,7 +1441,7 @@ PEM_read_bio_PrivateKey 1398 1_1_0 EXIST::FUNCTION:
+ d2i_PKCS7_ENCRYPT 1399 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_CTX_ctrl 1400 1_1_0 EXIST::FUNCTION:
+ X509_REQ_set_pubkey 1401 1_1_0 EXIST::FUNCTION:
+-UI_create_method 1402 1_1_0 EXIST::FUNCTION:
++UI_create_method 1402 1_1_0 EXIST::FUNCTION:UI
+ X509_REQ_add_extensions_nid 1403 1_1_0 EXIST::FUNCTION:
+ PEM_X509_INFO_write_bio 1404 1_1_0 EXIST::FUNCTION:
+ BIO_dump_cb 1405 1_1_0 EXIST::FUNCTION:
+@@ -1455,7 +1454,7 @@ BIO_set_ex_data 1411 1_1_0 EXIST::FUNCTION:
+ SHA512 1412 1_1_0 EXIST:!VMSVAX:FUNCTION:
+ X509_STORE_CTX_get_explicit_policy 1413 1_1_0 EXIST::FUNCTION:
+ EVP_DecodeBlock 1414 1_1_0 EXIST::FUNCTION:
+-OCSP_REQ_CTX_http 1415 1_1_0 EXIST::FUNCTION:
++OCSP_REQ_CTX_http 1415 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_MD_CTX_reset 1416 1_1_0 EXIST::FUNCTION:
+ X509_NAME_new 1417 1_1_0 EXIST::FUNCTION:
+ ASN1_item_pack 1418 1_1_0 EXIST::FUNCTION:
+@@ -1469,11 +1468,11 @@ CRYPTO_nistcts128_encrypt 1425 1_1_0 EXIST::FUNCTION:
+ CONF_modules_finish 1426 1_1_0 EXIST::FUNCTION:
+ BN_value_one 1427 1_1_0 EXIST::FUNCTION:
+ RSA_padding_add_SSLv23 1428 1_1_0 EXIST::FUNCTION:RSA
+-OCSP_RESPBYTES_it 1429 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_RESPBYTES_it 1429 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_RESPBYTES_it 1429 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_RESPBYTES_it 1429 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ EVP_aes_192_wrap 1430 1_1_0 EXIST::FUNCTION:
+-OCSP_CERTID_it 1431 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_CERTID_it 1431 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_CERTID_it 1431 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_CERTID_it 1431 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ ENGINE_get_RSA 1432 1_1_0 EXIST::FUNCTION:ENGINE
+ RAND_get_rand_method 1433 1_1_0 EXIST::FUNCTION:
+ ERR_load_DSA_strings 1434 1_1_0 EXIST::FUNCTION:DSA
+@@ -1485,7 +1484,7 @@ i2d_ECPrivateKey_bio 1439 1_1_0 EXIST::FUNCTION:EC
+ BN_GENCB_free 1440 1_1_0 EXIST::FUNCTION:
+ HMAC_size 1441 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_get0_DH 1442 1_1_0 EXIST::FUNCTION:DH
+-d2i_OCSP_CRLID 1443 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_CRLID 1443 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_CIPHER_CTX_set_padding 1444 1_1_0 EXIST::FUNCTION:
+ CTLOG_new_from_base64 1445 1_1_0 EXIST::FUNCTION:CT
+ AES_bi_ige_encrypt 1446 1_1_0 EXIST::FUNCTION:
+@@ -1496,11 +1495,11 @@ EVP_PKEY_get0_asn1 1450 1_1_0 EXIST::FUNCTION:
+ EVP_camellia_192_ctr 1451 1_1_0 EXIST::FUNCTION:CAMELLIA
+ EVP_PKEY_free 1452 1_1_0 EXIST::FUNCTION:
+ X509_ATTRIBUTE_count 1453 1_1_0 EXIST::FUNCTION:
+-BIO_new_dgram 1454 1_1_0 EXIST::FUNCTION:
++BIO_new_dgram 1454 1_1_0 EXIST::FUNCTION:DGRAM
+ CMS_RecipientInfo_kari_get0_reks 1455 1_1_0 EXIST::FUNCTION:CMS
+ BASIC_CONSTRAINTS_new 1456 1_1_0 EXIST::FUNCTION:
+ PEM_read_bio_X509_REQ 1457 1_1_0 EXIST::FUNCTION:
+-BIO_sock_init 1458 1_1_0 EXIST::FUNCTION:
++BIO_sock_init 1458 1_1_0 EXIST::FUNCTION:SOCK
+ BN_nist_mod_192 1459 1_1_0 EXIST::FUNCTION:
+ i2d_PKCS7_ISSUER_AND_SERIAL 1460 1_1_0 EXIST::FUNCTION:
+ X509V3_EXT_nconf 1461 1_1_0 EXIST::FUNCTION:
+@@ -1514,22 +1513,22 @@ i2d_PKCS7_SIGNER_INFO 1468 1_1_0 EXIST::FUNCTION:
+ EVP_get_pw_prompt 1469 1_1_0 EXIST::FUNCTION:UI
+ BN_bn2bin 1470 1_1_0 EXIST::FUNCTION:
+ d2i_ASN1_BIT_STRING 1471 1_1_0 EXIST::FUNCTION:
+-OCSP_CERTSTATUS_new 1472 1_1_0 EXIST::FUNCTION:
++OCSP_CERTSTATUS_new 1472 1_1_0 EXIST::FUNCTION:OCSP
+ ENGINE_register_RAND 1473 1_1_0 EXIST::FUNCTION:ENGINE
+ X509V3_section_free 1474 1_1_0 EXIST::FUNCTION:
+ CRYPTO_mem_debug_free 1475 1_1_0 EXIST::FUNCTION:CRYPTO_MDEBUG
+-d2i_OCSP_REQUEST 1476 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_REQUEST 1476 1_1_0 EXIST::FUNCTION:OCSP
+ ENGINE_get_cipher_engine 1477 1_1_0 EXIST::FUNCTION:ENGINE
+ SHA384_Final 1478 1_1_0 EXIST:!VMSVAX:FUNCTION:
+ TS_RESP_CTX_set_certs 1479 1_1_0 EXIST::FUNCTION:TS
+ BN_MONT_CTX_free 1480 1_1_0 EXIST::FUNCTION:
+ BN_GF2m_mod_solve_quad_arr 1481 1_1_0 EXIST::FUNCTION:EC2M
+-UI_add_input_string 1482 1_1_0 EXIST::FUNCTION:
++UI_add_input_string 1482 1_1_0 EXIST::FUNCTION:UI
+ TS_TST_INFO_get_version 1483 1_1_0 EXIST::FUNCTION:TS
+-BIO_accept_ex 1484 1_1_0 EXIST::FUNCTION:
++BIO_accept_ex 1484 1_1_0 EXIST::FUNCTION:SOCK
+ CRYPTO_get_mem_functions 1485 1_1_0 EXIST::FUNCTION:
+ PEM_read_bio 1486 1_1_0 EXIST::FUNCTION:
+-OCSP_BASICRESP_get_ext_by_critical 1487 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_get_ext_by_critical 1487 1_1_0 EXIST::FUNCTION:OCSP
+ SXNET_it 1488 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ SXNET_it 1488 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ BIO_indent 1489 1_1_0 EXIST::FUNCTION:
+@@ -1541,7 +1540,7 @@ i2d_TS_REQ_bio 1494 1_1_0 EXIST::FUNCTION:TS
+ EVP_PKEY_CTX_get_operation 1495 1_1_0 EXIST::FUNCTION:
+ EVP_MD_meth_set_ctrl 1496 1_1_0 EXIST::FUNCTION:
+ X509_EXTENSION_set_critical 1497 1_1_0 EXIST::FUNCTION:
+-BIO_ADDR_clear 1498 1_1_0 EXIST::FUNCTION:
++BIO_ADDR_clear 1498 1_1_0 EXIST::FUNCTION:SOCK
+ ENGINE_get_DSA 1499 1_1_0 EXIST::FUNCTION:ENGINE
+ ASYNC_get_wait_ctx 1500 1_1_0 EXIST::FUNCTION:
+ ENGINE_set_load_privkey_function 1501 1_1_0 EXIST::FUNCTION:ENGINE
+@@ -1553,7 +1552,7 @@ EVP_CIPHER_CTX_rand_key 1506 1_1_0 EXIST::FUNCTION:
+ AES_set_encrypt_key 1507 1_1_0 EXIST::FUNCTION:
+ ASN1_UTCTIME_new 1508 1_1_0 EXIST::FUNCTION:
+ AES_cbc_encrypt 1509 1_1_0 EXIST::FUNCTION:
+-OCSP_RESPDATA_free 1510 1_1_0 EXIST::FUNCTION:
++OCSP_RESPDATA_free 1510 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_PKEY_asn1_find 1511 1_1_0 EXIST::FUNCTION:
+ d2i_ASN1_GENERALIZEDTIME 1512 1_1_0 EXIST::FUNCTION:
+ OPENSSL_cleanup 1513 1_1_0 EXIST::FUNCTION:
+@@ -1565,7 +1564,7 @@ BIO_free 1518 1_1_0 EXIST::FUNCTION:
+ i2d_X509_ALGOR 1519 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_set0_crls 1520 1_1_0 EXIST::FUNCTION:
+ ASYNC_pause_job 1521 1_1_0 EXIST::FUNCTION:
+-OCSP_BASICRESP_new 1522 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_new 1522 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_camellia_256_ofb 1523 1_1_0 EXIST::FUNCTION:CAMELLIA
+ PKCS12_item_i2d_encrypt 1524 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_set_copy 1525 1_1_0 EXIST::FUNCTION:
+@@ -1590,13 +1589,13 @@ CMS_get0_content 1543 1_1_0 EXIST::FUNCTION:CMS
+ BN_is_word 1544 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_key_length 1545 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_asn1_to_param 1546 1_1_0 EXIST::FUNCTION:
+-OCSP_request_onereq_get0 1547 1_1_0 EXIST::FUNCTION:
++OCSP_request_onereq_get0 1547 1_1_0 EXIST::FUNCTION:OCSP
+ ERR_load_PKCS7_strings 1548 1_1_0 EXIST::FUNCTION:
+ X509_PUBKEY_get 1549 1_1_0 EXIST::FUNCTION:
+ EC_KEY_free 1550 1_1_0 EXIST::FUNCTION:EC
+ BIO_read 1551 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_get_attr_by_NID 1552 1_1_0 EXIST::FUNCTION:
+-BIO_get_accept_socket 1553 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0
++BIO_get_accept_socket 1553 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK
+ CMS_SignerInfo_sign 1554 1_1_0 EXIST::FUNCTION:CMS
+ ASN1_item_i2d_bio 1555 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_CTX_block_size 1556 1_1_0 EXIST::FUNCTION:
+@@ -1607,7 +1606,7 @@ EVP_MD_meth_set_app_datasize 1560 1_1_0 EXIST::FUNCTION:
+ DSO_free 1561 1_1_0 EXIST::FUNCTION:
+ TS_TST_INFO_get_tsa 1562 1_1_0 EXIST::FUNCTION:TS
+ EC_GROUP_check 1563 1_1_0 EXIST::FUNCTION:EC
+-sk_delete 1564 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_delete 1564 1_1_0 EXIST::FUNCTION:
+ TS_RESP_CTX_set_extension_cb 1565 1_1_0 EXIST::FUNCTION:TS
+ EVP_CIPHER_CTX_nid 1566 1_1_0 EXIST::FUNCTION:
+ TS_RESP_CTX_add_md 1567 1_1_0 EXIST::FUNCTION:TS
+@@ -1616,8 +1615,8 @@ X509V3_extensions_print 1569 1_1_0 EXIST::FUNCTION:
+ PEM_do_header 1570 1_1_0 EXIST::FUNCTION:
+ i2d_re_X509_CRL_tbs 1571 1_1_0 EXIST::FUNCTION:
+ BIO_method_name 1572 1_1_0 EXIST::FUNCTION:
+-i2d_OCSP_CRLID 1573 1_1_0 EXIST::FUNCTION:
+-OCSP_request_set1_name 1574 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_CRLID 1573 1_1_0 EXIST::FUNCTION:OCSP
++OCSP_request_set1_name 1574 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_X509_NAME_ENTRY 1575 1_1_0 EXIST::FUNCTION:
+ X509_trusted 1576 1_1_0 EXIST::FUNCTION:
+ X509_TRUST_get_flags 1577 1_1_0 EXIST::FUNCTION:
+@@ -1629,12 +1628,12 @@ X509_policy_tree_get0_user_policies 1582 1_1_0 EXIST::FUNCTION:
+ SCT_LIST_set0_logs 1583 1_1_0 NOEXIST::FUNCTION:
+ DSA_do_sign 1584 1_1_0 EXIST::FUNCTION:DSA
+ EVP_CIPHER_CTX_reset 1585 1_1_0 EXIST::FUNCTION:
+-OCSP_REVOKEDINFO_new 1586 1_1_0 EXIST::FUNCTION:
++OCSP_REVOKEDINFO_new 1586 1_1_0 EXIST::FUNCTION:OCSP
+ SRP_Verify_A_mod_N 1587 1_1_0 EXIST::FUNCTION:SRP
+ SRP_VBASE_free 1588 1_1_0 EXIST::FUNCTION:SRP
+ PKCS7_add0_attrib_signing_time 1589 1_1_0 EXIST::FUNCTION:
+ X509_STORE_set_flags 1590 1_1_0 EXIST::FUNCTION:
+-UI_get0_output_string 1591 1_1_0 EXIST::FUNCTION:
++UI_get0_output_string 1591 1_1_0 EXIST::FUNCTION:UI
+ ERR_get_error_line_data 1592 1_1_0 EXIST::FUNCTION:
+ CTLOG_get0_name 1593 1_1_0 EXIST::FUNCTION:CT
+ ASN1_TBOOLEAN_it 1594 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+@@ -1657,16 +1656,16 @@ X509_get0_pubkey_bitstr 1609 1_1_0 EXIST::FUNCTION:
+ ENGINE_register_all_RAND 1610 1_1_0 EXIST::FUNCTION:ENGINE
+ BN_BLINDING_thread_id 1611 1_1_0 NOEXIST::FUNCTION:
+ EVP_MD_meth_get_result_size 1612 1_1_0 EXIST::FUNCTION:
+-BIO_ADDRINFO_address 1613 1_1_0 EXIST::FUNCTION:
++BIO_ADDRINFO_address 1613 1_1_0 EXIST::FUNCTION:SOCK
+ ASN1_STRING_print_ex 1614 1_1_0 EXIST::FUNCTION:
+ i2d_CMS_ReceiptRequest 1615 1_1_0 EXIST::FUNCTION:CMS
+ d2i_TS_REQ_fp 1616 1_1_0 EXIST::FUNCTION:STDIO,TS
+-OCSP_REQ_CTX_i2d 1617 1_1_0 EXIST::FUNCTION:
++OCSP_REQ_CTX_i2d 1617 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_PKEY_get_default_digest_nid 1618 1_1_0 EXIST::FUNCTION:
+ ASIdOrRange_new 1619 1_1_0 EXIST::FUNCTION:RFC3779
+ ASN1_SCTX_new 1620 1_1_0 EXIST::FUNCTION:
+ X509V3_EXT_get 1621 1_1_0 EXIST::FUNCTION:
+-OCSP_id_cmp 1622 1_1_0 EXIST::FUNCTION:
++OCSP_id_cmp 1622 1_1_0 EXIST::FUNCTION:OCSP
+ NCONF_dump_bio 1623 1_1_0 EXIST::FUNCTION:
+ X509_NAME_get_entry 1624 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_get1_DH 1625 1_1_0 EXIST::FUNCTION:DH
+@@ -1677,18 +1676,18 @@ CRYPTO_ocb128_cleanup 1629 1_1_0 EXIST::FUNCTION:OCB
+ EVP_des_ede_cbc 1630 1_1_0 EXIST::FUNCTION:DES
+ i2d_ASN1_TIME 1631 1_1_0 EXIST::FUNCTION:
+ ENGINE_register_all_pkey_asn1_meths 1632 1_1_0 EXIST::FUNCTION:ENGINE
+-OCSP_set_max_response_length 1633 1_1_0 EXIST::FUNCTION:
++OCSP_set_max_response_length 1633 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_ISSUING_DIST_POINT 1634 1_1_0 EXIST::FUNCTION:
+ CMS_RecipientInfo_set0_key 1635 1_1_0 EXIST::FUNCTION:CMS
+ NCONF_new 1636 1_1_0 EXIST::FUNCTION:
+-OCSP_SINGLERESP_free 1637 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_free 1637 1_1_0 EXIST::FUNCTION:OCSP
+ PKCS7_ENCRYPT_free 1638 1_1_0 EXIST::FUNCTION:
+ i2d_DIST_POINT 1639 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_paramgen_init 1640 1_1_0 EXIST::FUNCTION:
+ TS_MSG_IMPRINT_dup 1641 1_1_0 EXIST::FUNCTION:TS
+ CMS_ContentInfo_it 1642 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS
+ CMS_ContentInfo_it 1642 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS
+-OCSP_resp_get0_signature 1643 1_1_0 EXIST::FUNCTION:
++OCSP_resp_get0_signature 1643 1_1_0 EXIST::FUNCTION:OCSP
+ X509_STORE_CTX_get1_issuer 1644 1_1_0 EXIST::FUNCTION:
+ EVP_Digest 1645 1_1_0 EXIST::FUNCTION:
+ CRYPTO_set_ex_data 1646 1_1_0 EXIST::FUNCTION:
+@@ -1718,8 +1717,8 @@ X509_ATTRIBUTE_create_by_NID 1669 1_1_0 EXIST::FUNCTION:
+ TS_VERIFY_CTX_free 1670 1_1_0 EXIST::FUNCTION:TS
+ EC_KEY_up_ref 1671 1_1_0 EXIST::FUNCTION:EC
+ EC_GROUP_get_basis_type 1672 1_1_0 EXIST::FUNCTION:EC
+-OCSP_crlID_new 1673 1_1_0 EXIST:!VMS:FUNCTION:
+-OCSP_crlID2_new 1673 1_1_0 EXIST:VMS:FUNCTION:
++OCSP_crlID_new 1673 1_1_0 EXIST:!VMS:FUNCTION:OCSP
++OCSP_crlID2_new 1673 1_1_0 EXIST:VMS:FUNCTION:OCSP
+ PEM_write_PKCS7 1674 1_1_0 EXIST::FUNCTION:
+ PKCS7_add_signer 1675 1_1_0 EXIST::FUNCTION:
+ X509_SIG_it 1676 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+@@ -1737,7 +1736,7 @@ CMS_EncryptedData_set1_key 1686 1_1_0 EXIST::FUNCTION:CMS
+ OBJ_find_sigid_by_algs 1687 1_1_0 EXIST::FUNCTION:
+ ASN1_generate_nconf 1688 1_1_0 EXIST::FUNCTION:
+ CMS_add0_recipient_password 1689 1_1_0 EXIST::FUNCTION:CMS
+-UI_get_string_type 1690 1_1_0 EXIST::FUNCTION:
++UI_get_string_type 1690 1_1_0 EXIST::FUNCTION:UI
+ PEM_read_bio_ECPrivateKey 1691 1_1_0 EXIST::FUNCTION:EC
+ EVP_PKEY_get_attr 1692 1_1_0 EXIST::FUNCTION:
+ PEM_read_bio_ECPKParameters 1693 1_1_0 EXIST::FUNCTION:EC
+@@ -1747,7 +1746,7 @@ PKCS12_SAFEBAG_get_bag_nid 1696 1_1_0 EXIST::FUNCTION:
+ TS_CONF_set_digests 1697 1_1_0 EXIST::FUNCTION:TS
+ PKCS7_SIGNED_it 1698 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKCS7_SIGNED_it 1698 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+-b2i_PublicKey 1699 1_1_0 EXIST::FUNCTION:
++b2i_PublicKey 1699 1_1_0 EXIST::FUNCTION:DSA
+ X509_PURPOSE_cleanup 1700 1_1_0 EXIST::FUNCTION:
+ ESS_SIGNING_CERT_dup 1701 1_1_0 EXIST::FUNCTION:TS
+ ENGINE_set_default_DSA 1702 1_1_0 EXIST::FUNCTION:ENGINE
+@@ -1758,7 +1757,7 @@ X509_policy_tree_get0_level 1706 1_1_0 EXIST::FUNCTION:
+ ASN1_parse_dump 1708 1_1_0 EXIST::FUNCTION:
+ BIO_vfree 1709 1_1_0 EXIST::FUNCTION:
+ CRYPTO_cbc128_decrypt 1710 1_1_0 EXIST::FUNCTION:
+-UI_dup_verify_string 1711 1_1_0 EXIST::FUNCTION:
++UI_dup_verify_string 1711 1_1_0 EXIST::FUNCTION:UI
+ d2i_PKCS7_bio 1712 1_1_0 EXIST::FUNCTION:
+ ENGINE_set_default_digests 1713 1_1_0 EXIST::FUNCTION:ENGINE
+ i2d_PublicKey 1714 1_1_0 EXIST::FUNCTION:
+@@ -1775,8 +1774,8 @@ EVP_cast5_ecb 1724 1_1_0 EXIST::FUNCTION:CAST
+ BIO_nwrite0 1725 1_1_0 EXIST::FUNCTION:
+ CAST_encrypt 1726 1_1_0 EXIST::FUNCTION:CAST
+ a2d_ASN1_OBJECT 1727 1_1_0 EXIST::FUNCTION:
+-OCSP_ONEREQ_delete_ext 1728 1_1_0 EXIST::FUNCTION:
+-UI_method_get_reader 1729 1_1_0 EXIST::FUNCTION:
++OCSP_ONEREQ_delete_ext 1728 1_1_0 EXIST::FUNCTION:OCSP
++UI_method_get_reader 1729 1_1_0 EXIST::FUNCTION:UI
+ CMS_unsigned_get_attr 1730 1_1_0 EXIST::FUNCTION:CMS
+ EVP_aes_256_cbc 1731 1_1_0 EXIST::FUNCTION:
+ X509_check_ip_asc 1732 1_1_0 EXIST::FUNCTION:
+@@ -1787,7 +1786,7 @@ EVP_ENCODE_CTX_new 1736 1_1_0 EXIST::FUNCTION:
+ BIO_f_base64 1737 1_1_0 EXIST::FUNCTION:
+ CMS_verify 1738 1_1_0 EXIST::FUNCTION:CMS
+ i2d_PrivateKey 1739 1_1_0 EXIST::FUNCTION:
+-i2d_OCSP_ONEREQ 1740 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_ONEREQ 1740 1_1_0 EXIST::FUNCTION:OCSP
+ OPENSSL_issetugid 1741 1_1_0 EXIST::FUNCTION:
+ d2i_ASN1_OBJECT 1742 1_1_0 EXIST::FUNCTION:
+ EVP_MD_meth_set_flags 1743 1_1_0 EXIST::FUNCTION:
+@@ -1796,14 +1795,14 @@ EC_POINT_cmp 1745 1_1_0 EXIST::FUNCTION:EC
+ ASN1_buf_print 1746 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_CTX_hex2ctrl 1747 1_1_0 EXIST::FUNCTION:
+ PEM_write_bio_PKCS8PrivateKey 1748 1_1_0 EXIST::FUNCTION:
+-CMAC_Update 1749 1_1_0 EXIST::FUNCTION:
++CMAC_Update 1749 1_1_0 EXIST::FUNCTION:CMAC
+ d2i_ASN1_UTCTIME 1750 1_1_0 EXIST::FUNCTION:
+-sk_insert 1751 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_insert 1751 1_1_0 EXIST::FUNCTION:
+ DSO_up_ref 1752 1_1_0 EXIST::FUNCTION:
+ EVP_rc2_cbc 1753 1_1_0 EXIST::FUNCTION:RC2
+ i2d_NETSCAPE_SPKI 1754 1_1_0 EXIST::FUNCTION:
+ ASYNC_init_thread 1755 1_1_0 EXIST::FUNCTION:
+-OCSP_BASICRESP_get_ext_by_OBJ 1756 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_get_ext_by_OBJ 1756 1_1_0 EXIST::FUNCTION:OCSP
+ X509_reject_clear 1757 1_1_0 EXIST::FUNCTION:
+ DH_security_bits 1758 1_1_0 EXIST::FUNCTION:DH
+ LONG_it 1759 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+@@ -1850,7 +1849,7 @@ EVP_CIPHER_CTX_clear_flags 1796 1_1_0 EXIST::FUNCTION:
+ ECDSA_size 1797 1_1_0 EXIST::FUNCTION:EC
+ X509_ALGOR_get0 1798 1_1_0 EXIST::FUNCTION:
+ d2i_ACCESS_DESCRIPTION 1799 1_1_0 EXIST::FUNCTION:
+-OCSP_SINGLERESP_get_ext_by_NID 1800 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_get_ext_by_NID 1800 1_1_0 EXIST::FUNCTION:OCSP
+ a2i_IPADDRESS_NC 1801 1_1_0 EXIST::FUNCTION:
+ CTLOG_STORE_load_default_file 1802 1_1_0 EXIST::FUNCTION:CT
+ PKCS12_SAFEBAG_create_pkcs8_encrypt 1803 1_1_0 EXIST::FUNCTION:
+@@ -1862,13 +1861,13 @@ ASN1_BIT_STRING_new 1808 1_1_0 EXIST::FUNCTION:
+ BIO_new_file 1809 1_1_0 EXIST::FUNCTION:
+ PKCS7_SIGNER_INFO_get0_algs 1810 1_1_0 EXIST::FUNCTION:
+ TS_RESP_set_status_info 1811 1_1_0 EXIST::FUNCTION:TS
+-lh_delete 1812 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_delete 1812 1_1_0 EXIST::FUNCTION:
+ TS_STATUS_INFO_dup 1813 1_1_0 EXIST::FUNCTION:TS
+ X509v3_addr_get_range 1814 1_1_0 EXIST::FUNCTION:RFC3779
+ X509_EXTENSION_get_data 1815 1_1_0 EXIST::FUNCTION:
+ RC5_32_encrypt 1816 1_1_0 EXIST::FUNCTION:RC5
+ DIST_POINT_set_dpname 1817 1_1_0 EXIST::FUNCTION:
+-BIO_sock_info 1818 1_1_0 EXIST::FUNCTION:
++BIO_sock_info 1818 1_1_0 EXIST::FUNCTION:SOCK
+ OPENSSL_hexstr2buf 1819 1_1_0 EXIST::FUNCTION:
+ EVP_add_cipher 1820 1_1_0 EXIST::FUNCTION:
+ X509V3_EXT_add_list 1821 1_1_0 EXIST::FUNCTION:
+@@ -1877,7 +1876,7 @@ X509_get_ext_by_critical 1823 1_1_0 EXIST::FUNCTION:
+ ASYNC_WAIT_CTX_clear_fd 1824 1_1_0 EXIST::FUNCTION:
+ ZLONG_it 1825 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ ZLONG_it 1825 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+-sk_find_ex 1826 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_find_ex 1826 1_1_0 EXIST::FUNCTION:
+ ASN1_ENUMERATED_to_BN 1827 1_1_0 EXIST::FUNCTION:
+ X509_CRL_get_ext_d2i 1828 1_1_0 EXIST::FUNCTION:
+ i2d_AUTHORITY_KEYID 1829 1_1_0 EXIST::FUNCTION:
+@@ -1889,7 +1888,7 @@ ASN1_STRING_to_UTF8 1833 1_1_0 EXIST::FUNCTION:
+ DSO_METHOD_null 1834 1_1_0 NOEXIST::FUNCTION:
+ EVP_MD_meth_set_update 1835 1_1_0 EXIST::FUNCTION:
+ EVP_camellia_192_cbc 1836 1_1_0 EXIST::FUNCTION:CAMELLIA
+-lh_stats_bio 1837 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_stats_bio 1837 1_1_0 EXIST::FUNCTION:
+ PKCS7_set_signed_attributes 1838 1_1_0 EXIST::FUNCTION:
+ EC_KEY_priv2buf 1839 1_1_0 EXIST::FUNCTION:EC
+ BN_BLINDING_free 1840 1_1_0 EXIST::FUNCTION:
+@@ -1908,11 +1907,11 @@ TS_RESP_CTX_set_serial_cb 1851 1_1_0 EXIST::FUNCTION:TS
+ POLICY_MAPPING_it 1852 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ POLICY_MAPPING_it 1852 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ ERR_load_KDF_strings 1853 1_1_0 EXIST::FUNCTION:
+-UI_method_set_reader 1854 1_1_0 EXIST::FUNCTION:
++UI_method_set_reader 1854 1_1_0 EXIST::FUNCTION:UI
+ BIO_next 1855 1_1_0 EXIST::FUNCTION:
+ ASN1_STRING_set_default_mask_asc 1856 1_1_0 EXIST::FUNCTION:
+ X509_CRL_new 1857 1_1_0 EXIST::FUNCTION:
+-i2b_PrivateKey_bio 1858 1_1_0 EXIST::FUNCTION:
++i2b_PrivateKey_bio 1858 1_1_0 EXIST::FUNCTION:DSA
+ ASN1_STRING_length_set 1859 1_1_0 EXIST::FUNCTION:
+ PEM_write_PKCS8 1860 1_1_0 EXIST::FUNCTION:
+ PKCS7_digest_from_attributes 1861 1_1_0 EXIST::FUNCTION:
+@@ -1928,34 +1927,34 @@ X509_get_ext_by_OBJ 1869 1_1_0 EXIST::FUNCTION:
+ PBEPARAM_new 1870 1_1_0 EXIST::FUNCTION:
+ EVP_aes_128_cbc 1871 1_1_0 EXIST::FUNCTION:
+ CRYPTO_dup_ex_data 1872 1_1_0 EXIST::FUNCTION:
+-OCSP_single_get0_status 1873 1_1_0 EXIST::FUNCTION:
++OCSP_single_get0_status 1873 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_AUTHORITY_INFO_ACCESS 1874 1_1_0 EXIST::FUNCTION:
+ PEM_read_RSAPrivateKey 1875 1_1_0 EXIST::FUNCTION:RSA
+-BIO_closesocket 1876 1_1_0 EXIST::FUNCTION:
++BIO_closesocket 1876 1_1_0 EXIST::FUNCTION:SOCK
+ RSA_verify_ASN1_OCTET_STRING 1877 1_1_0 EXIST::FUNCTION:RSA
+ SCT_set_log_entry_type 1878 1_1_0 EXIST::FUNCTION:CT
+ BN_new 1879 1_1_0 EXIST::FUNCTION:
+ X509_OBJECT_retrieve_by_subject 1880 1_1_0 EXIST::FUNCTION:
+ MD5_Final 1881 1_1_0 EXIST::FUNCTION:MD5
+ X509_STORE_set_verify_cb 1882 1_1_0 EXIST::FUNCTION:
+-OCSP_REQUEST_print 1883 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_print 1883 1_1_0 EXIST::FUNCTION:OCSP
+ CMS_add1_crl 1884 1_1_0 EXIST::FUNCTION:CMS
+ d2i_EDIPARTYNAME 1885 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_set0_trusted_stack 1886 1_1_0 EXIST::FUNCTION:
+-BIO_ADDR_service_string 1887 1_1_0 EXIST::FUNCTION:
++BIO_ADDR_service_string 1887 1_1_0 EXIST::FUNCTION:SOCK
+ ASN1_BOOLEAN_it 1888 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ ASN1_BOOLEAN_it 1888 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ TS_RESP_CTX_set_time_cb 1889 1_1_0 EXIST::FUNCTION:TS
+ IDEA_cbc_encrypt 1890 1_1_0 EXIST::FUNCTION:IDEA
+ BN_CTX_secure_new 1891 1_1_0 EXIST::FUNCTION:
+-OCSP_ONEREQ_add_ext 1892 1_1_0 EXIST::FUNCTION:
++OCSP_ONEREQ_add_ext 1892 1_1_0 EXIST::FUNCTION:OCSP
+ CMS_uncompress 1893 1_1_0 EXIST::FUNCTION:CMS
+ CRYPTO_mem_debug_pop 1895 1_1_0 EXIST::FUNCTION:CRYPTO_MDEBUG
+ EVP_aes_192_cfb128 1896 1_1_0 EXIST::FUNCTION:
+-OCSP_REQ_CTX_nbio 1897 1_1_0 EXIST::FUNCTION:
++OCSP_REQ_CTX_nbio 1897 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_CIPHER_CTX_copy 1898 1_1_0 EXIST::FUNCTION:
+ CRYPTO_secure_allocated 1899 1_1_0 EXIST::FUNCTION:
+-UI_UTIL_read_pw_string 1900 1_1_0 EXIST::FUNCTION:
++UI_UTIL_read_pw_string 1900 1_1_0 EXIST::FUNCTION:UI
+ NOTICEREF_free 1901 1_1_0 EXIST::FUNCTION:
+ AES_cfb1_encrypt 1902 1_1_0 EXIST::FUNCTION:
+ X509v3_get_ext 1903 1_1_0 EXIST::FUNCTION:
+@@ -1969,7 +1968,7 @@ SRP_Calc_B 1910 1_1_0 EXIST::FUNCTION:SRP
+ CMS_decrypt_set1_key 1911 1_1_0 EXIST::FUNCTION:CMS
+ EC_GROUP_get_degree 1912 1_1_0 EXIST::FUNCTION:EC
+ X509_ALGOR_set0 1913 1_1_0 EXIST::FUNCTION:
+-lh_set_down_load 1914 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_set_down_load 1914 1_1_0 EXIST::FUNCTION:
+ X509v3_asid_inherits 1915 1_1_0 EXIST::FUNCTION:RFC3779
+ EVP_MD_meth_get_app_datasize 1916 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get_num_untrusted 1917 1_1_0 EXIST::FUNCTION:
+@@ -1993,7 +1992,7 @@ X509_NAME_add_entry 1935 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_get_asn1_iv 1936 1_1_0 EXIST::FUNCTION:
+ i2d_RSAPrivateKey_bio 1937 1_1_0 EXIST::FUNCTION:RSA
+ PKCS5_PBE_keyivgen 1938 1_1_0 EXIST::FUNCTION:
+-i2d_OCSP_SERVICELOC 1939 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_SERVICELOC 1939 1_1_0 EXIST::FUNCTION:OCSP
+ EC_POINT_copy 1940 1_1_0 EXIST::FUNCTION:EC
+ X509V3_EXT_CRL_add_nconf 1941 1_1_0 EXIST::FUNCTION:
+ SHA256_Init 1942 1_1_0 EXIST::FUNCTION:
+@@ -2009,7 +2008,7 @@ PKCS12_unpack_p7data 1951 1_1_0 EXIST::FUNCTION:
+ ECDSA_sign 1952 1_1_0 EXIST::FUNCTION:EC
+ d2i_PKCS12_fp 1953 1_1_0 EXIST::FUNCTION:
+ CMS_unsigned_get_attr_by_NID 1954 1_1_0 EXIST::FUNCTION:CMS
+-UI_add_user_data 1955 1_1_0 EXIST::FUNCTION:
++UI_add_user_data 1955 1_1_0 EXIST::FUNCTION:UI
+ BN_bntest_rand 1956 1_1_0 EXIST::FUNCTION:
+ X509_get_pubkey 1957 1_1_0 EXIST::FUNCTION:
+ i2d_X509_NAME 1958 1_1_0 EXIST::FUNCTION:
+@@ -2029,7 +2028,7 @@ EC_POINT_get_affine_coordinates_GF2m 1970 1_1_0 EXIST::FUNCTION:EC,EC2M
+ EVP_ENCODE_CTX_num 1971 1_1_0 EXIST::FUNCTION:
+ Camellia_cfb1_encrypt 1972 1_1_0 EXIST::FUNCTION:CAMELLIA
+ NCONF_load_fp 1973 1_1_0 EXIST::FUNCTION:STDIO
+-i2d_OCSP_REQINFO 1974 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_REQINFO 1974 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_PKEY_sign 1975 1_1_0 EXIST::FUNCTION:
+ TS_REQ_get_ext_by_critical 1976 1_1_0 EXIST::FUNCTION:TS
+ EC_KEY_key2buf 1977 1_1_0 EXIST::FUNCTION:EC
+@@ -2068,33 +2067,33 @@ TS_REQ_get_version 2006 1_1_0 EXIST::FUNCTION:TS
+ BN_exp 2007 1_1_0 EXIST::FUNCTION:
+ i2d_SXNET 2008 1_1_0 EXIST::FUNCTION:
+ OBJ_bsearch_ 2009 1_1_0 EXIST::FUNCTION:
+-lh_new 2010 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_new 2010 1_1_0 EXIST::FUNCTION:
+ ENGINE_register_all_pkey_meths 2011 1_1_0 EXIST::FUNCTION:ENGINE
+ ENGINE_get_init_function 2012 1_1_0 EXIST::FUNCTION:ENGINE
+ EC_POINT_point2hex 2013 1_1_0 EXIST::FUNCTION:EC
+ ENGINE_get_default_DSA 2014 1_1_0 EXIST::FUNCTION:ENGINE
+ ENGINE_register_all_complete 2015 1_1_0 EXIST::FUNCTION:ENGINE
+ SRP_get_default_gN 2016 1_1_0 EXIST::FUNCTION:SRP
+-UI_dup_input_boolean 2017 1_1_0 EXIST::FUNCTION:
++UI_dup_input_boolean 2017 1_1_0 EXIST::FUNCTION:UI
+ PKCS7_dup 2018 1_1_0 EXIST::FUNCTION:
+ i2d_TS_REQ_fp 2019 1_1_0 EXIST::FUNCTION:STDIO,TS
+ i2d_OTHERNAME 2020 1_1_0 EXIST::FUNCTION:
+ EC_KEY_get0_private_key 2021 1_1_0 EXIST::FUNCTION:EC
+ SCT_get0_extensions 2022 1_1_0 EXIST::FUNCTION:CT
+-lh_node_stats_bio 2023 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_node_stats_bio 2023 1_1_0 EXIST::FUNCTION:
+ i2d_DIRECTORYSTRING 2024 1_1_0 EXIST::FUNCTION:
+ BN_X931_derive_prime_ex 2025 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_pkey_asn1_meth_str 2026 1_1_0 EXIST::FUNCTION:ENGINE
+ PKCS7_signatureVerify 2027 1_1_0 EXIST::FUNCTION:
+ CRYPTO_ocb128_new 2028 1_1_0 EXIST::FUNCTION:OCB
+ EC_curve_nist2nid 2029 1_1_0 EXIST::FUNCTION:EC
+-UI_get0_result 2030 1_1_0 EXIST::FUNCTION:
+-OCSP_request_add1_nonce 2031 1_1_0 EXIST::FUNCTION:
+-UI_construct_prompt 2032 1_1_0 EXIST::FUNCTION:
++UI_get0_result 2030 1_1_0 EXIST::FUNCTION:UI
++OCSP_request_add1_nonce 2031 1_1_0 EXIST::FUNCTION:OCSP
++UI_construct_prompt 2032 1_1_0 EXIST::FUNCTION:UI
+ ENGINE_unregister_RSA 2033 1_1_0 EXIST::FUNCTION:ENGINE
+ EC_GROUP_order_bits 2034 1_1_0 EXIST::FUNCTION:EC
+ d2i_CMS_bio 2035 1_1_0 EXIST::FUNCTION:CMS
+-sk_num 2036 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_num 2036 1_1_0 EXIST::FUNCTION:
+ _shadow_DES_check_key 2037 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES
+ _shadow_DES_check_key 2037 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES
+ CMS_RecipientInfo_set0_pkey 2038 1_1_0 EXIST::FUNCTION:CMS
+@@ -2112,17 +2111,17 @@ ASN1_ENUMERATED_it 2047 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:
+ o2i_ECPublicKey 2048 1_1_0 EXIST::FUNCTION:EC
+ ERR_load_BUF_strings 2049 1_1_0 EXIST::FUNCTION:
+ PEM_read_bio_RSA_PUBKEY 2050 1_1_0 EXIST::FUNCTION:RSA
+-OCSP_SINGLERESP_new 2051 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_new 2051 1_1_0 EXIST::FUNCTION:OCSP
+ ASN1_SCTX_free 2052 1_1_0 EXIST::FUNCTION:
+ i2d_ECPrivateKey_fp 2053 1_1_0 EXIST::FUNCTION:EC,STDIO
+ EVP_CIPHER_CTX_original_iv 2054 1_1_0 EXIST::FUNCTION:
+ PKCS7_SIGNED_free 2055 1_1_0 EXIST::FUNCTION:
+ X509_TRUST_get0_name 2056 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_load_pubkey_function 2057 1_1_0 EXIST::FUNCTION:ENGINE
+-UI_get_default_method 2058 1_1_0 EXIST::FUNCTION:
++UI_get_default_method 2058 1_1_0 EXIST::FUNCTION:UI
+ PKCS12_add_CSPName_asc 2059 1_1_0 EXIST::FUNCTION:
+ PEM_write_PUBKEY 2060 1_1_0 EXIST::FUNCTION:
+-UI_method_set_prompt_constructor 2061 1_1_0 EXIST::FUNCTION:
++UI_method_set_prompt_constructor 2061 1_1_0 EXIST::FUNCTION:UI
+ OBJ_length 2062 1_1_0 EXIST::FUNCTION:
+ BN_GENCB_get_arg 2063 1_1_0 EXIST::FUNCTION:
+ EVP_MD_CTX_clear_flags 2064 1_1_0 EXIST::FUNCTION:
+@@ -2130,7 +2129,7 @@ EVP_PKEY_meth_get_verifyctx 2065 1_1_0 EXIST::FUNCTION:
+ CT_POLICY_EVAL_CTX_get0_cert 2066 1_1_0 EXIST::FUNCTION:CT
+ PEM_write_DHparams 2067 1_1_0 EXIST::FUNCTION:DH
+ DH_set_ex_data 2068 1_1_0 EXIST::FUNCTION:DH
+-OCSP_SIGNATURE_free 2069 1_1_0 EXIST::FUNCTION:
++OCSP_SIGNATURE_free 2069 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_128_unwrap_pad 2070 1_1_0 EXIST::FUNCTION:
+ BIO_new_CMS 2071 1_1_0 EXIST::FUNCTION:CMS
+ i2d_ASN1_ENUMERATED 2072 1_1_0 EXIST::FUNCTION:
+@@ -2150,7 +2149,7 @@ i2d_ASN1_GENERALSTRING 2085 1_1_0 EXIST::FUNCTION:
+ POLICYQUALINFO_new 2086 1_1_0 EXIST::FUNCTION:
+ PKCS7_RECIP_INFO_get0_alg 2087 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_base_id 2088 1_1_0 EXIST::FUNCTION:
+-UI_method_set_opener 2089 1_1_0 EXIST::FUNCTION:
++UI_method_set_opener 2089 1_1_0 EXIST::FUNCTION:UI
+ X509v3_get_ext_by_NID 2090 1_1_0 EXIST::FUNCTION:
+ TS_CONF_set_policies 2091 1_1_0 EXIST::FUNCTION:TS
+ CMS_SignerInfo_cert_cmp 2092 1_1_0 EXIST::FUNCTION:CMS
+@@ -2168,7 +2167,7 @@ X509_get_ext_count 2103 1_1_0 EXIST::FUNCTION:
+ CRYPTO_cts128_decrypt 2104 1_1_0 EXIST::FUNCTION:
+ ASYNC_WAIT_CTX_get_fd 2105 1_1_0 EXIST::FUNCTION:
+ i2d_TS_REQ 2106 1_1_0 EXIST::FUNCTION:TS
+-OCSP_ONEREQ_add1_ext_i2d 2107 1_1_0 EXIST::FUNCTION:
++OCSP_ONEREQ_add1_ext_i2d 2107 1_1_0 EXIST::FUNCTION:OCSP
+ ENGINE_register_pkey_meths 2108 1_1_0 EXIST::FUNCTION:ENGINE
+ ENGINE_load_public_key 2109 1_1_0 EXIST::FUNCTION:ENGINE
+ ASIdOrRange_it 2110 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+@@ -2193,14 +2192,14 @@ BN_mod_exp_recp 2126 1_1_0 EXIST::FUNCTION:
+ EVP_mdc2 2127 1_1_0 EXIST::FUNCTION:MDC2
+ EVP_des_cfb64 2128 1_1_0 EXIST::FUNCTION:DES
+ PKCS7_sign 2129 1_1_0 EXIST::FUNCTION:
+-OCSP_SINGLERESP_get_ext_by_critical 2130 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_get_ext_by_critical 2130 1_1_0 EXIST::FUNCTION:OCSP
+ EDIPARTYNAME_it 2131 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ EDIPARTYNAME_it 2131 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ ERR_print_errors_fp 2132 1_1_0 EXIST::FUNCTION:STDIO
+ BN_GF2m_mod_div_arr 2133 1_1_0 EXIST::FUNCTION:EC2M
+ PKCS12_SAFEBAG_get0_attr 2134 1_1_0 EXIST::FUNCTION:
+ BIO_s_mem 2135 1_1_0 EXIST::FUNCTION:
+-OCSP_RESPDATA_new 2136 1_1_0 EXIST::FUNCTION:
++OCSP_RESPDATA_new 2136 1_1_0 EXIST::FUNCTION:OCSP
+ ASN1_item_i2d_fp 2137 1_1_0 EXIST::FUNCTION:STDIO
+ BN_GF2m_mod_sqr 2138 1_1_0 EXIST::FUNCTION:EC2M
+ ASN1_PRINTABLE_new 2139 1_1_0 EXIST::FUNCTION:
+@@ -2217,7 +2216,7 @@ CRYPTO_THREAD_compare_id 2148 1_1_0 EXIST::FUNCTION:
+ d2i_IPAddressChoice 2149 1_1_0 EXIST::FUNCTION:RFC3779
+ IPAddressFamily_it 2150 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ IPAddressFamily_it 2150 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+-ERR_load_OCSP_strings 2151 1_1_0 EXIST::FUNCTION:
++ERR_load_OCSP_strings 2151 1_1_0 EXIST::FUNCTION:OCSP
+ BIO_push 2152 1_1_0 EXIST::FUNCTION:
+ ASN1_BMPSTRING_new 2153 1_1_0 EXIST::FUNCTION:
+ COMP_get_type 2154 1_1_0 EXIST::FUNCTION:COMP
+@@ -2228,8 +2227,8 @@ PEM_write_X509 2158 1_1_0 EXIST::FUNCTION:
+ BN_CTX_free 2159 1_1_0 EXIST::FUNCTION:
+ EC_GROUP_get_curve_GF2m 2160 1_1_0 EXIST::FUNCTION:EC,EC2M
+ EVP_MD_flags 2161 1_1_0 EXIST::FUNCTION:
+-sk_set 2162 1_1_0 EXIST::FUNCTION:
+-OCSP_request_sign 2163 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_set 2162 1_1_0 EXIST::FUNCTION:
++OCSP_request_sign 2163 1_1_0 EXIST::FUNCTION:OCSP
+ BN_GF2m_mod_solve_quad 2164 1_1_0 EXIST::FUNCTION:EC2M
+ EC_POINT_method_of 2165 1_1_0 EXIST::FUNCTION:EC
+ PKCS7_ENCRYPT_it 2166 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+@@ -2239,14 +2238,14 @@ AUTHORITY_INFO_ACCESS_it 2167 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:
+ X509_EXTENSION_create_by_NID 2168 1_1_0 EXIST::FUNCTION:
+ i2d_RSAPrivateKey 2169 1_1_0 EXIST::FUNCTION:RSA
+ d2i_CERTIFICATEPOLICIES 2170 1_1_0 EXIST::FUNCTION:
+-CMAC_CTX_get0_cipher_ctx 2171 1_1_0 EXIST::FUNCTION:
++CMAC_CTX_get0_cipher_ctx 2171 1_1_0 EXIST::FUNCTION:CMAC
+ X509_STORE_load_locations 2172 1_1_0 EXIST::FUNCTION:
+ OBJ_find_sigid_algs 2173 1_1_0 EXIST::FUNCTION:
+ TS_RESP_CTX_set_accuracy 2174 1_1_0 EXIST::FUNCTION:TS
+ NETSCAPE_SPKI_get_pubkey 2175 1_1_0 EXIST::FUNCTION:
+ ECDSA_do_sign_ex 2176 1_1_0 EXIST::FUNCTION:EC
+-OCSP_ONEREQ_get_ext 2177 1_1_0 EXIST::FUNCTION:
+-DES_read_password 2178 1_1_0 EXIST::FUNCTION:DES,UI
++OCSP_ONEREQ_get_ext 2177 1_1_0 EXIST::FUNCTION:OCSP
++DES_read_password 2178 1_1_0 NOEXIST::FUNCTION:
+ BN_get_rfc3526_prime_4096 2179 1_1_0 EXIST::FUNCTION:
+ d2i_PKCS7_fp 2180 1_1_0 EXIST::FUNCTION:STDIO
+ PEM_write_bio_NETSCAPE_CERT_SEQUENCE 2181 1_1_0 EXIST::FUNCTION:
+@@ -2257,13 +2256,13 @@ CMS_RecipientInfo_kari_orig_id_cmp 2184 1_1_0 EXIST::FUNCTION:CMS
+ NETSCAPE_SPKI_b64_encode 2185 1_1_0 EXIST::FUNCTION:
+ d2i_PrivateKey 2186 1_1_0 EXIST::FUNCTION:
+ EVP_MD_CTX_new 2187 1_1_0 EXIST::FUNCTION:
+-OPENSSL_strcasecmp 2188 1_1_0 EXIST::FUNCTION:
++OPENSSL_strcasecmp 2188 1_1_0 NOEXIST::FUNCTION:
+ X509_get0_tbs_sigalg 2189 1_1_0 EXIST::FUNCTION:
+ ASN1_GENERALIZEDTIME_new 2190 1_1_0 EXIST::FUNCTION:
+ d2i_ECDSA_SIG 2191 1_1_0 EXIST::FUNCTION:EC
+ d2i_OTHERNAME 2192 1_1_0 EXIST::FUNCTION:
+ i2d_TS_RESP_fp 2193 1_1_0 EXIST::FUNCTION:STDIO,TS
+-OCSP_BASICRESP_get_ext_count 2194 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_get_ext_count 2194 1_1_0 EXIST::FUNCTION:OCSP
+ ASN1_T61STRING_new 2195 1_1_0 EXIST::FUNCTION:
+ BN_kronecker 2196 1_1_0 EXIST::FUNCTION:
+ i2d_ACCESS_DESCRIPTION 2197 1_1_0 EXIST::FUNCTION:
+@@ -2272,7 +2271,7 @@ X509_STORE_CTX_set_depth 2199 1_1_0 EXIST::FUNCTION:
+ X509v3_delete_ext 2200 1_1_0 EXIST::FUNCTION:
+ ASN1_STRING_set0 2201 1_1_0 EXIST::FUNCTION:
+ BN_GF2m_add 2202 1_1_0 EXIST::FUNCTION:EC2M
+-CMAC_resume 2203 1_1_0 EXIST::FUNCTION:
++CMAC_resume 2203 1_1_0 EXIST::FUNCTION:CMAC
+ TS_ACCURACY_set_millis 2204 1_1_0 EXIST::FUNCTION:TS
+ X509V3_EXT_conf 2205 1_1_0 EXIST::FUNCTION:
+ i2d_DHxparams 2206 1_1_0 EXIST::FUNCTION:DH
+@@ -2283,7 +2282,7 @@ i2d_TS_ACCURACY 2210 1_1_0 EXIST::FUNCTION:TS
+ ASN1_VISIBLESTRING_free 2211 1_1_0 EXIST::FUNCTION:
+ NCONF_load_bio 2212 1_1_0 EXIST::FUNCTION:
+ DSA_get_default_method 2213 1_1_0 EXIST::FUNCTION:DSA
+-lh_retrieve 2214 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_retrieve 2214 1_1_0 EXIST::FUNCTION:
+ CRYPTO_ccm128_decrypt_ccm64 2215 1_1_0 EXIST::FUNCTION:
+ TS_RESP_CTX_set_clock_precision_digits 2216 1_1_0 EXIST::FUNCTION:TS
+ SCT_LIST_validate 2217 1_1_0 EXIST::FUNCTION:CT
+@@ -2312,7 +2311,7 @@ EC_GROUP_set_curve_GF2m 2239 1_1_0 EXIST::FUNCTION:EC,EC2M
+ ENGINE_load_builtin_engines 2240 1_1_0 EXIST::FUNCTION:ENGINE
+ SRP_VBASE_init 2241 1_1_0 EXIST::FUNCTION:SRP
+ SHA224_Final 2242 1_1_0 EXIST::FUNCTION:
+-OCSP_CERTSTATUS_free 2243 1_1_0 EXIST::FUNCTION:
++OCSP_CERTSTATUS_free 2243 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_TS_TST_INFO 2244 1_1_0 EXIST::FUNCTION:TS
+ IPAddressOrRange_it 2245 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ IPAddressOrRange_it 2245 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+@@ -2320,14 +2319,14 @@ ENGINE_get_cipher 2246 1_1_0 EXIST::FUNCTION:ENGINE
+ TS_TST_INFO_delete_ext 2247 1_1_0 EXIST::FUNCTION:TS
+ TS_OBJ_print_bio 2248 1_1_0 EXIST::FUNCTION:TS
+ X509_time_adj_ex 2249 1_1_0 EXIST::FUNCTION:
+-OCSP_request_add1_cert 2250 1_1_0 EXIST::FUNCTION:
++OCSP_request_add1_cert 2250 1_1_0 EXIST::FUNCTION:OCSP
+ ERR_load_X509_strings 2251 1_1_0 EXIST::FUNCTION:
+ SHA1_Transform 2252 1_1_0 EXIST::FUNCTION:
+ CMS_signed_get_attr_by_NID 2253 1_1_0 EXIST::FUNCTION:CMS
+-X509_STORE_get_by_subject 2254 1_1_0 EXIST::FUNCTION:
++X509_STORE_CTX_get_by_subject 2254 1_1_0 EXIST::FUNCTION:
+ ASN1_OCTET_STRING_it 2255 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ ASN1_OCTET_STRING_it 2255 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+-sk_set_cmp_func 2256 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_set_cmp_func 2256 1_1_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_table_cleanup 2257 1_1_0 EXIST::FUNCTION:
+ i2d_re_X509_REQ_tbs 2258 1_1_0 EXIST::FUNCTION:
+ CONF_load_bio 2259 1_1_0 EXIST::FUNCTION:
+@@ -2378,7 +2377,7 @@ UTF8_putc 2302 1_1_0 EXIST::FUNCTION:
+ RSA_private_encrypt 2303 1_1_0 EXIST::FUNCTION:RSA
+ X509_LOOKUP_shutdown 2304 1_1_0 EXIST::FUNCTION:
+ TS_TST_INFO_set_accuracy 2305 1_1_0 EXIST::FUNCTION:TS
+-OCSP_basic_verify 2306 1_1_0 EXIST::FUNCTION:
++OCSP_basic_verify 2306 1_1_0 EXIST::FUNCTION:OCSP
+ X509at_add1_attr_by_OBJ 2307 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_asn1_add0 2308 1_1_0 EXIST::FUNCTION:
+ PKCS12_SAFEBAG_get1_crl 2309 1_1_0 EXIST::FUNCTION:
+@@ -2409,12 +2408,12 @@ EVP_aes_256_xts 2333 1_1_0 EXIST::FUNCTION:
+ EVP_DigestSignFinal 2334 1_1_0 EXIST::FUNCTION:
+ ASN1_STRING_cmp 2335 1_1_0 EXIST::FUNCTION:
+ EVP_chacha20_poly1305 2336 1_1_0 EXIST::FUNCTION:CHACHA,POLY1305
+-sk_zero 2337 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_zero 2337 1_1_0 EXIST::FUNCTION:
+ ASN1_PRINTABLE_type 2338 1_1_0 EXIST::FUNCTION:
+ TS_CONF_set_ess_cert_id_chain 2339 1_1_0 EXIST::FUNCTION:TS
+ PEM_read_DSAPrivateKey 2340 1_1_0 EXIST::FUNCTION:DSA
+ DH_generate_parameters_ex 2341 1_1_0 EXIST::FUNCTION:DH
+-UI_dup_input_string 2342 1_1_0 EXIST::FUNCTION:
++UI_dup_input_string 2342 1_1_0 EXIST::FUNCTION:UI
+ X509_keyid_set1 2343 1_1_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_set1 2344 1_1_0 EXIST::FUNCTION:
+ EC_GROUP_get_asn1_flag 2345 1_1_0 EXIST::FUNCTION:EC
+@@ -2439,12 +2438,12 @@ OTHERNAME_it 2363 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION
+ OTHERNAME_it 2363 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ X509at_add1_attr_by_txt 2364 1_1_0 EXIST::FUNCTION:
+ PKCS7_SIGN_ENVELOPE_free 2365 1_1_0 EXIST::FUNCTION:
+-BIO_dgram_is_sctp 2366 1_1_0 EXIST::FUNCTION:SCTP
++BIO_dgram_is_sctp 2366 1_1_0 EXIST::FUNCTION:DGRAM,SCTP
+ DH_check 2367 1_1_0 EXIST::FUNCTION:DH
+ Camellia_set_key 2368 1_1_0 EXIST::FUNCTION:CAMELLIA
+ X509_LOOKUP_by_issuer_serial 2369 1_1_0 EXIST::FUNCTION:
+ ASN1_BMPSTRING_free 2370 1_1_0 EXIST::FUNCTION:
+-BIO_new_accept 2371 1_1_0 EXIST::FUNCTION:
++BIO_new_accept 2371 1_1_0 EXIST::FUNCTION:SOCK
+ GENERAL_NAME_new 2372 1_1_0 EXIST::FUNCTION:
+ DES_encrypt3 2373 1_1_0 EXIST::FUNCTION:DES
+ PKCS7_get_signer_info 2374 1_1_0 EXIST::FUNCTION:
+@@ -2455,7 +2454,7 @@ ASN1_UTF8STRING_it 2377 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:
+ ASN1_SCTX_set_app_data 2378 1_1_0 EXIST::FUNCTION:
+ CMS_add0_cert 2379 1_1_0 EXIST::FUNCTION:CMS
+ i2d_GENERAL_NAME 2380 1_1_0 EXIST::FUNCTION:
+-BIO_ADDR_new 2381 1_1_0 EXIST::FUNCTION:
++BIO_ADDR_new 2381 1_1_0 EXIST::FUNCTION:SOCK
+ ENGINE_get_pkey_asn1_meth_engine 2382 1_1_0 EXIST::FUNCTION:ENGINE
+ d2i_ASN1_BMPSTRING 2383 1_1_0 EXIST::FUNCTION:
+ PKCS12_SAFEBAG_create0_p8inf 2384 1_1_0 EXIST::FUNCTION:
+@@ -2492,17 +2491,17 @@ BIO_ctrl 2414 1_1_0 EXIST::FUNCTION:
+ X509_CRL_set_default_method 2415 1_1_0 EXIST::FUNCTION:
+ DSO_pathbyaddr 2416 1_1_0 NOEXIST::FUNCTION:
+ d2i_RSAPublicKey_fp 2417 1_1_0 EXIST::FUNCTION:RSA,STDIO
+-UI_method_get_flusher 2418 1_1_0 EXIST::FUNCTION:
++UI_method_get_flusher 2418 1_1_0 EXIST::FUNCTION:UI
+ EC_POINT_dbl 2419 1_1_0 EXIST::FUNCTION:EC
+ i2d_X509_CRL_INFO 2420 1_1_0 EXIST::FUNCTION:
+-i2d_OCSP_CERTSTATUS 2421 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_CERTSTATUS 2421 1_1_0 EXIST::FUNCTION:OCSP
+ X509_REVOKED_get0_revocationDate 2422 1_1_0 EXIST::FUNCTION:
+ PKCS7_add_crl 2423 1_1_0 EXIST::FUNCTION:
+ ECDSA_do_sign 2424 1_1_0 EXIST::FUNCTION:EC
+ ASN1_GENERALIZEDTIME_it 2425 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ ASN1_GENERALIZEDTIME_it 2425 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ PKCS8_pkey_get0 2426 1_1_0 EXIST::FUNCTION:
+-OCSP_sendreq_new 2427 1_1_0 EXIST::FUNCTION:
++OCSP_sendreq_new 2427 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_aes_256_cfb128 2428 1_1_0 EXIST::FUNCTION:
+ RSA_set_ex_data 2429 1_1_0 EXIST::FUNCTION:RSA
+ BN_GENCB_call 2430 1_1_0 EXIST::FUNCTION:
+@@ -2514,8 +2513,8 @@ EVP_get_digestbyname 2435 1_1_0 EXIST::FUNCTION:
+ X509_CRL_get_lastUpdate 2436 1_1_0 EXIST::FUNCTION:
+ OBJ_create_objects 2437 1_1_0 EXIST::FUNCTION:
+ EVP_enc_null 2438 1_1_0 EXIST::FUNCTION:
+-OCSP_ONEREQ_get_ext_by_critical 2439 1_1_0 EXIST::FUNCTION:
+-OCSP_request_onereq_count 2440 1_1_0 EXIST::FUNCTION:
++OCSP_ONEREQ_get_ext_by_critical 2439 1_1_0 EXIST::FUNCTION:OCSP
++OCSP_request_onereq_count 2440 1_1_0 EXIST::FUNCTION:OCSP
+ BN_hex2bn 2441 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_meth_set_impl_ctx_size 2442 1_1_0 EXIST::FUNCTION:
+ ASIdentifiers_new 2443 1_1_0 EXIST::FUNCTION:RFC3779
+@@ -2542,12 +2541,12 @@ BIO_s_datagram_sctp 2461 1_1_0 EXIST::FUNCTION:DGRAM,SCTP
+ SXNET_add_id_asc 2462 1_1_0 EXIST::FUNCTION:
+ X509_print_fp 2463 1_1_0 EXIST::FUNCTION:STDIO
+ TS_REQ_set_version 2464 1_1_0 EXIST::FUNCTION:TS
+-OCSP_REQINFO_new 2465 1_1_0 EXIST::FUNCTION:
++OCSP_REQINFO_new 2465 1_1_0 EXIST::FUNCTION:OCSP
+ Camellia_decrypt 2466 1_1_0 EXIST::FUNCTION:CAMELLIA
+ X509_signature_print 2467 1_1_0 EXIST::FUNCTION:
+ EVP_camellia_128_ecb 2468 1_1_0 EXIST::FUNCTION:CAMELLIA
+ MD2_Final 2469 1_1_0 EXIST::FUNCTION:MD2
+-OCSP_REQ_CTX_add1_header 2470 1_1_0 EXIST::FUNCTION:
++OCSP_REQ_CTX_add1_header 2470 1_1_0 EXIST::FUNCTION:OCSP
+ NETSCAPE_SPKAC_it 2471 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ NETSCAPE_SPKAC_it 2471 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ ASIdOrRange_free 2472 1_1_0 EXIST::FUNCTION:RFC3779
+@@ -2561,7 +2560,7 @@ EVP_CIPHER_CTX_ctrl 2479 1_1_0 EXIST::FUNCTION:
+ ASN1_T61STRING_it 2480 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ ASN1_T61STRING_it 2480 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ ENGINE_get_prev 2481 1_1_0 EXIST::FUNCTION:ENGINE
+-OCSP_accept_responses_new 2482 1_1_0 EXIST::FUNCTION:
++OCSP_accept_responses_new 2482 1_1_0 EXIST::FUNCTION:OCSP
+ ERR_load_EC_strings 2483 1_1_0 EXIST::FUNCTION:EC
+ X509V3_string_free 2484 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_set_paramgen 2485 1_1_0 EXIST::FUNCTION:
+@@ -2621,7 +2620,7 @@ PKCS7_ENVELOPE_free 2538 1_1_0 EXIST::FUNCTION:
+ PKCS12_key_gen_uni 2539 1_1_0 EXIST::FUNCTION:
+ WHIRLPOOL 2540 1_1_0 EXIST::FUNCTION:WHIRLPOOL
+ a2i_ipadd 2541 1_1_0 EXIST::FUNCTION:
+-UI_set_default_method 2542 1_1_0 EXIST::FUNCTION:
++UI_set_default_method 2542 1_1_0 EXIST::FUNCTION:UI
+ EC_POINT_is_at_infinity 2543 1_1_0 EXIST::FUNCTION:EC
+ i2d_NOTICEREF 2544 1_1_0 EXIST::FUNCTION:
+ EC_KEY_new 2545 1_1_0 EXIST::FUNCTION:EC
+@@ -2641,25 +2640,25 @@ EVP_PKEY_CTX_get_keygen_info 2558 1_1_0 EXIST::FUNCTION:
+ d2i_ASN1_UINTEGER 2559 1_1_0 EXIST::FUNCTION:
+ i2s_ASN1_INTEGER 2560 1_1_0 EXIST::FUNCTION:
+ d2i_EC_PUBKEY_fp 2561 1_1_0 EXIST::FUNCTION:EC,STDIO
+-i2d_OCSP_SIGNATURE 2562 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_SIGNATURE 2562 1_1_0 EXIST::FUNCTION:OCSP
+ i2d_X509_EXTENSION 2563 1_1_0 EXIST::FUNCTION:
+ PEM_read_bio_X509 2564 1_1_0 EXIST::FUNCTION:
+ DES_key_sched 2565 1_1_0 EXIST::FUNCTION:DES
+ GENERAL_NAME_dup 2566 1_1_0 EXIST::FUNCTION:
+-X509_STORE_get1_crls 2567 1_1_0 EXIST::FUNCTION:
++X509_STORE_CTX_get1_crls 2567 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_set_verify 2568 1_1_0 EXIST::FUNCTION:
+ EVP_sha256 2569 1_1_0 EXIST::FUNCTION:
+ CMS_unsigned_delete_attr 2570 1_1_0 EXIST::FUNCTION:CMS
+ EVP_md5_sha1 2571 1_1_0 EXIST::FUNCTION:MD5
+ EVP_PKEY_sign_init 2572 1_1_0 EXIST::FUNCTION:
+-lh_insert 2573 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_insert 2573 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_meth_get_cleanup 2574 1_1_0 EXIST::FUNCTION:
+ ASN1_item_ex_d2i 2575 1_1_0 EXIST::FUNCTION:
+ EVP_MD_meth_free 2576 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_new 2577 1_1_0 EXIST::FUNCTION:
+ RSA_padding_check_PKCS1_OAEP 2578 1_1_0 EXIST::FUNCTION:RSA
+-OCSP_SERVICELOC_it 2579 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_SERVICELOC_it 2579 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_SERVICELOC_it 2579 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_SERVICELOC_it 2579 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ PKCS12_SAFEBAG_get_nid 2580 1_1_0 EXIST::FUNCTION:
+ EVP_MD_CTX_set_update_fn 2581 1_1_0 EXIST::FUNCTION:
+ BIO_f_asn1 2582 1_1_0 EXIST::FUNCTION:
+@@ -2693,11 +2692,11 @@ EVP_DecodeUpdate 2609 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_default_RAND 2610 1_1_0 EXIST::FUNCTION:ENGINE
+ ERR_peek_last_error_line 2611 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_ssl_client_cert_function 2612 1_1_0 EXIST::FUNCTION:ENGINE
+-lh_node_usage_stats 2613 1_1_0 EXIST::FUNCTION:STDIO
++OPENSSL_LH_node_usage_stats 2613 1_1_0 EXIST::FUNCTION:STDIO
+ DIRECTORYSTRING_it 2614 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ DIRECTORYSTRING_it 2614 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ BIO_write 2615 1_1_0 EXIST::FUNCTION:
+-OCSP_ONEREQ_get_ext_by_OBJ 2616 1_1_0 EXIST::FUNCTION:
++OCSP_ONEREQ_get_ext_by_OBJ 2616 1_1_0 EXIST::FUNCTION:OCSP
+ SEED_encrypt 2617 1_1_0 EXIST::FUNCTION:SEED
+ IPAddressRange_it 2618 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ IPAddressRange_it 2618 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+@@ -2741,7 +2740,7 @@ EVP_aes_256_cbc_hmac_sha1 2652 1_1_0 EXIST::FUNCTION:
+ SCT_validate 2653 1_1_0 EXIST::FUNCTION:CT
+ EC_GROUP_dup 2654 1_1_0 EXIST::FUNCTION:EC
+ EVP_sha1 2655 1_1_0 EXIST::FUNCTION:
+-sk_new 2656 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_new 2656 1_1_0 EXIST::FUNCTION:
+ BN_dup 2657 1_1_0 EXIST::FUNCTION:
+ TS_MSG_IMPRINT_print_bio 2658 1_1_0 EXIST::FUNCTION:TS
+ CONF_module_set_usr_data 2659 1_1_0 EXIST::FUNCTION:
+@@ -2769,7 +2768,7 @@ d2i_CMS_ReceiptRequest 2680 1_1_0 EXIST::FUNCTION:CMS
+ X509_CRL_INFO_it 2681 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ X509_CRL_INFO_it 2681 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ BUF_reverse 2682 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_SIGNATURE 2683 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_SIGNATURE 2683 1_1_0 EXIST::FUNCTION:OCSP
+ X509_REQ_delete_attr 2684 1_1_0 EXIST::FUNCTION:
+ TS_RESP_CTX_set_signer_cert 2685 1_1_0 EXIST::FUNCTION:TS
+ X509V3_EXT_d2i 2686 1_1_0 EXIST::FUNCTION:
+@@ -2777,7 +2776,7 @@ ASN1_GENERALSTRING_it 2687 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION
+ ASN1_GENERALSTRING_it 2687 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ POLICYQUALINFO_free 2688 1_1_0 EXIST::FUNCTION:
+ EC_KEY_set_group 2689 1_1_0 EXIST::FUNCTION:EC
+-OCSP_check_validity 2690 1_1_0 EXIST::FUNCTION:
++OCSP_check_validity 2690 1_1_0 EXIST::FUNCTION:OCSP
+ PEM_write_ECPKParameters 2691 1_1_0 EXIST::FUNCTION:EC
+ X509_VERIFY_PARAM_lookup 2692 1_1_0 EXIST::FUNCTION:
+ X509_LOOKUP_by_fingerprint 2693 1_1_0 EXIST::FUNCTION:
+@@ -2787,7 +2786,7 @@ d2i_ECPrivateKey_fp 2696 1_1_0 EXIST::FUNCTION:EC,STDIO
+ TS_CONF_set_ordering 2697 1_1_0 EXIST::FUNCTION:TS
+ X509_CRL_get_ext 2698 1_1_0 EXIST::FUNCTION:
+ X509_CRL_get_ext_by_OBJ 2699 1_1_0 EXIST::FUNCTION:
+-OCSP_basic_add1_cert 2700 1_1_0 EXIST::FUNCTION:
++OCSP_basic_add1_cert 2700 1_1_0 EXIST::FUNCTION:OCSP
+ ASN1_PRINTABLESTRING_new 2701 1_1_0 EXIST::FUNCTION:
+ i2d_PBEPARAM 2702 1_1_0 EXIST::FUNCTION:
+ NETSCAPE_SPKI_new 2703 1_1_0 EXIST::FUNCTION:
+@@ -2821,8 +2820,8 @@ CMS_ContentInfo_print_ctx 2730 1_1_0 EXIST::FUNCTION:CMS
+ d2i_PKCS7_SIGNED 2731 1_1_0 EXIST::FUNCTION:
+ GENERAL_NAMES_free 2732 1_1_0 EXIST::FUNCTION:
+ SCT_get_timestamp 2733 1_1_0 EXIST::FUNCTION:CT
+-OCSP_SIGNATURE_it 2734 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_SIGNATURE_it 2734 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_SIGNATURE_it 2734 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_SIGNATURE_it 2734 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ CMS_verify_receipt 2735 1_1_0 EXIST::FUNCTION:CMS
+ CRYPTO_THREAD_lock_new 2736 1_1_0 EXIST::FUNCTION:
+ BIO_get_ex_data 2737 1_1_0 EXIST::FUNCTION:
+@@ -2835,9 +2834,9 @@ d2i_IPAddressRange 2743 1_1_0 EXIST::FUNCTION:RFC3779
+ ERR_remove_state 2744 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_0_0
+ X509_CRL_print_fp 2745 1_1_0 EXIST::FUNCTION:STDIO
+ TS_CONF_load_key 2746 1_1_0 EXIST::FUNCTION:TS
+-d2i_OCSP_REQINFO 2747 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_REQINFO 2747 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_X509_CINF 2748 1_1_0 EXIST::FUNCTION:
+-OCSP_REQUEST_get_ext_by_critical 2749 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_get_ext_by_critical 2749 1_1_0 EXIST::FUNCTION:OCSP
+ X509_REQ_to_X509 2750 1_1_0 EXIST::FUNCTION:
+ EVP_aes_192_wrap_pad 2751 1_1_0 EXIST::FUNCTION:
+ PKCS7_SIGN_ENVELOPE_new 2752 1_1_0 EXIST::FUNCTION:
+@@ -2848,8 +2847,8 @@ CT_POLICY_EVAL_CTX_new 2756 1_1_0 EXIST::FUNCTION:CT
+ NETSCAPE_SPKI_it 2757 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ NETSCAPE_SPKI_it 2757 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ CRYPTO_THREAD_unlock 2758 1_1_0 EXIST::FUNCTION:
+-UI_method_set_writer 2759 1_1_0 EXIST::FUNCTION:
+-UI_dup_info_string 2760 1_1_0 EXIST::FUNCTION:
++UI_method_set_writer 2759 1_1_0 EXIST::FUNCTION:UI
++UI_dup_info_string 2760 1_1_0 EXIST::FUNCTION:UI
+ OPENSSL_init 2761 1_1_0 EXIST::FUNCTION:
+ TS_RESP_get_tst_info 2762 1_1_0 EXIST::FUNCTION:TS
+ X509_VERIFY_PARAM_get_depth 2763 1_1_0 EXIST::FUNCTION:
+@@ -2858,8 +2857,8 @@ BIO_set 2765 1_1_0 EXIST::FUNCTION:
+ CONF_imodule_set_flags 2766 1_1_0 EXIST::FUNCTION:
+ i2d_ASN1_SET_ANY 2767 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_decrypt 2768 1_1_0 EXIST::FUNCTION:
+-OCSP_RESPID_it 2769 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_RESPID_it 2769 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_RESPID_it 2769 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_RESPID_it 2769 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ EVP_des_ede3_cbc 2770 1_1_0 EXIST::FUNCTION:DES
+ X509_up_ref 2771 1_1_0 EXIST::FUNCTION:
+ OBJ_NAME_do_all_sorted 2772 1_1_0 EXIST::FUNCTION:
+@@ -2873,7 +2872,7 @@ RSAPrivateKey_it 2777 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:
+ X509_NAME_ENTRY_free 2778 1_1_0 EXIST::FUNCTION:
+ BIO_new_fd 2779 1_1_0 EXIST::FUNCTION:
+ ENGINE_cleanup 2780 1_1_0 NOEXIST::FUNCTION:
+-sk_value 2781 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_value 2781 1_1_0 EXIST::FUNCTION:
+ NCONF_get_section 2782 1_1_0 EXIST::FUNCTION:
+ PKCS12_MAC_DATA_it 2783 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKCS12_MAC_DATA_it 2783 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+@@ -2885,7 +2884,7 @@ PKCS12_setup_mac 2788 1_1_0 EXIST::FUNCTION:
+ PEM_read_bio_PKCS7 2789 1_1_0 EXIST::FUNCTION:
+ SHA512_Final 2790 1_1_0 EXIST:!VMSVAX:FUNCTION:
+ X509_VERIFY_PARAM_set1_host 2791 1_1_0 EXIST::FUNCTION:
+-OCSP_resp_find_status 2792 1_1_0 EXIST::FUNCTION:
++OCSP_resp_find_status 2792 1_1_0 EXIST::FUNCTION:OCSP
+ d2i_ASN1_T61STRING 2793 1_1_0 EXIST::FUNCTION:
+ DES_pcbc_encrypt 2794 1_1_0 EXIST::FUNCTION:DES
+ EVP_PKEY_print_params 2795 1_1_0 EXIST::FUNCTION:
+@@ -2907,8 +2906,8 @@ ENGINE_register_all_DH 2809 1_1_0 EXIST::FUNCTION:ENGINE
+ ERR_clear_error 2810 1_1_0 EXIST::FUNCTION:
+ EC_KEY_dup 2811 1_1_0 EXIST::FUNCTION:EC
+ X509_LOOKUP_init 2812 1_1_0 EXIST::FUNCTION:
+-i2b_PVK_bio 2813 1_1_0 EXIST::FUNCTION:RC4
+-OCSP_ONEREQ_free 2814 1_1_0 EXIST::FUNCTION:
++i2b_PVK_bio 2813 1_1_0 EXIST::FUNCTION:DSA,RC4
++OCSP_ONEREQ_free 2814 1_1_0 EXIST::FUNCTION:OCSP
+ X509V3_EXT_print_fp 2815 1_1_0 EXIST::FUNCTION:STDIO
+ OBJ_bsearch_ex_ 2816 1_1_0 EXIST::FUNCTION:
+ DES_ofb64_encrypt 2817 1_1_0 EXIST::FUNCTION:DES
+@@ -2926,7 +2925,7 @@ CRYPTO_get_id_callback 2828 1_1_0 NOEXIST::FUNCTION:
+ X509_CRL_add_ext 2829 1_1_0 EXIST::FUNCTION:
+ X509_REQ_get_signature_nid 2830 1_1_0 EXIST::FUNCTION:
+ TS_TST_INFO_get_ext 2831 1_1_0 EXIST::FUNCTION:TS
+-i2d_OCSP_RESPID 2832 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_RESPID 2832 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_camellia_256_cfb8 2833 1_1_0 EXIST::FUNCTION:CAMELLIA
+ EC_KEY_get0_public_key 2834 1_1_0 EXIST::FUNCTION:EC
+ SRP_Calc_x 2835 1_1_0 EXIST::FUNCTION:SRP
+@@ -2959,14 +2958,14 @@ TS_MSG_IMPRINT_get_msg 2859 1_1_0 EXIST::FUNCTION:TS
+ PKCS8_add_keyusage 2860 1_1_0 EXIST::FUNCTION:
+ X509_EXTENSION_dup 2861 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_asn1_new 2862 1_1_0 EXIST::FUNCTION:
+-BIO_socket_nbio 2863 1_1_0 EXIST::FUNCTION:
++BIO_socket_nbio 2863 1_1_0 EXIST::FUNCTION:SOCK
+ EVP_CIPHER_set_asn1_iv 2864 1_1_0 EXIST::FUNCTION:
+ EC_GFp_nistp224_method 2865 1_1_0 EXIST:!WIN32:FUNCTION:EC,EC_NISTP_64_GCC_128
+ BN_swap 2866 1_1_0 EXIST::FUNCTION:
+ d2i_ECParameters 2867 1_1_0 EXIST::FUNCTION:EC
+ X509_NAME_add_entry_by_OBJ 2868 1_1_0 EXIST::FUNCTION:
+ TS_TST_INFO_get_ext_count 2869 1_1_0 EXIST::FUNCTION:TS
+-i2d_OCSP_CERTID 2870 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_CERTID 2870 1_1_0 EXIST::FUNCTION:OCSP
+ BN_CTX_start 2871 1_1_0 EXIST::FUNCTION:
+ BN_print 2872 1_1_0 EXIST::FUNCTION:
+ EC_KEY_set_flags 2873 1_1_0 EXIST::FUNCTION:EC
+@@ -2981,10 +2980,10 @@ X509_CINF_it 2880 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:
+ TS_CONF_set_accuracy 2881 1_1_0 EXIST::FUNCTION:TS
+ DES_crypt 2882 1_1_0 EXIST::FUNCTION:DES
+ BN_BLINDING_create_param 2883 1_1_0 EXIST::FUNCTION:
+-OCSP_SERVICELOC_free 2884 1_1_0 EXIST::FUNCTION:
++OCSP_SERVICELOC_free 2884 1_1_0 EXIST::FUNCTION:OCSP
+ DIST_POINT_NAME_free 2885 1_1_0 EXIST::FUNCTION:
+-BIO_listen 2886 1_1_0 EXIST::FUNCTION:
+-BIO_ADDR_path_string 2887 1_1_0 EXIST::FUNCTION:
++BIO_listen 2886 1_1_0 EXIST::FUNCTION:SOCK
++BIO_ADDR_path_string 2887 1_1_0 EXIST::FUNCTION:SOCK
+ POLICY_CONSTRAINTS_it 2888 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ POLICY_CONSTRAINTS_it 2888 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ NCONF_free_data 2889 1_1_0 EXIST::FUNCTION:
+@@ -3012,7 +3011,7 @@ EVP_des_ede3_cfb1 2909 1_1_0 EXIST::FUNCTION:DES
+ TS_REQ_to_TS_VERIFY_CTX 2910 1_1_0 EXIST::FUNCTION:TS
+ d2i_PBEPARAM 2911 1_1_0 EXIST::FUNCTION:
+ BN_get0_nist_prime_521 2912 1_1_0 EXIST::FUNCTION:
+-OCSP_ONEREQ_get_ext_by_NID 2913 1_1_0 EXIST::FUNCTION:
++OCSP_ONEREQ_get_ext_by_NID 2913 1_1_0 EXIST::FUNCTION:OCSP
+ X509_PUBKEY_get0 2914 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get0_parent_ctx 2915 1_1_0 EXIST::FUNCTION:
+ EC_GROUP_set_seed 2916 1_1_0 EXIST::FUNCTION:EC
+@@ -3025,7 +3024,7 @@ RC5_32_decrypt 2921 1_1_0 EXIST::FUNCTION:RC5
+ i2d_X509_REQ_INFO 2922 1_1_0 EXIST::FUNCTION:
+ EVP_des_cfb1 2923 1_1_0 EXIST::FUNCTION:DES
+ OBJ_NAME_cleanup 2924 1_1_0 EXIST::FUNCTION:
+-OCSP_BASICRESP_get1_ext_d2i 2925 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_get1_ext_d2i 2925 1_1_0 EXIST::FUNCTION:OCSP
+ DES_cfb64_encrypt 2926 1_1_0 EXIST::FUNCTION:DES
+ CAST_cfb64_encrypt 2927 1_1_0 EXIST::FUNCTION:CAST
+ EVP_PKEY_asn1_set_param 2928 1_1_0 EXIST::FUNCTION:
+@@ -3042,7 +3041,7 @@ X509_get1_email 2938 1_1_0 EXIST::FUNCTION:
+ EC_POINT_point2oct 2939 1_1_0 EXIST::FUNCTION:EC
+ EC_GROUP_get_curve_GFp 2940 1_1_0 EXIST::FUNCTION:EC
+ ASYNC_block_pause 2941 1_1_0 EXIST::FUNCTION:
+-OCSP_SINGLERESP_get_ext 2942 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_get_ext 2942 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_strdup 2943 1_1_0 EXIST::FUNCTION:
+ DSO_get_default_method 2944 1_1_0 NOEXIST::FUNCTION:
+ i2d_X509_CRL_bio 2945 1_1_0 EXIST::FUNCTION:
+@@ -3052,7 +3051,7 @@ X509v3_addr_get_afi 2948 1_1_0 EXIST::FUNCTION:RFC3779
+ X509_STORE_CTX_get0_param 2949 1_1_0 EXIST::FUNCTION:
+ EVP_add_alg_module 2950 1_1_0 EXIST::FUNCTION:
+ X509_check_purpose 2951 1_1_0 EXIST::FUNCTION:
+-OCSP_REQUEST_delete_ext 2952 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_delete_ext 2952 1_1_0 EXIST::FUNCTION:OCSP
+ X509_PURPOSE_get_count 2953 1_1_0 EXIST::FUNCTION:
+ d2i_PKCS12_bio 2954 1_1_0 EXIST::FUNCTION:
+ ASN1_item_free 2955 1_1_0 EXIST::FUNCTION:
+@@ -3117,8 +3116,8 @@ DES_ede3_cfb64_encrypt 3012 1_1_0 EXIST::FUNCTION:DES
+ DSO_METHOD_vms 3013 1_1_0 NOEXIST::FUNCTION:
+ POLICY_MAPPING_free 3014 1_1_0 EXIST::FUNCTION:
+ EVP_aes_128_gcm 3015 1_1_0 EXIST::FUNCTION:
+-BIO_dgram_non_fatal_error 3016 1_1_0 EXIST::FUNCTION:
+-OCSP_request_is_signed 3017 1_1_0 EXIST::FUNCTION:
++BIO_dgram_non_fatal_error 3016 1_1_0 EXIST::FUNCTION:DGRAM
++OCSP_request_is_signed 3017 1_1_0 EXIST::FUNCTION:OCSP
+ i2d_BASIC_CONSTRAINTS 3018 1_1_0 EXIST::FUNCTION:
+ EC_KEY_get_method 3019 1_1_0 EXIST::FUNCTION:EC
+ CRYPTO_get_dynlock_destroy_callback 3020 1_1_0 NOEXIST::FUNCTION:
+@@ -3140,7 +3139,7 @@ PKCS7_it 3034 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION
+ PKCS7_it 3034 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ CMS_unsigned_get_attr_by_OBJ 3035 1_1_0 EXIST::FUNCTION:CMS
+ BN_clear 3036 1_1_0 EXIST::FUNCTION:
+-BIO_socket_ioctl 3037 1_1_0 EXIST::FUNCTION:
++BIO_socket_ioctl 3037 1_1_0 EXIST::FUNCTION:SOCK
+ GENERAL_NAME_cmp 3038 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_set_purpose 3039 1_1_0 EXIST::FUNCTION:
+ X509_REVOKED_get_ext_d2i 3040 1_1_0 EXIST::FUNCTION:
+@@ -3148,7 +3147,7 @@ X509V3_set_conf_lhash 3041 1_1_0 EXIST::FUNCTION:
+ PKCS7_ENC_CONTENT_it 3042 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKCS7_ENC_CONTENT_it 3042 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ PKCS12_item_pack_safebag 3043 1_1_0 EXIST::FUNCTION:
+-i2d_OCSP_RESPDATA 3044 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_RESPDATA 3044 1_1_0 EXIST::FUNCTION:OCSP
+ i2d_X509_PUBKEY 3045 1_1_0 EXIST::FUNCTION:
+ EVP_DecryptUpdate 3046 1_1_0 EXIST::FUNCTION:
+ CAST_cbc_encrypt 3047 1_1_0 EXIST::FUNCTION:CAST
+@@ -3202,12 +3201,12 @@ d2i_ECPrivateKey_bio 3094 1_1_0 EXIST::FUNCTION:EC
+ BIO_s_secmem 3095 1_1_0 EXIST::FUNCTION:
+ ENGINE_get_default_EC 3096 1_1_0 EXIST::FUNCTION:ENGINE
+ TS_RESP_create_response 3097 1_1_0 EXIST::FUNCTION:TS
+-BIO_ADDR_rawaddress 3098 1_1_0 EXIST::FUNCTION:
++BIO_ADDR_rawaddress 3098 1_1_0 EXIST::FUNCTION:SOCK
+ PKCS7_ENCRYPT_new 3099 1_1_0 EXIST::FUNCTION:
+ i2d_PKCS8PrivateKey_fp 3100 1_1_0 EXIST::FUNCTION:STDIO
+ SRP_user_pwd_free 3101 1_1_0 EXIST::FUNCTION:SRP
+ Camellia_encrypt 3102 1_1_0 EXIST::FUNCTION:CAMELLIA
+-BIO_ADDR_hostname_string 3103 1_1_0 EXIST::FUNCTION:
++BIO_ADDR_hostname_string 3103 1_1_0 EXIST::FUNCTION:SOCK
+ USERNOTICE_new 3104 1_1_0 EXIST::FUNCTION:
+ POLICY_MAPPING_new 3105 1_1_0 EXIST::FUNCTION:
+ CRYPTO_gcm128_release 3106 1_1_0 EXIST::FUNCTION:
+@@ -3218,9 +3217,9 @@ PEM_read_DSA_PUBKEY 3110 1_1_0 EXIST::FUNCTION:DSA
+ X509_get0_subject_key_id 3111 1_1_0 EXIST::FUNCTION:
+ i2s_ASN1_ENUMERATED 3112 1_1_0 EXIST::FUNCTION:
+ X509v3_get_ext_by_OBJ 3113 1_1_0 EXIST::FUNCTION:
+-OCSP_REQUEST_free 3114 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_free 3114 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_ocb128_aad 3115 1_1_0 EXIST::FUNCTION:OCB
+-sk_deep_copy 3116 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_deep_copy 3116 1_1_0 EXIST::FUNCTION:
+ i2d_RSA_PSS_PARAMS 3117 1_1_0 EXIST::FUNCTION:RSA
+ EVP_aes_128_wrap_pad 3118 1_1_0 EXIST::FUNCTION:
+ ASN1_BIT_STRING_set 3119 1_1_0 EXIST::FUNCTION:
+@@ -3248,16 +3247,16 @@ TXT_DB_free 3139 1_1_0 EXIST::FUNCTION:
+ ASN1_STRING_set 3140 1_1_0 EXIST::FUNCTION:
+ d2i_ESS_CERT_ID 3141 1_1_0 EXIST::FUNCTION:TS
+ EVP_PKEY_meth_set_derive 3142 1_1_0 EXIST::FUNCTION:
+-lh_stats 3143 1_1_0 EXIST::FUNCTION:STDIO
++OPENSSL_LH_stats 3143 1_1_0 EXIST::FUNCTION:STDIO
+ NCONF_dump_fp 3144 1_1_0 EXIST::FUNCTION:STDIO
+ TS_STATUS_INFO_print_bio 3145 1_1_0 EXIST::FUNCTION:TS
+-sk_dup 3146 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_dup 3146 1_1_0 EXIST::FUNCTION:
+ BF_cfb64_encrypt 3147 1_1_0 EXIST::FUNCTION:BF
+ ASN1_GENERALIZEDTIME_adj 3148 1_1_0 EXIST::FUNCTION:
+ ECDSA_verify 3149 1_1_0 EXIST::FUNCTION:EC
+ EVP_camellia_256_cfb128 3150 1_1_0 EXIST::FUNCTION:CAMELLIA
+-CMAC_Init 3151 1_1_0 EXIST::FUNCTION:
+-OCSP_basic_add1_status 3152 1_1_0 EXIST::FUNCTION:
++CMAC_Init 3151 1_1_0 EXIST::FUNCTION:CMAC
++OCSP_basic_add1_status 3152 1_1_0 EXIST::FUNCTION:OCSP
+ X509_CRL_get0_by_cert 3153 1_1_0 EXIST::FUNCTION:
+ TS_TST_INFO_set_tsa 3154 1_1_0 EXIST::FUNCTION:TS
+ i2d_ASN1_GENERALIZEDTIME 3155 1_1_0 EXIST::FUNCTION:
+@@ -3268,11 +3267,11 @@ X509_VERIFY_PARAM_set_time 3159 1_1_0 EXIST::FUNCTION:
+ BN_reciprocal 3160 1_1_0 EXIST::FUNCTION:
+ d2i_PKCS7_SIGN_ENVELOPE 3161 1_1_0 EXIST::FUNCTION:
+ X509_NAME_digest 3162 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_SERVICELOC 3163 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_SERVICELOC 3163 1_1_0 EXIST::FUNCTION:OCSP
+ GENERAL_NAME_print 3164 1_1_0 EXIST::FUNCTION:
+ CMS_ReceiptRequest_get0_values 3165 1_1_0 EXIST::FUNCTION:CMS
+ a2i_ASN1_INTEGER 3166 1_1_0 EXIST::FUNCTION:
+-OCSP_sendreq_bio 3167 1_1_0 EXIST::FUNCTION:
++OCSP_sendreq_bio 3167 1_1_0 EXIST::FUNCTION:OCSP
+ PKCS12_SAFEBAG_create_crl 3168 1_1_0 EXIST::FUNCTION:
+ d2i_X509_NAME 3169 1_1_0 EXIST::FUNCTION:
+ IDEA_cfb64_encrypt 3170 1_1_0 EXIST::FUNCTION:IDEA
+@@ -3286,20 +3285,20 @@ CRYPTO_get_dynlock_create_callback 3177 1_1_0 NOEXIST::FUNCTION:
+ i2a_ACCESS_DESCRIPTION 3178 1_1_0 EXIST::FUNCTION:
+ EC_KEY_set_enc_flags 3179 1_1_0 EXIST::FUNCTION:EC
+ i2d_PUBKEY_fp 3180 1_1_0 EXIST::FUNCTION:STDIO
+-b2i_PrivateKey_bio 3181 1_1_0 EXIST::FUNCTION:
+-OCSP_REQUEST_add_ext 3182 1_1_0 EXIST::FUNCTION:
++b2i_PrivateKey_bio 3181 1_1_0 EXIST::FUNCTION:DSA
++OCSP_REQUEST_add_ext 3182 1_1_0 EXIST::FUNCTION:OCSP
+ SXNET_add_id_INTEGER 3183 1_1_0 EXIST::FUNCTION:
+ CTLOG_get0_public_key 3184 1_1_0 EXIST::FUNCTION:CT
+-OCSP_REQUEST_get_ext_by_OBJ 3185 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_get_ext_by_OBJ 3185 1_1_0 EXIST::FUNCTION:OCSP
+ X509_NAME_oneline 3186 1_1_0 EXIST::FUNCTION:
+ X509V3_set_nconf 3187 1_1_0 EXIST::FUNCTION:
+ RSAPrivateKey_dup 3188 1_1_0 EXIST::FUNCTION:RSA
+ BN_mod_add 3189 1_1_0 EXIST::FUNCTION:
+ EC_POINT_set_affine_coordinates_GFp 3190 1_1_0 EXIST::FUNCTION:EC
+ X509_get_default_cert_file 3191 1_1_0 EXIST::FUNCTION:
+-UI_method_set_flusher 3192 1_1_0 EXIST::FUNCTION:
++UI_method_set_flusher 3192 1_1_0 EXIST::FUNCTION:UI
+ RSA_new_method 3193 1_1_0 EXIST::FUNCTION:RSA
+-OCSP_request_verify 3194 1_1_0 EXIST::FUNCTION:
++OCSP_request_verify 3194 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_THREAD_run_once 3195 1_1_0 EXIST::FUNCTION:
+ TS_REQ_print_bio 3196 1_1_0 EXIST::FUNCTION:TS
+ SCT_get_version 3197 1_1_0 EXIST::FUNCTION:CT
+@@ -3307,7 +3306,7 @@ IDEA_set_encrypt_key 3198 1_1_0 EXIST::FUNCTION:IDEA
+ ENGINE_get_DH 3199 1_1_0 EXIST::FUNCTION:ENGINE
+ i2d_ASIdentifierChoice 3200 1_1_0 EXIST::FUNCTION:RFC3779
+ SRP_Calc_A 3201 1_1_0 EXIST::FUNCTION:SRP
+-OCSP_BASICRESP_add_ext 3202 1_1_0 EXIST::FUNCTION:
++OCSP_BASICRESP_add_ext 3202 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_idea_cfb64 3203 1_1_0 EXIST::FUNCTION:IDEA
+ PKCS12_newpass 3204 1_1_0 EXIST::FUNCTION:
+ EVP_aes_256_cbc_hmac_sha256 3205 1_1_0 EXIST::FUNCTION:
+@@ -3321,11 +3320,11 @@ EVP_CIPHER_CTX_new 3212 1_1_0 EXIST::FUNCTION:
+ MD4_Final 3213 1_1_0 EXIST::FUNCTION:MD4
+ EVP_PKEY_id 3214 1_1_0 EXIST::FUNCTION:
+ CMS_RecipientInfo_get0_pkey_ctx 3215 1_1_0 EXIST::FUNCTION:CMS
+-OCSP_REQINFO_free 3216 1_1_0 EXIST::FUNCTION:
++OCSP_REQINFO_free 3216 1_1_0 EXIST::FUNCTION:OCSP
+ AUTHORITY_KEYID_new 3217 1_1_0 EXIST::FUNCTION:
+ i2d_DIST_POINT_NAME 3218 1_1_0 EXIST::FUNCTION:
+ OpenSSL_version_num 3219 1_1_0 EXIST::FUNCTION:
+-OCSP_CERTID_free 3220 1_1_0 EXIST::FUNCTION:
++OCSP_CERTID_free 3220 1_1_0 EXIST::FUNCTION:OCSP
+ BIO_hex_string 3221 1_1_0 EXIST::FUNCTION:
+ X509_REQ_sign_ctx 3222 1_1_0 EXIST::FUNCTION:
+ CRYPTO_ocb128_init 3223 1_1_0 EXIST::FUNCTION:OCB
+@@ -3377,8 +3376,8 @@ BIO_vprintf 3267 1_1_0 EXIST::FUNCTION:
+ CMS_RecipientInfo_decrypt 3268 1_1_0 EXIST::FUNCTION:CMS
+ RSA_generate_key 3269 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_0_9_8,RSA
+ PKCS7_set0_type_other 3270 1_1_0 EXIST::FUNCTION:
+-OCSP_REQUEST_new 3271 1_1_0 EXIST::FUNCTION:
+-BIO_lookup 3272 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_new 3271 1_1_0 EXIST::FUNCTION:OCSP
++BIO_lookup 3272 1_1_0 EXIST::FUNCTION:SOCK
+ EC_GROUP_get0_cofactor 3273 1_1_0 EXIST::FUNCTION:EC
+ CRYPTO_THREADID_set_numeric 3274 1_1_0 NOEXIST::FUNCTION:
+ SCT_print 3275 1_1_0 EXIST::FUNCTION:CT
+@@ -3390,9 +3389,9 @@ X509_NAME_get_text_by_OBJ 3280 1_1_0 EXIST::FUNCTION:
+ RSA_padding_check_none 3281 1_1_0 EXIST::FUNCTION:RSA
+ CRYPTO_set_mem_debug 3282 1_1_0 EXIST::FUNCTION:
+ TS_VERIFY_CTX_init 3283 1_1_0 EXIST::FUNCTION:TS
+-OCSP_cert_id_new 3284 1_1_0 EXIST::FUNCTION:
++OCSP_cert_id_new 3284 1_1_0 EXIST::FUNCTION:OCSP
+ GENERAL_SUBTREE_new 3285 1_1_0 EXIST::FUNCTION:
+-sk_push 3286 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_push 3286 1_1_0 EXIST::FUNCTION:
+ X509_LOOKUP_ctrl 3287 1_1_0 EXIST::FUNCTION:
+ SRP_check_known_gN_param 3288 1_1_0 EXIST::FUNCTION:SRP
+ d2i_DIST_POINT 3289 1_1_0 EXIST::FUNCTION:
+@@ -3412,7 +3411,7 @@ DSA_SIG_free 3301 1_1_0 EXIST::FUNCTION:DSA
+ BIO_asn1_set_suffix 3302 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_set_type_str 3303 1_1_0 EXIST::FUNCTION:
+ i2d_X509_SIG 3304 1_1_0 EXIST::FUNCTION:
+-lh_strhash 3305 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_strhash 3305 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_set_trust 3306 1_1_0 EXIST::FUNCTION:
+ TS_ACCURACY_set_micros 3307 1_1_0 EXIST::FUNCTION:TS
+ EVP_DigestFinal_ex 3308 1_1_0 EXIST::FUNCTION:
+@@ -3440,20 +3439,20 @@ DSO_set_name_converter 3329 1_1_0 NOEXIST::FUNCTION:
+ OPENSSL_thread_stop 3330 1_1_0 EXIST::FUNCTION:
+ X509_policy_node_get0_parent 3331 1_1_0 EXIST::FUNCTION:
+ X509_PKEY_free 3332 1_1_0 EXIST::FUNCTION:
+-OCSP_CRLID_new 3333 1_1_0 EXIST::FUNCTION:
++OCSP_CRLID_new 3333 1_1_0 EXIST::FUNCTION:OCSP
+ CONF_dump_bio 3334 1_1_0 EXIST::FUNCTION:
+ d2i_PKCS8PrivateKey_fp 3335 1_1_0 EXIST::FUNCTION:STDIO
+ RSA_setup_blinding 3336 1_1_0 EXIST::FUNCTION:RSA
+ ERR_peek_error_line 3337 1_1_0 EXIST::FUNCTION:
+ d2i_PKCS7 3338 1_1_0 EXIST::FUNCTION:
+ ERR_reason_error_string 3339 1_1_0 EXIST::FUNCTION:
+-ERR_remove_thread_state 3340 1_1_0 EXIST::FUNCTION:
++ERR_remove_thread_state 3340 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_1_1_0
+ PEM_write_PrivateKey 3341 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_CTX_str2ctrl 3342 1_1_0 EXIST::FUNCTION:
+ CMS_SignerInfo_verify_content 3343 1_1_0 EXIST::FUNCTION:CMS
+ ASN1_INTEGER_get_int64 3344 1_1_0 EXIST::FUNCTION:
+ ASN1_item_sign 3345 1_1_0 EXIST::FUNCTION:
+-OCSP_SERVICELOC_new 3346 1_1_0 EXIST::FUNCTION:
++OCSP_SERVICELOC_new 3346 1_1_0 EXIST::FUNCTION:OCSP
+ ASN1_VISIBLESTRING_new 3347 1_1_0 EXIST::FUNCTION:
+ BN_set_flags 3348 1_1_0 EXIST::FUNCTION:
+ d2i_PrivateKey_bio 3349 1_1_0 EXIST::FUNCTION:
+@@ -3461,8 +3460,8 @@ ASN1_SEQUENCE_ANY_it 3350 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION
+ ASN1_SEQUENCE_ANY_it 3350 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ ASN1_UTCTIME_adj 3351 1_1_0 EXIST::FUNCTION:
+ BN_mod_sqrt 3352 1_1_0 EXIST::FUNCTION:
+-sk_is_sorted 3353 1_1_0 EXIST::FUNCTION:
+-OCSP_SIGNATURE_new 3354 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_is_sorted 3353 1_1_0 EXIST::FUNCTION:
++OCSP_SIGNATURE_new 3354 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_PKEY_meth_get_paramgen 3355 1_1_0 EXIST::FUNCTION:
+ X509_ATTRIBUTE_create_by_OBJ 3356 1_1_0 EXIST::FUNCTION:
+ RSA_generate_key_ex 3357 1_1_0 EXIST::FUNCTION:RSA
+@@ -3471,7 +3470,7 @@ DIST_POINT_free 3359 1_1_0 EXIST::FUNCTION:
+ ESS_SIGNING_CERT_free 3360 1_1_0 EXIST::FUNCTION:TS
+ SCT_new_from_base64 3361 1_1_0 EXIST::FUNCTION:CT
+ OpenSSL_version 3362 1_1_0 EXIST::FUNCTION:
+-OCSP_SINGLERESP_get_ext_by_OBJ 3363 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_get_ext_by_OBJ 3363 1_1_0 EXIST::FUNCTION:OCSP
+ ECDSA_SIG_get0 3364 1_1_0 EXIST::FUNCTION:EC
+ BN_set_word 3365 1_1_0 EXIST::FUNCTION:
+ ENGINE_set_flags 3366 1_1_0 EXIST::FUNCTION:ENGINE
+@@ -3489,14 +3488,14 @@ PKCS12_PBE_add 3376 1_1_0 EXIST::FUNCTION:
+ EC_KEY_set_public_key_affine_coordinates 3377 1_1_0 EXIST::FUNCTION:EC
+ EVP_EncryptInit_ex 3378 1_1_0 EXIST::FUNCTION:
+ ENGINE_add 3379 1_1_0 EXIST::FUNCTION:ENGINE
+-lh_error 3380 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_error 3380 1_1_0 EXIST::FUNCTION:
+ PKCS7_DIGEST_it 3381 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKCS7_DIGEST_it 3381 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ X509_CINF_new 3382 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_keygen_init 3383 1_1_0 EXIST::FUNCTION:
+ EVP_aes_192_ocb 3384 1_1_0 EXIST::FUNCTION:OCB
+ EVP_camellia_256_cfb1 3385 1_1_0 EXIST::FUNCTION:CAMELLIA
+-DES_read_2passwords 3386 1_1_0 EXIST::FUNCTION:DES,UI
++DES_read_2passwords 3386 1_1_0 NOEXIST::FUNCTION:
+ CRYPTO_secure_actual_size 3387 1_1_0 EXIST::FUNCTION:
+ COMP_CTX_free 3388 1_1_0 EXIST::FUNCTION:COMP
+ i2d_PBE2PARAM 3389 1_1_0 EXIST::FUNCTION:
+@@ -3511,13 +3510,13 @@ EVP_aes_128_ctr 3397 1_1_0 EXIST::FUNCTION:
+ EVP_PBE_find 3398 1_1_0 EXIST::FUNCTION:
+ SHA512_Transform 3399 1_1_0 EXIST:!VMSVAX:FUNCTION:
+ ERR_add_error_vdata 3400 1_1_0 EXIST::FUNCTION:
+-OCSP_REQUEST_get_ext 3401 1_1_0 EXIST::FUNCTION:
++OCSP_REQUEST_get_ext 3401 1_1_0 EXIST::FUNCTION:OCSP
+ NETSCAPE_SPKAC_new 3402 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_meth_get_verify 3403 1_1_0 EXIST::FUNCTION:
+ CRYPTO_128_wrap 3404 1_1_0 EXIST::FUNCTION:
+ X509_STORE_set_lookup_crls_cb 3405 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_meth_get_ctrl 3406 1_1_0 EXIST::FUNCTION:
+-OCSP_REQ_CTX_set1_req 3407 1_1_0 EXIST::FUNCTION:
++OCSP_REQ_CTX_set1_req 3407 1_1_0 EXIST::FUNCTION:OCSP
+ CONF_imodule_get_usr_data 3408 1_1_0 EXIST::FUNCTION:
+ CRYPTO_new_ex_data 3409 1_1_0 EXIST::FUNCTION:
+ PEM_read_PKCS8_PRIV_KEY_INFO 3410 1_1_0 EXIST::FUNCTION:
+@@ -3531,7 +3530,7 @@ ASN1_mbstring_copy 3417 1_1_0 EXIST::FUNCTION:
+ PKCS7_set_type 3418 1_1_0 EXIST::FUNCTION:
+ BIO_gets 3419 1_1_0 EXIST::FUNCTION:
+ RSA_padding_check_PKCS1_type_1 3420 1_1_0 EXIST::FUNCTION:RSA
+-UI_ctrl 3421 1_1_0 EXIST::FUNCTION:
++UI_ctrl 3421 1_1_0 EXIST::FUNCTION:UI
+ i2d_X509_REQ_fp 3422 1_1_0 EXIST::FUNCTION:STDIO
+ BN_BLINDING_convert_ex 3423 1_1_0 EXIST::FUNCTION:
+ ASN1_GENERALIZEDTIME_print 3424 1_1_0 EXIST::FUNCTION:
+@@ -3540,15 +3539,15 @@ PEM_ASN1_read 3426 1_1_0 EXIST::FUNCTION:STDIO
+ SCT_get_log_entry_type 3427 1_1_0 EXIST::FUNCTION:CT
+ EVP_CIPHER_meth_get_init 3428 1_1_0 EXIST::FUNCTION:
+ X509_ALGOR_free 3429 1_1_0 EXIST::FUNCTION:
+-OCSP_SINGLERESP_get_ext_count 3430 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_get_ext_count 3430 1_1_0 EXIST::FUNCTION:OCSP
+ EC_POINT_free 3431 1_1_0 EXIST::FUNCTION:EC
+ EVP_OpenFinal 3432 1_1_0 EXIST::FUNCTION:RSA
+ RAND_egd_bytes 3433 1_1_0 EXIST::FUNCTION:EGD
+-UI_method_get_writer 3434 1_1_0 EXIST::FUNCTION:
++UI_method_get_writer 3434 1_1_0 EXIST::FUNCTION:UI
+ BN_secure_new 3435 1_1_0 EXIST::FUNCTION:
+ CTLOG_new_null 3436 1_1_0 EXIST::FUNCTION:CT
+ SHA1_Update 3437 1_1_0 EXIST::FUNCTION:
+-BIO_s_connect 3438 1_1_0 EXIST::FUNCTION:
++BIO_s_connect 3438 1_1_0 EXIST::FUNCTION:SOCK
+ EVP_MD_meth_get_init 3439 1_1_0 EXIST::FUNCTION:
+ ASN1_BIT_STRING_free 3440 1_1_0 EXIST::FUNCTION:
+ i2d_PROXY_CERT_INFO_EXTENSION 3441 1_1_0 EXIST::FUNCTION:
+@@ -3557,7 +3556,7 @@ X509_CRL_up_ref 3443 1_1_0 EXIST::FUNCTION:
+ EVP_EncodeFinal 3444 1_1_0 EXIST::FUNCTION:
+ X509_set_ex_data 3445 1_1_0 EXIST::FUNCTION:
+ ERR_get_next_error_library 3446 1_1_0 EXIST::FUNCTION:
+-OCSP_RESPONSE_print 3447 1_1_0 EXIST::FUNCTION:
++OCSP_RESPONSE_print 3447 1_1_0 EXIST::FUNCTION:OCSP
+ BN_get_rfc3526_prime_2048 3448 1_1_0 EXIST::FUNCTION:
+ BIO_new_bio_pair 3449 1_1_0 EXIST::FUNCTION:
+ EC_GFp_nistp256_method 3450 1_1_0 EXIST:!WIN32:FUNCTION:EC,EC_NISTP_64_GCC_128
+@@ -3588,14 +3587,14 @@ ASYNC_WAIT_CTX_get_changed_fds 3474 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_save_parameters 3475 1_1_0 EXIST::FUNCTION:
+ SCT_set_source 3476 1_1_0 EXIST::FUNCTION:CT
+ DES_set_odd_parity 3477 1_1_0 EXIST::FUNCTION:DES
+-CMAC_CTX_free 3478 1_1_0 EXIST::FUNCTION:
++CMAC_CTX_free 3478 1_1_0 EXIST::FUNCTION:CMAC
+ d2i_ESS_ISSUER_SERIAL 3479 1_1_0 EXIST::FUNCTION:TS
+ HMAC_CTX_set_flags 3480 1_1_0 EXIST::FUNCTION:
+ d2i_PKCS8_bio 3481 1_1_0 EXIST::FUNCTION:
+-OCSP_ONEREQ_get_ext_count 3482 1_1_0 EXIST::FUNCTION:
++OCSP_ONEREQ_get_ext_count 3482 1_1_0 EXIST::FUNCTION:OCSP
+ PEM_read_bio_PKCS8_PRIV_KEY_INFO 3483 1_1_0 EXIST::FUNCTION:
+-i2d_OCSP_BASICRESP 3484 1_1_0 EXIST::FUNCTION:
+-CMAC_Final 3485 1_1_0 EXIST::FUNCTION:
++i2d_OCSP_BASICRESP 3484 1_1_0 EXIST::FUNCTION:OCSP
++CMAC_Final 3485 1_1_0 EXIST::FUNCTION:CMAC
+ X509V3_EXT_add_alias 3486 1_1_0 EXIST::FUNCTION:
+ BN_get_params 3487 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_0_9_8
+ PKCS5_pbkdf2_set 3488 1_1_0 EXIST::FUNCTION:
+@@ -3613,7 +3612,7 @@ BIO_ptr_ctrl 3499 1_1_0 EXIST::FUNCTION:
+ EVP_rc4_hmac_md5 3500 1_1_0 EXIST::FUNCTION:MD5,RC4
+ OPENSSL_strlcat 3501 1_1_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_new 3502 1_1_0 EXIST::FUNCTION:
+-BIO_ADDR_rawport 3503 1_1_0 EXIST::FUNCTION:
++BIO_ADDR_rawport 3503 1_1_0 EXIST::FUNCTION:SOCK
+ BUF_MEM_grow_clean 3504 1_1_0 EXIST::FUNCTION:
+ X509_NAME_print_ex_fp 3505 1_1_0 EXIST::FUNCTION:STDIO
+ X509_check_host 3506 1_1_0 EXIST::FUNCTION:
+@@ -3677,13 +3676,13 @@ X509_STORE_set1_param 3563 1_1_0 EXIST::FUNCTION:
+ RAND_file_name 3564 1_1_0 EXIST::FUNCTION:
+ DSO_METHOD_dl 3565 1_1_0 NOEXIST::FUNCTION:
+ EVP_CipherInit_ex 3566 1_1_0 EXIST::FUNCTION:
+-BIO_dgram_sctp_notification_cb 3567 1_1_0 EXIST::FUNCTION:SCTP
++BIO_dgram_sctp_notification_cb 3567 1_1_0 EXIST::FUNCTION:DGRAM,SCTP
+ ERR_load_RAND_strings 3568 1_1_0 EXIST::FUNCTION:
+ X509_ATTRIBUTE_it 3569 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ X509_ATTRIBUTE_it 3569 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ X509_ALGOR_it 3570 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ X509_ALGOR_it 3570 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+-OCSP_CRLID_free 3571 1_1_0 EXIST::FUNCTION:
++OCSP_CRLID_free 3571 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_ccm128_aad 3572 1_1_0 EXIST::FUNCTION:
+ IPAddressFamily_new 3573 1_1_0 EXIST::FUNCTION:RFC3779
+ d2i_TS_ACCURACY 3574 1_1_0 EXIST::FUNCTION:TS
+@@ -3693,7 +3692,7 @@ EVP_camellia_256_cbc 3577 1_1_0 EXIST::FUNCTION:CAMELLIA
+ i2d_PROXY_POLICY 3578 1_1_0 EXIST::FUNCTION:
+ X509_subject_name_hash_old 3579 1_1_0 EXIST::FUNCTION:MD5
+ PEM_read_bio_DSA_PUBKEY 3580 1_1_0 EXIST::FUNCTION:DSA
+-OCSP_cert_to_id 3581 1_1_0 EXIST::FUNCTION:
++OCSP_cert_to_id 3581 1_1_0 EXIST::FUNCTION:OCSP
+ PEM_write_DSAparams 3582 1_1_0 EXIST::FUNCTION:DSA
+ ASN1_TIME_to_generalizedtime 3583 1_1_0 EXIST::FUNCTION:
+ X509_CRL_get_ext_by_critical 3584 1_1_0 EXIST::FUNCTION:
+@@ -3703,7 +3702,7 @@ PEM_write_RSAPublicKey 3587 1_1_0 EXIST::FUNCTION:RSA
+ EVP_MD_meth_dup 3588 1_1_0 EXIST::FUNCTION:
+ ENGINE_unregister_ciphers 3589 1_1_0 EXIST::FUNCTION:ENGINE
+ X509_issuer_and_serial_cmp 3590 1_1_0 EXIST::FUNCTION:
+-OCSP_response_create 3591 1_1_0 EXIST::FUNCTION:
++OCSP_response_create 3591 1_1_0 EXIST::FUNCTION:OCSP
+ SHA224 3592 1_1_0 EXIST::FUNCTION:
+ MD2_options 3593 1_1_0 EXIST::FUNCTION:MD2
+ CRYPTO_set_locking_callback 3594 1_1_0 NOEXIST::FUNCTION:
+@@ -3713,7 +3712,7 @@ RAND_bytes 3596 1_1_0 EXIST::FUNCTION:
+ PKCS7_free 3597 1_1_0 EXIST::FUNCTION:
+ X509_NAME_ENTRY_create_by_txt 3598 1_1_0 EXIST::FUNCTION:
+ DES_cbc_cksum 3599 1_1_0 EXIST::FUNCTION:DES
+-UI_free 3600 1_1_0 EXIST::FUNCTION:
++UI_free 3600 1_1_0 EXIST::FUNCTION:UI
+ BN_is_prime 3601 1_1_0 EXIST::FUNCTION:DEPRECATEDIN_0_9_8
+ CMS_get0_signers 3602 1_1_0 EXIST::FUNCTION:CMS
+ i2d_PrivateKey_fp 3603 1_1_0 EXIST::FUNCTION:STDIO
+@@ -3736,7 +3735,7 @@ TS_CONF_set_signer_digest 3619 1_1_0 EXIST::FUNCTION:TS
+ OBJ_new_nid 3620 1_1_0 EXIST::FUNCTION:
+ CMS_ReceiptRequest_new 3621 1_1_0 EXIST::FUNCTION:CMS
+ SRP_VBASE_get1_by_user 3622 1_1_0 EXIST::FUNCTION:SRP
+-UI_method_get_closer 3623 1_1_0 EXIST::FUNCTION:
++UI_method_get_closer 3623 1_1_0 EXIST::FUNCTION:UI
+ ENGINE_get_ex_data 3624 1_1_0 EXIST::FUNCTION:ENGINE
+ BN_print_fp 3625 1_1_0 EXIST::FUNCTION:STDIO
+ MD2_Update 3626 1_1_0 EXIST::FUNCTION:MD2
+@@ -3786,17 +3785,17 @@ ESS_CERT_ID_new 3669 1_1_0 EXIST::FUNCTION:TS
+ EC_POINT_invert 3670 1_1_0 EXIST::FUNCTION:EC
+ CAST_set_key 3671 1_1_0 EXIST::FUNCTION:CAST
+ ENGINE_get_pkey_meth 3672 1_1_0 EXIST::FUNCTION:ENGINE
+-BIO_ADDRINFO_free 3673 1_1_0 EXIST::FUNCTION:
++BIO_ADDRINFO_free 3673 1_1_0 EXIST::FUNCTION:SOCK
+ DES_ede3_cbc_encrypt 3674 1_1_0 EXIST::FUNCTION:DES
+ X509v3_asid_canonize 3675 1_1_0 EXIST::FUNCTION:RFC3779
+ i2d_ASIdOrRange 3676 1_1_0 EXIST::FUNCTION:RFC3779
+-OCSP_url_svcloc_new 3677 1_1_0 EXIST::FUNCTION:
++OCSP_url_svcloc_new 3677 1_1_0 EXIST::FUNCTION:OCSP
+ CRYPTO_mem_ctrl 3678 1_1_0 EXIST::FUNCTION:
+ ASN1_verify 3679 1_1_0 EXIST::FUNCTION:
+ DSA_generate_parameters_ex 3680 1_1_0 EXIST::FUNCTION:DSA
+ X509_sign 3681 1_1_0 EXIST::FUNCTION:
+ SHA256_Transform 3682 1_1_0 EXIST::FUNCTION:
+-BIO_ADDR_free 3683 1_1_0 EXIST::FUNCTION:
++BIO_ADDR_free 3683 1_1_0 EXIST::FUNCTION:SOCK
+ ASN1_STRING_free 3684 1_1_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_inherit 3685 1_1_0 EXIST::FUNCTION:
+ EC_GROUP_get_curve_name 3686 1_1_0 EXIST::FUNCTION:EC
+@@ -3806,20 +3805,20 @@ EVP_PKEY_decrypt_old 3689 1_1_0 EXIST::FUNCTION:
+ ASN1_UTCTIME_cmp_time_t 3690 1_1_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_set1_ip 3691 1_1_0 EXIST::FUNCTION:
+ OTHERNAME_free 3692 1_1_0 EXIST::FUNCTION:
+-OCSP_REVOKEDINFO_free 3693 1_1_0 EXIST::FUNCTION:
++OCSP_REVOKEDINFO_free 3693 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_CIPHER_CTX_encrypting 3694 1_1_0 EXIST::FUNCTION:
+ EC_KEY_can_sign 3695 1_1_0 EXIST::FUNCTION:EC
+ PEM_write_bio_RSAPublicKey 3696 1_1_0 EXIST::FUNCTION:RSA
+ X509_CRL_set_lastUpdate 3697 1_1_0 EXIST::FUNCTION:
+-OCSP_sendreq_nbio 3698 1_1_0 EXIST::FUNCTION:
++OCSP_sendreq_nbio 3698 1_1_0 EXIST::FUNCTION:OCSP
+ PKCS8_encrypt 3699 1_1_0 EXIST::FUNCTION:
+ i2d_PKCS7_fp 3700 1_1_0 EXIST::FUNCTION:STDIO
+ i2d_X509_REQ 3701 1_1_0 EXIST::FUNCTION:
+-OCSP_CRLID_it 3702 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_CRLID_it 3702 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_CRLID_it 3702 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_CRLID_it 3702 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ PEM_ASN1_write_bio 3703 1_1_0 EXIST::FUNCTION:
+ X509_get0_reject_objects 3704 1_1_0 EXIST::FUNCTION:
+-BIO_set_tcp_ndelay 3705 1_1_0 EXIST::FUNCTION:
++BIO_set_tcp_ndelay 3705 1_1_0 EXIST::FUNCTION:SOCK
+ CMS_add0_CertificateChoices 3706 1_1_0 EXIST::FUNCTION:CMS
+ POLICYINFO_new 3707 1_1_0 EXIST::FUNCTION:
+ X509_CRL_get0_by_serial 3708 1_1_0 EXIST::FUNCTION:
+@@ -3832,15 +3831,15 @@ ENGINE_register_all_digests 3713 1_1_0 EXIST::FUNCTION:ENGINE
+ X509_REQ_get_version 3714 1_1_0 EXIST::FUNCTION:
+ i2d_ASN1_UTCTIME 3715 1_1_0 EXIST::FUNCTION:
+ TS_STATUS_INFO_new 3716 1_1_0 EXIST::FUNCTION:TS
+-UI_set_ex_data 3717 1_1_0 EXIST::FUNCTION:
++UI_set_ex_data 3717 1_1_0 EXIST::FUNCTION:UI
+ ASN1_TIME_set 3718 1_1_0 EXIST::FUNCTION:
+ TS_RESP_verify_response 3719 1_1_0 EXIST::FUNCTION:TS
+ X509_REVOKED_get0_serialNumber 3720 1_1_0 EXIST::FUNCTION:
+ X509_VERIFY_PARAM_free 3721 1_1_0 EXIST::FUNCTION:
+ ASN1_TYPE_new 3722 1_1_0 EXIST::FUNCTION:
+-CMAC_CTX_cleanup 3723 1_1_0 EXIST::FUNCTION:
++CMAC_CTX_cleanup 3723 1_1_0 EXIST::FUNCTION:CMAC
+ i2d_PKCS7_NDEF 3724 1_1_0 EXIST::FUNCTION:
+-sk_pop_free 3725 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_pop_free 3725 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get0_policy_tree 3726 1_1_0 EXIST::FUNCTION:
+ DES_set_key_checked 3727 1_1_0 EXIST::FUNCTION:DES
+ EVP_PKEY_meth_free 3728 1_1_0 EXIST::FUNCTION:
+@@ -3869,9 +3868,9 @@ EVP_PKEY_meth_get_sign 3750 1_1_0 EXIST::FUNCTION:
+ TS_REQ_get_nonce 3751 1_1_0 EXIST::FUNCTION:TS
+ ENGINE_unregister_EC 3752 1_1_0 EXIST::FUNCTION:ENGINE
+ X509v3_get_ext_count 3753 1_1_0 EXIST::FUNCTION:
+-UI_OpenSSL 3754 1_1_0 EXIST::FUNCTION:
++UI_OpenSSL 3754 1_1_0 EXIST::FUNCTION:UI
+ CRYPTO_ccm128_decrypt 3755 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_RESPDATA 3756 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_RESPDATA 3756 1_1_0 EXIST::FUNCTION:OCSP
+ BIO_set_callback 3757 1_1_0 EXIST::FUNCTION:
+ BN_GF2m_poly2arr 3758 1_1_0 EXIST::FUNCTION:EC2M
+ CMS_unsigned_get_attr_count 3759 1_1_0 EXIST::FUNCTION:CMS
+@@ -3881,7 +3880,7 @@ ECDH_compute_key 3762 1_1_0 EXIST::FUNCTION:EC
+ ASN1_TIME_print 3763 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_CTX_get0_peerkey 3764 1_1_0 EXIST::FUNCTION:
+ BN_mod_lshift1 3765 1_1_0 EXIST::FUNCTION:
+-BIO_ADDRINFO_family 3766 1_1_0 EXIST::FUNCTION:
++BIO_ADDRINFO_family 3766 1_1_0 EXIST::FUNCTION:SOCK
+ PEM_write_DHxparams 3767 1_1_0 EXIST::FUNCTION:DH
+ BN_mod_exp2_mont 3768 1_1_0 EXIST::FUNCTION:
+ ASN1_PRINTABLE_free 3769 1_1_0 EXIST::FUNCTION:
+@@ -3890,9 +3889,9 @@ PKCS7_ATTR_SIGN_it 3771 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION
+ PKCS7_ATTR_SIGN_it 3771 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ EVP_MD_CTX_copy 3772 1_1_0 EXIST::FUNCTION:
+ ENGINE_set_ctrl_function 3773 1_1_0 EXIST::FUNCTION:ENGINE
+-OCSP_id_get0_info 3774 1_1_0 EXIST::FUNCTION:
+-BIO_ADDRINFO_next 3775 1_1_0 EXIST::FUNCTION:
+-OCSP_RESPBYTES_free 3776 1_1_0 EXIST::FUNCTION:
++OCSP_id_get0_info 3774 1_1_0 EXIST::FUNCTION:OCSP
++BIO_ADDRINFO_next 3775 1_1_0 EXIST::FUNCTION:SOCK
++OCSP_RESPBYTES_free 3776 1_1_0 EXIST::FUNCTION:OCSP
+ EC_KEY_METHOD_set_init 3777 1_1_0 EXIST::FUNCTION:EC
+ EVP_PKEY_asn1_copy 3778 1_1_0 EXIST::FUNCTION:
+ RSA_PSS_PARAMS_it 3779 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+@@ -3900,7 +3899,7 @@ RSA_PSS_PARAMS_it 3779 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:
+ X509_STORE_CTX_get_error_depth 3780 1_1_0 EXIST::FUNCTION:
+ ASN1_GENERALIZEDTIME_set_string 3781 1_1_0 EXIST::FUNCTION:
+ EC_GROUP_new_curve_GFp 3782 1_1_0 EXIST::FUNCTION:EC
+-UI_new_method 3783 1_1_0 EXIST::FUNCTION:
++UI_new_method 3783 1_1_0 EXIST::FUNCTION:UI
+ Camellia_ofb128_encrypt 3784 1_1_0 EXIST::FUNCTION:CAMELLIA
+ X509_new 3785 1_1_0 EXIST::FUNCTION:
+ EC_KEY_get_conv_form 3786 1_1_0 EXIST::FUNCTION:EC
+@@ -3931,15 +3930,15 @@ USERNOTICE_it 3809 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:
+ PKEY_USAGE_PERIOD_it 3810 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKEY_USAGE_PERIOD_it 3810 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ BN_mul_word 3811 1_1_0 EXIST::FUNCTION:
+-DES_enc_read 3812 1_1_0 EXIST::FUNCTION:DES
++DES_enc_read 3812 1_1_0 NOEXIST::FUNCTION:
+ i2d_IPAddressRange 3813 1_1_0 EXIST::FUNCTION:RFC3779
+ CMS_unsigned_add1_attr_by_txt 3814 1_1_0 EXIST::FUNCTION:CMS
+ d2i_RSA_PUBKEY 3815 1_1_0 EXIST::FUNCTION:RSA
+ PKCS12_gen_mac 3816 1_1_0 EXIST::FUNCTION:
+ ERR_load_ENGINE_strings 3817 1_1_0 EXIST::FUNCTION:ENGINE
+ ERR_load_CT_strings 3818 1_1_0 EXIST::FUNCTION:CT
+-OCSP_ONEREQ_it 3819 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_ONEREQ_it 3819 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_ONEREQ_it 3819 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_ONEREQ_it 3819 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ X509_PURPOSE_get_by_sname 3820 1_1_0 EXIST::FUNCTION:
+ X509_PURPOSE_set 3821 1_1_0 EXIST::FUNCTION:
+ BN_mod_inverse 3822 1_1_0 EXIST::FUNCTION:
+@@ -3961,20 +3960,20 @@ BN_GF2m_mod_inv_arr 3837 1_1_0 EXIST::FUNCTION:EC2M
+ X509_REQ_get1_email 3838 1_1_0 EXIST::FUNCTION:
+ EC_KEY_print 3839 1_1_0 EXIST::FUNCTION:EC
+ i2d_ASN1_INTEGER 3840 1_1_0 EXIST::FUNCTION:
+-OCSP_SINGLERESP_add1_ext_i2d 3841 1_1_0 EXIST::FUNCTION:
++OCSP_SINGLERESP_add1_ext_i2d 3841 1_1_0 EXIST::FUNCTION:OCSP
+ PKCS7_add_signed_attribute 3842 1_1_0 EXIST::FUNCTION:
+ i2d_PrivateKey_bio 3843 1_1_0 EXIST::FUNCTION:
+ RSA_padding_add_PKCS1_type_1 3844 1_1_0 EXIST::FUNCTION:RSA
+ i2d_re_X509_tbs 3845 1_1_0 EXIST::FUNCTION:
+ EVP_CIPHER_iv_length 3846 1_1_0 EXIST::FUNCTION:
+-OCSP_REQ_CTX_get0_mem_bio 3847 1_1_0 EXIST::FUNCTION:
++OCSP_REQ_CTX_get0_mem_bio 3847 1_1_0 EXIST::FUNCTION:OCSP
+ i2d_PKCS8PrivateKeyInfo_bio 3848 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_CERTID 3849 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_CERTID 3849 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_CIPHER_meth_set_init 3850 1_1_0 EXIST::FUNCTION:
+ RIPEMD160_Final 3851 1_1_0 EXIST::FUNCTION:RMD160
+ NETSCAPE_SPKI_free 3852 1_1_0 EXIST::FUNCTION:
+ BIO_asn1_get_prefix 3853 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_ONEREQ 3854 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_ONEREQ 3854 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_PKEY_asn1_set_security_bits 3855 1_1_0 EXIST::FUNCTION:
+ i2d_CERTIFICATEPOLICIES 3856 1_1_0 EXIST::FUNCTION:
+ i2d_X509_CERT_AUX 3857 1_1_0 EXIST::FUNCTION:
+@@ -3982,8 +3981,8 @@ i2o_ECPublicKey 3858 1_1_0 EXIST::FUNCTION:EC
+ PKCS12_SAFEBAG_create0_pkcs8 3859 1_1_0 EXIST::FUNCTION:
+ OBJ_get0_data 3860 1_1_0 EXIST::FUNCTION:
+ EC_GROUP_get0_seed 3861 1_1_0 EXIST::FUNCTION:EC
+-OCSP_REQUEST_it 3862 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_REQUEST_it 3862 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_REQUEST_it 3862 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_REQUEST_it 3862 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ ASRange_it 3863 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ ASRange_it 3863 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+ i2d_TS_RESP 3864 1_1_0 EXIST::FUNCTION:TS
+@@ -3997,12 +3996,12 @@ RSA_OAEP_PARAMS_it 3871 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION
+ RSA_OAEP_PARAMS_it 3871 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+ BN_bn2mpi 3872 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_cleanup 3873 1_1_0 EXIST::FUNCTION:
+-OCSP_onereq_get0_id 3874 1_1_0 EXIST::FUNCTION:
++OCSP_onereq_get0_id 3874 1_1_0 EXIST::FUNCTION:OCSP
+ X509_get_default_cert_dir 3875 1_1_0 EXIST::FUNCTION:
+ DSO_get_method 3876 1_1_0 NOEXIST::FUNCTION:
+ PROXY_POLICY_free 3877 1_1_0 EXIST::FUNCTION:
+ PEM_write_DSAPrivateKey 3878 1_1_0 EXIST::FUNCTION:DSA
+-sk_delete_ptr 3879 1_1_0 EXIST::FUNCTION:
++OPENSSL_sk_delete_ptr 3879 1_1_0 EXIST::FUNCTION:
+ CMS_add0_RevocationInfoChoice 3880 1_1_0 EXIST::FUNCTION:CMS
+ ASN1_PCTX_get_flags 3881 1_1_0 EXIST::FUNCTION:
+ EVP_MD_meth_set_result_size 3882 1_1_0 EXIST::FUNCTION:
+@@ -4019,19 +4018,19 @@ PBKDF2PARAM_new 3891 1_1_0 EXIST::FUNCTION:
+ ENGINE_set_RSA 3892 1_1_0 EXIST::FUNCTION:ENGINE
+ i2d_X509_ATTRIBUTE 3893 1_1_0 EXIST::FUNCTION:
+ PKCS7_ctrl 3894 1_1_0 EXIST::FUNCTION:
+-OCSP_REVOKEDINFO_it 3895 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+-OCSP_REVOKEDINFO_it 3895 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
++OCSP_REVOKEDINFO_it 3895 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP
++OCSP_REVOKEDINFO_it 3895 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP
+ X509V3_set_ctx 3896 1_1_0 EXIST::FUNCTION:
+ ASN1_ENUMERATED_set_int64 3897 1_1_0 EXIST::FUNCTION:
+ o2i_SCT 3898 1_1_0 EXIST::FUNCTION:CT
+ CRL_DIST_POINTS_free 3899 1_1_0 EXIST::FUNCTION:
+-d2i_OCSP_SINGLERESP 3900 1_1_0 EXIST::FUNCTION:
++d2i_OCSP_SINGLERESP 3900 1_1_0 EXIST::FUNCTION:OCSP
+ EVP_CIPHER_CTX_num 3901 1_1_0 EXIST::FUNCTION:
+ EVP_PKEY_verify_recover_init 3902 1_1_0 EXIST::FUNCTION:
+ SHA512_Init 3903 1_1_0 EXIST:!VMSVAX:FUNCTION:
+ TS_MSG_IMPRINT_set_msg 3904 1_1_0 EXIST::FUNCTION:TS
+ CMS_unsigned_add1_attr 3905 1_1_0 EXIST::FUNCTION:CMS
+-lh_doall 3906 1_1_0 EXIST::FUNCTION:
++OPENSSL_LH_doall 3906 1_1_0 EXIST::FUNCTION:
+ PKCS8_pkey_get0_attrs 3907 1_1_0 EXIST::FUNCTION:
+ PKCS8_pkey_add1_attr_by_NID 3908 1_1_0 EXIST::FUNCTION:
+ ASYNC_is_capable 3909 1_1_0 EXIST::FUNCTION:
+@@ -4194,16 +4193,24 @@ DH_meth_set_generate_key 4067 1_1_0 EXIST::FUNCTION:DH
+ DH_meth_free 4068 1_1_0 EXIST::FUNCTION:DH
+ DH_meth_get_generate_key 4069 1_1_0 EXIST::FUNCTION:DH
+ DH_set_flags 4070 1_1_0 EXIST::FUNCTION:DH
+-X509_STORE_get_X509_by_subject 4071 1_1_0 EXIST::FUNCTION:
++X509_STORE_CTX_get_obj_by_subject 4071 1_1_0 EXIST::FUNCTION:
+ X509_OBJECT_free 4072 1_1_0 EXIST::FUNCTION:
+ X509_OBJECT_get0_X509 4073 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get0_untrusted 4074 1_1_0 EXIST::FUNCTION:
+-X509_STORE_CTX_set0_chain 4075 1_1_0 NOEXIST::FUNCTION:
++X509_STORE_CTX_set_error_depth 4075 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get0_cert 4076 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_set_verify 4077 1_1_0 EXIST::FUNCTION:
++X509_STORE_CTX_set_current_cert 4078 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get_verify 4079 1_1_0 EXIST::FUNCTION:
+ X509_STORE_CTX_get_verify_cb 4080 1_1_0 EXIST::FUNCTION:
+-X509_STORE_CTX_get_cert 4081 1_1_0 NOEXIST::FUNCTION:
+-X509_STORE_CTX_set0_verified_chain 4082 1_1_0 EXIST::FUNCTION:
+-X509_STORE_CTX_set0_untrusted 4083 1_1_0 EXIST::FUNCTION:
+-OPENSSL_hexchar2int 4084 1_1_0 EXIST::FUNCTION:
++X509_STORE_CTX_set0_verified_chain 4081 1_1_0 EXIST::FUNCTION:
++X509_STORE_CTX_set0_untrusted 4082 1_1_0 EXIST::FUNCTION:
++OPENSSL_hexchar2int 4083 1_1_0 EXIST::FUNCTION:
++X509_STORE_set_ex_data 4084 1_1_0 EXIST::FUNCTION:
++X509_STORE_get_ex_data 4085 1_1_0 EXIST::FUNCTION:
++X509_STORE_get0_objects 4086 1_1_0 EXIST::FUNCTION:
++X509_OBJECT_get_type 4087 1_1_0 EXIST::FUNCTION:
++X509_STORE_set_verify 4088 1_1_0 EXIST::FUNCTION:
++X509_OBJECT_new 4089 1_1_0 EXIST::FUNCTION:
++X509_STORE_get0_param 4090 1_1_0 EXIST::FUNCTION:
++PEM_write_bio_PrivateKey_traditional 4091 1_1_0 EXIST::FUNCTION:
+diff --git a/util/libssl.num b/util/libssl.num
+index 636892c..8af95d1 100644
+--- a/util/libssl.num
++++ b/util/libssl.num
+@@ -394,3 +394,4 @@ SSL_enable_ct 393 1_1_0 EXIST::FUNCTION:CT
+ SSL_CTX_enable_ct 394 1_1_0 EXIST::FUNCTION:CT
+ SSL_CTX_get_ciphers 395 1_1_0 EXIST::FUNCTION:
+ SSL_SESSION_get0_hostname 396 1_1_0 EXIST::FUNCTION:
++SSL_client_version 397 1_1_0 EXIST::FUNCTION:
+diff --git a/util/mkbuildinf.pl b/util/mkbuildinf.pl
+index a809f71..5bf0168 100755
+--- a/util/mkbuildinf.pl
++++ b/util/mkbuildinf.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+
+ my ($cflags, $platform) = @ARGV;
+
+diff --git a/util/mkdef.pl b/util/mkdef.pl
+index 9f8d561..c2fbfe7 100755
+--- a/util/mkdef.pl
++++ b/util/mkdef.pl
+@@ -1,4 +1,11 @@
+-#!/usr/local/bin/perl -w
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ #
+ # generate a .def file
+ #
+@@ -122,6 +129,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
+ "TS",
+ # OCB mode
+ "OCB",
++ "CMAC",
+ # APPLINK (win build feature?)
+ "APPLINK"
+ );
+@@ -239,7 +247,6 @@ $ssl.=" include/openssl/srtp.h";
+ my $crypto ="include/openssl/crypto.h";
+ $crypto.=" include/internal/o_dir.h";
+ $crypto.=" include/internal/o_str.h";
+-$crypto.=" include/internal/threads.h";
+ $crypto.=" include/internal/err.h";
+ $crypto.=" include/openssl/des.h" ; # unless $no_des;
+ $crypto.=" include/openssl/idea.h" ; # unless $no_idea;
+@@ -1317,11 +1324,11 @@ EOF
+ print OUT $symline;
+ $symvtextcount += length($symline) - 2;
+ } elsif($v) {
+- printf OUT " %s%-39s @%-8d DATA\n",
+- ($W32)?"":"_",$s2,$n;
++ printf OUT " %s%-39s DATA\n",
++ ($W32)?"":"_",$s2;
+ } else {
+- printf OUT " %s%-39s @%d\n",
+- ($W32)?"":"_",$s2,$n;
++ printf OUT " %s%s\n",
++ ($W32)?"":"_",$s2;
+ }
+ }
+ }
+diff --git a/util/mkdir-p.pl b/util/mkdir-p.pl
+index e73d02b..4f44266 100755
+--- a/util/mkdir-p.pl
++++ b/util/mkdir-p.pl
+@@ -1,6 +1,10 @@
+-#!/usr/local/bin/perl
+-
+-# mkdir-p.pl
++#! /usr/bin/env perl
++# Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ # On some systems, the -p option to mkdir (= also create any missing parent
+ # directories) is not available.
+diff --git a/util/mkerr.pl b/util/mkerr.pl
+index 4fd5520..7d07978 100644
+--- a/util/mkerr.pl
++++ b/util/mkerr.pl
+@@ -1,7 +1,12 @@
+-#!/usr/local/bin/perl -w
++#! /usr/bin/env perl
++# Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ my $config = "crypto/err/openssl.ec";
+-my $hprefix = "openssl/";
+ my $debug = 0;
+ my $unref = 0;
+ my $rebuild = 0;
+@@ -10,6 +15,8 @@ my $recurse = 0;
+ my $reindex = 0;
+ my $dowrite = 0;
+ my $staticloader = "";
++my @t = localtime();
++my $YEAR = @t[5] + 1900;
+
+ my $pack_errcode;
+ my $load_errcode;
+@@ -62,6 +69,8 @@ Options:
+ -hprefix P Prepend the filenames in generated #include <header>
+ statements with prefix P. Default: 'openssl/' (without
+ the quotes, naturally)
++ NOTE: not used any more because our include directory
++ structure has changed.
+
+ -debug Turn on debugging verbose output on stderr.
+
+@@ -165,8 +174,8 @@ close IN;
+ while (($hdr, $lib) = each %libinc)
+ {
+ next if($hdr eq "NONE");
+- print STDERR "Scanning header file $hdr\n" if $debug;
+- my $line = "", $def= "", $linenr = 0, $gotfile = 0;
++ print STDERR "Scanning header file $hdr\n" if $debug;
++ my $line = "", $def= "", $linenr = 0, $gotfile = 0, $cpp = 0;
+ if (open(IN, "<$hdr")) {
+ $gotfile = 1;
+ while(<IN>) {
+@@ -401,75 +410,37 @@ foreach $lib (keys %csrc)
+
+ # Rewrite the header file
+
++ $cpp = 0;
++ $cplusplus = 0;
+ if (open(IN, "<$hfile")) {
+ # Copy across the old file
+ while(<IN>) {
++ $cplusplus = $cpp if /^#.*ifdef.*cplusplus/;
++ $cpp++ if /^#\s*if/;
++ $cpp-- if /^#\s*endif/;
+ push @out, $_;
+ last if (/BEGIN ERROR CODES/);
+ }
+ close IN;
+ } else {
++ $cpp = 1;
++ $cplusplus = 1;
+ push @out,
+-"/* ====================================================================\n",
+-" * Copyright (c) 2001-$year The OpenSSL Project. All rights reserved.\n",
+-" *\n",
+-" * Redistribution and use in source and binary forms, with or without\n",
+-" * modification, are permitted provided that the following conditions\n",
+-" * are met:\n",
+-" *\n",
+-" * 1. Redistributions of source code must retain the above copyright\n",
+-" * notice, this list of conditions and the following disclaimer. \n",
+-" *\n",
+-" * 2. Redistributions in binary form must reproduce the above copyright\n",
+-" * notice, this list of conditions and the following disclaimer in\n",
+-" * the documentation and/or other materials provided with the\n",
+-" * distribution.\n",
+-" *\n",
+-" * 3. All advertising materials mentioning features or use of this\n",
+-" * software must display the following acknowledgment:\n",
+-" * \"This product includes software developed by the OpenSSL Project\n",
+-" * for use in the OpenSSL Toolkit. (http://www.openssl.org/)\"\n",
+-" *\n",
+-" * 4. The names \"OpenSSL Toolkit\" and \"OpenSSL Project\" must not be used to\n",
+-" * endorse or promote products derived from this software without\n",
+-" * prior written permission. For written permission, please contact\n",
+-" * openssl-core\@openssl.org.\n",
+-" *\n",
+-" * 5. Products derived from this software may not be called \"OpenSSL\"\n",
+-" * nor may \"OpenSSL\" appear in their names without prior written\n",
+-" * permission of the OpenSSL Project.\n",
+-" *\n",
+-" * 6. Redistributions of any form whatsoever must retain the following\n",
+-" * acknowledgment:\n",
+-" * \"This product includes software developed by the OpenSSL Project\n",
+-" * for use in the OpenSSL Toolkit (http://www.openssl.org/)\"\n",
+-" *\n",
+-" * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY\n",
+-" * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\n",
+-" * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n",
+-" * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR\n",
+-" * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n",
+-" * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n",
+-" * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\n",
+-" * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n",
+-" * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\n",
+-" * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\n",
+-" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\n",
+-" * OF THE POSSIBILITY OF SUCH DAMAGE.\n",
+-" * ====================================================================\n",
+-" *\n",
+-" * This product includes cryptographic software written by Eric Young\n",
+-" * (eay\@cryptsoft.com). This product includes software written by Tim\n",
+-" * Hudson (tjh\@cryptsoft.com).\n",
++"/*\n",
++" * Copyright 1995-$YEAR The OpenSSL Project Authors. All Rights Reserved.\n",
+ " *\n",
++" * Licensed under the OpenSSL license (the \"License\"). You may not use\n",
++" * this file except in compliance with the License. You can obtain a copy\n",
++" * in the file LICENSE in the source distribution or at\n",
++" * https://www.openssl.org/source/license.html\n",
+ " */\n",
+ "\n",
+ "#ifndef HEADER_${lib}_ERR_H\n",
+-"#define HEADER_${lib}_ERR_H\n",
++"# define HEADER_${lib}_ERR_H\n",
+ "\n",
+-"#ifdef __cplusplus\n",
++"# ifdef __cplusplus\n",
+ "extern \"C\" {\n",
+-"#endif\n",
++"# endif\n",
+ "\n",
+ "/* BEGIN ERROR CODES */\n";
+ }
+@@ -482,6 +453,7 @@ foreach $lib (keys %csrc)
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
++
+ EOF
+ if($static) {
+ print OUT <<"EOF";
+@@ -542,11 +514,17 @@ EOF
+ }
+ print OUT <<"EOF";
+
+-#ifdef __cplusplus
+-}
+-#endif
+-#endif
+ EOF
++ do {
++ if ($cplusplus == $cpp) {
++ print OUT "#", " "x$cpp, "ifdef __cplusplus\n";
++ print OUT "}\n";
++ print OUT "#", " "x$cpp, "endif\n";
++ }
++ if ($cpp-- > 0) {
++ print OUT "#", " "x$cpp, "endif\n";
++ }
++ } while ($cpp);
+ close OUT;
+
+ # Rewrite the C source file containing the error details.
+@@ -578,8 +556,13 @@ EOF
+
+ my $hincf;
+ if($static) {
+- $hfile =~ /([^\/]+)$/;
+- $hincf = "<${hprefix}$1>";
++ $hincf = $hfile;
++ $hincf =~ s|.*include/||;
++ if ($hincf =~ m|^openssl/|) {
++ $hincf = "<${hincf}>";
++ } else {
++ $hincf = "\"${hincf}\"";
++ }
+ } else {
+ $hincf = "\"$hfile\"";
+ }
+@@ -602,64 +585,14 @@ EOF
+ open (OUT,">$cfile") || die "Can't open $cfile for writing";
+
+ print OUT <<"EOF";
+-/* ====================================================================
+- * Copyright (c) 1999-$year The OpenSSL Project. All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- *
+- * 1. Redistributions of source code must retain the above copyright
+- * notice, this list of conditions and the following disclaimer.
+- *
+- * 2. Redistributions in binary form must reproduce the above copyright
+- * notice, this list of conditions and the following disclaimer in
+- * the documentation and/or other materials provided with the
+- * distribution.
+- *
+- * 3. All advertising materials mentioning features or use of this
+- * software must display the following acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+- *
+- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+- * endorse or promote products derived from this software without
+- * prior written permission. For written permission, please contact
+- * openssl-core\@OpenSSL.org.
+- *
+- * 5. Products derived from this software may not be called "OpenSSL"
+- * nor may "OpenSSL" appear in their names without prior written
+- * permission of the OpenSSL Project.
+- *
+- * 6. Redistributions of any form whatsoever must retain the following
+- * acknowledgment:
+- * "This product includes software developed by the OpenSSL Project
+- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+- * OF THE POSSIBILITY OF SUCH DAMAGE.
+- * ====================================================================
+- *
+- * This product includes cryptographic software written by Eric Young
+- * (eay\@cryptsoft.com). This product includes software written by Tim
+- * Hudson (tjh\@cryptsoft.com).
+- *
+- */
+-
+ /*
+- * NOTE: this file was auto generated by the mkerr.pl script: any changes
+- * made to it will be overwritten when the script next updates this file,
+- * only reason strings will be preserved.
++ * Generated by util/mkerr.pl DO NOT EDIT
++ * Copyright 1995-$YEAR The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
+ */
+
+ #include <stdio.h>
+@@ -683,7 +616,7 @@ EOF
+ $fn = $ftrans{$fn};
+ }
+ # print OUT "{ERR_PACK($pack_errcode,$i,0),\t\"$fn\"},\n";
+- if(length($i) + length($fn) > 58) {
++ if(length($i) + length($fn) > 57) {
+ print OUT " {ERR_FUNC($i),\n \"$fn\"},\n";
+ } else {
+ print OUT " {ERR_FUNC($i), \"$fn\"},\n";
+@@ -706,7 +639,7 @@ EOF
+ $rn = $1;
+ $rn =~ tr/_[A-Z]/ [a-z]/;
+ }
+- if(length($i) + length($rn) > 56) {
++ if(length($i) + length($rn) > 55) {
+ print OUT " {${rstr},\n \"$rn\"},\n";
+ } else {
+ print OUT " {${rstr}, \"$rn\"},\n";
+diff --git a/util/mkrc.pl b/util/mkrc.pl
+index 8b74ff8..c177349 100755
+--- a/util/mkrc.pl
++++ b/util/mkrc.pl
+@@ -1,5 +1,10 @@
+-#!/bin/env perl
++#! /usr/bin/env perl
++# Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ use lib ".";
+ use configdata;
+@@ -64,7 +69,7 @@ BEGIN
+ VALUE "ProductVersion", "$version\\0"
+ // Optional:
+ //VALUE "Comments", "\\0"
+- VALUE "LegalCopyright", "Copyright © 1998-2015 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
++ VALUE "LegalCopyright", "Copyright 1998-2016 The OpenSSL Authors. All rights reserved.\\0"
+ //VALUE "LegalTrademarks", "\\0"
+ //VALUE "PrivateBuild", "\\0"
+ //VALUE "SpecialBuild", "\\0"
+diff --git a/util/perlpath.pl b/util/perlpath.pl
+index a1f236b..80388e2 100755
+--- a/util/perlpath.pl
++++ b/util/perlpath.pl
+@@ -1,8 +1,13 @@
+-#!/usr/local/bin/perl
++#! /usr/bin/env perl
++# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ # modify the '#!/usr/local/bin/perl'
+ # line in all scripts that rely on perl.
+-#
+
+ require "find.pl";
+
+diff --git a/util/process_docs.pl b/util/process_docs.pl
+new file mode 100644
+index 0000000..efc4ef5
+--- /dev/null
++++ b/util/process_docs.pl
+@@ -0,0 +1,263 @@
++#! /usr/bin/env perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++use strict;
++use warnings;
++
++use File::Spec::Functions;
++use File::Basename;
++use File::Copy;
++use File::Path;
++use Getopt::Long;
++use Pod::Usage;
++
++use lib '.';
++use configdata;
++
++my %options = ();
++GetOptions(\%options,
++ 'sourcedir=s', # Source directory
++ 'subdir=s%', # Subdirectories to look through,
++ # with associated section numbers
++ 'destdir=s', # Destination directory
++ #'in=s@', # Explicit files to process (ignores sourcedir)
++ #'section=i', # Default section used for --in files
++ 'type=s', # The result type, 'man' or 'html'
++ 'remove', # To remove files rather than writing them
++ 'dry-run|n', # Only output file names on STDOUT
++ 'debug|D+',
++ );
++
++unless ($options{subdir}) {
++ $options{subdir} = { apps => '1',
++ crypto => '3',
++ ssl => '3' };
++}
++unless ($options{sourcedir}) {
++ $options{sourcedir} = catdir($config{sourcedir}, "doc");
++}
++pod2usage(1) unless ( defined $options{subdir}
++ && defined $options{sourcedir}
++ && defined $options{destdir}
++ && defined $options{type}
++ && ($options{type} eq 'man'
++ || $options{type} eq 'html') );
++
++if ($options{debug}) {
++ print STDERR "DEBUG: options:\n";
++ print STDERR "DEBUG: --sourcedir = $options{sourcedir}\n"
++ if defined $options{sourcedir};
++ print STDERR "DEBUG: --destdir = $options{destdir}\n"
++ if defined $options{destdir};
++ print STDERR "DEBUG: --type = $options{type}\n"
++ if defined $options{type};
++ foreach (keys %{$options{subdir}}) {
++ print STDERR "DEBUG: --subdir = $_=$options{subdir}->{$_}\n";
++ }
++ print STDERR "DEBUG: --remove = $options{remove}\n"
++ if defined $options{remove};
++ print STDERR "DEBUG: --debug = $options{debug}\n"
++ if defined $options{debug};
++ print STDERR "DEBUG: --dry-run = $options{\"dry-run\"}\n"
++ if defined $options{"dry-run"};
++}
++
++my $symlink_exists = eval { symlink("",""); 1 };
++
++foreach my $subdir (keys %{$options{subdir}}) {
++ my $section = $options{subdir}->{$subdir};
++ my $podsourcedir = catfile($options{sourcedir}, $subdir);
++ my $podglob = '"'.catfile($podsourcedir, "*.pod").'"';
++
++ foreach my $podfile (glob $podglob) {
++ my $podname = basename($podfile, ".pod");
++ my $podpath = catfile($podfile);
++ my %podinfo = ( section => $section );
++
++ print STDERR "DEBUG: Reading $podpath\n" if $options{debug};
++ open my $pod_fh, $podpath or die "Trying to read $podpath: $!\n";
++ while (<$pod_fh>) {
++ s|\R$||;
++ if (m|^=for\s+comment\s+openssl_manual_section:\s*([0-9])\s*$|) {
++ print STDERR "DEBUG: Found man section number $1\n"
++ if $options{debug};
++ $podinfo{section} = $1;
++ }
++ last if (m|^=head1|
++ && defined $podinfo{lastsect}
++ && $podinfo{lastsect} eq "NAME");
++ if (m|^=head1\s*(.*)|) {
++ $podinfo{lastsect} = $1;
++ $podinfo{lastsect} =~ s/\s+$//;
++ print STDERR "DEBUG: Found new pod section $1\n"
++ if $options{debug};
++ print STDERR "DEBUG: Clearing pod section text\n"
++ if $options{debug};
++ $podinfo{lastsecttext} = "";
++ }
++ next if (m|^=| || m|^\s*$|);
++ print STDERR "DEBUG: accumulating pod section text \"$_\"\n"
++ if $options{debug};
++ $podinfo{lastsecttext} .= " " if $podinfo{lastsecttext};
++ $podinfo{lastsecttext} .= $_;
++ }
++ close $pod_fh;
++ print STDERR "DEBUG: Done reading $podpath\n" if $options{debug};
++ $podinfo{lastsecttext} =~ s| - .*$||;
++ print STDERR "DEBUG: Done reading $podpath\n" if $options{debug};
++
++ my @podfiles =
++ grep { $_ ne $podname }
++ map { s|\s+||g; $_ }
++ split(m|,|, $podinfo{lastsecttext});
++
++ my $updir = updir();
++ my $name = uc $podname;
++ my $suffix = { man => ".$podinfo{section}",
++ html => ".html" } -> {$options{type}};
++ my $generate = { man => "pod2man --name=$name --section=$podinfo{section} --center=OpenSSL --release=$config{version} \"$podpath\"",
++ html => "pod2html \"--podroot=$options{sourcedir}\" --htmldir=$updir --podpath=apps:crypto:ssl \"--infile=$podpath\" \"--title=$podname\""
++ } -> {$options{type}};
++ my $output_dir = catdir($options{destdir}, "man$podinfo{section}");
++ my $output_file = $podname . $suffix;
++ my $output_path = catfile($output_dir, $output_file);
++
++ if (! $options{remove}) {
++ my @output;
++ print STDERR "DEBUG: Processing, using \"$generate\"\n"
++ if $options{debug};
++ unless ($options{"dry-run"}) {
++ @output = `$generate`;
++ map { s|href="http://man\.he\.net/man|href="../man|g; } @output
++ if $options{type} eq "html";
++ }
++ print STDERR "DEBUG: Done processing\n" if $options{debug};
++
++ if (! -d $output_dir) {
++ print STDERR "DEBUG: Creating directory $output_dir\n" if $options{debug};
++ unless ($options{"dry-run"}) {
++ mkpath $output_dir
++ or die "Trying to create directory $output_dir: $!\n";
++ }
++ }
++ print STDERR "DEBUG: Writing $output_path\n" if $options{debug};
++ unless ($options{"dry-run"}) {
++ open my $output_fh, '>', $output_path
++ or die "Trying to write to $output_path: $!\n";
++ foreach (@output) {
++ print $output_fh $_;
++ }
++ close $output_fh;
++ }
++ print STDERR "DEBUG: Done writing $output_path\n" if $options{debug};
++ } else {
++ print STDERR "DEBUG: Removing $output_path\n" if $options{debug};
++ unless ($options{"dry-run"}) {
++ while (unlink $output_path) {}
++ }
++ }
++ print "$output_path\n";
++
++ foreach (@podfiles) {
++ my $link_file = $_ . $suffix;
++ my $link_path = catfile($output_dir, $link_file);
++ if (! $options{remove}) {
++ if ($symlink_exists) {
++ print STDERR "DEBUG: Linking $link_path -> $output_file\n"
++ if $options{debug};
++ unless ($options{"dry-run"}) {
++ symlink $output_file, $link_path;
++ }
++ } else {
++ print STDERR "DEBUG: Copying $output_path to link_path\n"
++ if $options{debug};
++ unless ($options{"dry-run"}) {
++ copy $output_path, $link_path;
++ }
++ }
++ } else {
++ print STDERR "DEBUG: Removing $link_path\n" if $options{debug};
++ unless ($options{"dry-run"}) {
++ while (unlink $link_path) {}
++ }
++ }
++ print "$link_path -> $output_path\n";
++ }
++ }
++}
++
++__END__
++
++=pod
++
++=head1 NAME
++
++process_docs.pl - A script to process OpenSSL docs
++
++=head1 SYNOPSIS
++
++B<process_docs.pl>
++[B<--sourcedir>=I<dir>]
++B<--destdir>=I<dir>
++B<--type>=B<man>|B<html>
++[B<--remove>]
++[B<--dry-run>|B<-n>]
++[B<--debug>|B<-D>]
++
++=head1 DESCRIPTION
++
++This script looks for .pod files in the subdirectories 'apps', 'crypto'
++and 'ssl' under the given source directory.
++
++The OpenSSL configuration data file F<configdata.pm> I<must> reside in
++the current directory, I<or> perl must have the directory it resides in
++in its inclusion array. For the latter variant, a call like this would
++work:
++
++ perl -I../foo util/process_docs.pl {options ...}
++
++=head1 OPTIONS
++
++=over 4
++
++=item B<--sourcedir>=I<dir>
++
++Top directory where the source files are found.
++
++=item B<--destdir>=I<dir>
++
++Top directory where the resulting files should end up
++
++=item B<--type>=B<man>|B<html>
++
++Type of output to produce. Currently supported are man pages and HTML files.
++
++=item B<--remove>
++
++Instead of writing the files, remove them.
++
++=item B<--dry-run>|B<-n>
++
++Do not perform any file writing, directory creation or file removal.
++
++=item B<--debug>|B<-D>
++
++Print extra debugging output.
++
++=back
++
++=head1 COPYRIGHT
++
++Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
++
++Licensed under the OpenSSL license (the "License"). You may not use
++this file except in compliance with the License. You can obtain a copy
++in the file LICENSE in the source distribution or at
++https://www.openssl.org/source/license.html
++
++=cut
+diff --git a/util/selftest.pl b/util/selftest.pl
+index 06d494a..d1d1159 100644
+--- a/util/selftest.pl
++++ b/util/selftest.pl
+@@ -1,7 +1,12 @@
+-#!/usr/local/bin/perl -w
++#! /usr/bin/env perl
++# Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ # Run the test suite and generate a report
+-#
+
+ if (! -f "Configure") {
+ print "Please run perl util/selftest.pl in the OpenSSL directory.\n";
+diff --git a/util/su-filter.pl b/util/su-filter.pl
+index 3715ba2..5996f58 100644
+--- a/util/su-filter.pl
++++ b/util/su-filter.pl
+@@ -1,7 +1,11 @@
+-#!/usr/bin/env perl
+-#
+-# su-filter.pl
++#! /usr/bin/env perl
++# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ #
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
+ use strict;
+
+ my $in_su = 0;
+diff --git a/util/with_fallback.pm b/util/with_fallback.pm
+index 014f355..b6deb20 100644
+--- a/util/with_fallback.pm
++++ b/util/with_fallback.pm
+@@ -1,4 +1,9 @@
+-#! /usr/bin/perl
++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the OpenSSL license (the "License"). You may not use
++# this file except in compliance with the License. You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
+
+ package with_fallback;
+
Modified: openssl/branches/1.1.0/debian/patches/series
===================================================================
--- openssl/branches/1.1.0/debian/patches/series 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/series 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,20 +1,10 @@
-ca.patch
+openssl_snapshot.patch
config-hurd.patch
debian-targets.patch
engines-path.patch
-man-dir.patch
man-section.patch
no-rpath.patch
no-symbolic.patch
pic.patch
-valgrind.patch
-shared-lib-ext.patch
-version-script.patch
c_rehash-compat.patch
-block_diginotar.patch
-block_digicert_malaysia.patch
#padlock_conf.patch
-disable_freelist.patch
-soname.patch
-disable_sslv3_test.patch
-libdoc-manpgs-pod-spell.patch
Deleted: openssl/branches/1.1.0/debian/patches/shared-lib-ext.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/shared-lib-ext.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/shared-lib-ext.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,14 +0,0 @@
-Index: openssl-1.0.0c/Configure
-===================================================================
---- openssl-1.0.0c.orig/Configure 2010-12-12 16:10:12.000000000 +0100
-+++ openssl-1.0.0c/Configure 2010-12-12 17:12:38.000000000 +0100
-@@ -1605,7 +1605,8 @@
- elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
- {
- my $sotmp = $1;
-- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
-+# s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
-+ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
- }
- elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
- {
Deleted: openssl/branches/1.1.0/debian/patches/soname.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/soname.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/soname.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,13 +0,0 @@
-Index: openssl-1.0.2d/crypto/opensslv.h
-===================================================================
---- openssl-1.0.2d.orig/crypto/opensslv.h
-+++ openssl-1.0.2d/crypto/opensslv.h
-@@ -88,7 +88,7 @@ extern "C" {
- * should only keep the versions that are binary compatible with the current.
- */
- # define SHLIB_VERSION_HISTORY ""
--# define SHLIB_VERSION_NUMBER "1.0.0"
-+# define SHLIB_VERSION_NUMBER "1.0.2"
-
-
- #ifdef __cplusplus
Deleted: openssl/branches/1.1.0/debian/patches/valgrind.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/valgrind.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/valgrind.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,20 +0,0 @@
-Index: openssl-1.0.2/crypto/rand/md_rand.c
-===================================================================
---- openssl-1.0.2.orig/crypto/rand/md_rand.c
-+++ openssl-1.0.2/crypto/rand/md_rand.c
-@@ -480,6 +480,7 @@ int ssleay_rand_bytes(unsigned char *buf
- MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c));
-
- #ifndef PURIFY /* purify complains */
-+#if 0
- /*
- * The following line uses the supplied buffer as a small source of
- * entropy: since this buffer is often uninitialised it may cause
-@@ -489,6 +490,7 @@ int ssleay_rand_bytes(unsigned char *buf
- */
- MD_Update(&m, buf, j);
- #endif
-+#endif
-
- k = (st_idx + MD_DIGEST_LENGTH / 2) - st_num;
- if (k > 0) {
Deleted: openssl/branches/1.1.0/debian/patches/version-script.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/version-script.patch 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/patches/version-script.patch 2016-05-28 19:34:28 UTC (rev 798)
@@ -1,4656 +0,0 @@
-Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure
-===================================================================
---- openssl-1.0.2~beta1.obsolete.0.0498436515490575.orig/Configure 2014-02-24 21:02:30.000000000 +0100
-+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure 2014-02-24 21:02:30.000000000 +0100
-@@ -1651,6 +1651,8 @@
- }
- }
-
-+$shared_ldflag .= " -Wl,--version-script=openssl.ld";
-+
- open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
- unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
- open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
-Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld 2014-02-24 22:19:08.601827266 +0100
-@@ -0,0 +1,4608 @@
-+OPENSSL_1.0.2d {
-+ global:
-+ BIO_f_ssl;
-+ BIO_new_buffer_ssl_connect;
-+ BIO_new_ssl;
-+ BIO_new_ssl_connect;
-+ BIO_proxy_ssl_copy_session_id;
-+ BIO_ssl_copy_session_id;
-+ BIO_ssl_shutdown;
-+ d2i_SSL_SESSION;
-+ DTLSv1_client_method;
-+ DTLSv1_method;
-+ DTLSv1_server_method;
-+ ERR_load_SSL_strings;
-+ i2d_SSL_SESSION;
-+ kssl_build_principal_2;
-+ kssl_cget_tkt;
-+ kssl_check_authent;
-+ kssl_ctx_free;
-+ kssl_ctx_new;
-+ kssl_ctx_setkey;
-+ kssl_ctx_setprinc;
-+ kssl_ctx_setstring;
-+ kssl_ctx_show;
-+ kssl_err_set;
-+ kssl_krb5_free_data_contents;
-+ kssl_sget_tkt;
-+ kssl_skip_confound;
-+ kssl_validate_times;
-+ PEM_read_bio_SSL_SESSION;
-+ PEM_read_SSL_SESSION;
-+ PEM_write_bio_SSL_SESSION;
-+ PEM_write_SSL_SESSION;
-+ SSL_accept;
-+ SSL_add_client_CA;
-+ SSL_add_dir_cert_subjects_to_stack;
-+ SSL_add_dir_cert_subjs_to_stk;
-+ SSL_add_file_cert_subjects_to_stack;
-+ SSL_add_file_cert_subjs_to_stk;
-+ SSL_alert_desc_string;
-+ SSL_alert_desc_string_long;
-+ SSL_alert_type_string;
-+ SSL_alert_type_string_long;
-+ SSL_callback_ctrl;
-+ SSL_check_private_key;
-+ SSL_CIPHER_description;
-+ SSL_CIPHER_get_bits;
-+ SSL_CIPHER_get_name;
-+ SSL_CIPHER_get_version;
-+ SSL_clear;
-+ SSL_COMP_add_compression_method;
-+ SSL_COMP_get_compression_methods;
-+ SSL_COMP_get_compress_methods;
-+ SSL_COMP_get_name;
-+ SSL_connect;
-+ SSL_copy_session_id;
-+ SSL_ctrl;
-+ SSL_CTX_add_client_CA;
-+ SSL_CTX_add_session;
-+ SSL_CTX_callback_ctrl;
-+ SSL_CTX_check_private_key;
-+ SSL_CTX_ctrl;
-+ SSL_CTX_flush_sessions;
-+ SSL_CTX_free;
-+ SSL_CTX_get_cert_store;
-+ SSL_CTX_get_client_CA_list;
-+ SSL_CTX_get_client_cert_cb;
-+ SSL_CTX_get_ex_data;
-+ SSL_CTX_get_ex_new_index;
-+ SSL_CTX_get_info_callback;
-+ SSL_CTX_get_quiet_shutdown;
-+ SSL_CTX_get_timeout;
-+ SSL_CTX_get_verify_callback;
-+ SSL_CTX_get_verify_depth;
-+ SSL_CTX_get_verify_mode;
-+ SSL_CTX_load_verify_locations;
-+ SSL_CTX_new;
-+ SSL_CTX_remove_session;
-+ SSL_CTX_sess_get_get_cb;
-+ SSL_CTX_sess_get_new_cb;
-+ SSL_CTX_sess_get_remove_cb;
-+ SSL_CTX_sessions;
-+ SSL_CTX_sess_set_get_cb;
-+ SSL_CTX_sess_set_new_cb;
-+ SSL_CTX_sess_set_remove_cb;
-+ SSL_CTX_set1_param;
-+ SSL_CTX_set_cert_store;
-+ SSL_CTX_set_cert_verify_callback;
-+ SSL_CTX_set_cert_verify_cb;
-+ SSL_CTX_set_cipher_list;
-+ SSL_CTX_set_client_CA_list;
-+ SSL_CTX_set_client_cert_cb;
-+ SSL_CTX_set_client_cert_engine;
-+ SSL_CTX_set_cookie_generate_cb;
-+ SSL_CTX_set_cookie_verify_cb;
-+ SSL_CTX_set_default_passwd_cb;
-+ SSL_CTX_set_default_passwd_cb_userdata;
-+ SSL_CTX_set_default_verify_paths;
-+ SSL_CTX_set_def_passwd_cb_ud;
-+ SSL_CTX_set_def_verify_paths;
-+ SSL_CTX_set_ex_data;
-+ SSL_CTX_set_generate_session_id;
-+ SSL_CTX_set_info_callback;
-+ SSL_CTX_set_msg_callback;
-+ SSL_CTX_set_psk_client_callback;
-+ SSL_CTX_set_psk_server_callback;
-+ SSL_CTX_set_purpose;
-+ SSL_CTX_set_quiet_shutdown;
-+ SSL_CTX_set_session_id_context;
-+ SSL_CTX_set_ssl_version;
-+ SSL_CTX_set_timeout;
-+ SSL_CTX_set_tmp_dh_callback;
-+ SSL_CTX_set_tmp_ecdh_callback;
-+ SSL_CTX_set_tmp_rsa_callback;
-+ SSL_CTX_set_trust;
-+ SSL_CTX_set_verify;
-+ SSL_CTX_set_verify_depth;
-+ SSL_CTX_use_cert_chain_file;
-+ SSL_CTX_use_certificate;
-+ SSL_CTX_use_certificate_ASN1;
-+ SSL_CTX_use_certificate_chain_file;
-+ SSL_CTX_use_certificate_file;
-+ SSL_CTX_use_PrivateKey;
-+ SSL_CTX_use_PrivateKey_ASN1;
-+ SSL_CTX_use_PrivateKey_file;
-+ SSL_CTX_use_psk_identity_hint;
-+ SSL_CTX_use_RSAPrivateKey;
-+ SSL_CTX_use_RSAPrivateKey_ASN1;
-+ SSL_CTX_use_RSAPrivateKey_file;
-+ SSL_do_handshake;
-+ SSL_dup;
-+ SSL_dup_CA_list;
-+ SSLeay_add_ssl_algorithms;
-+ SSL_free;
-+ SSL_get1_session;
-+ SSL_get_certificate;
-+ SSL_get_cipher_list;
-+ SSL_get_ciphers;
-+ SSL_get_client_CA_list;
-+ SSL_get_current_cipher;
-+ SSL_get_current_compression;
-+ SSL_get_current_expansion;
-+ SSL_get_default_timeout;
-+ SSL_get_error;
-+ SSL_get_ex_data;
-+ SSL_get_ex_data_X509_STORE_CTX_idx;
-+ SSL_get_ex_d_X509_STORE_CTX_idx;
-+ SSL_get_ex_new_index;
-+ SSL_get_fd;
-+ SSL_get_finished;
-+ SSL_get_info_callback;
-+ SSL_get_peer_cert_chain;
-+ SSL_get_peer_certificate;
-+ SSL_get_peer_finished;
-+ SSL_get_privatekey;
-+ SSL_get_psk_identity;
-+ SSL_get_psk_identity_hint;
-+ SSL_get_quiet_shutdown;
-+ SSL_get_rbio;
-+ SSL_get_read_ahead;
-+ SSL_get_rfd;
-+ SSL_get_servername;
-+ SSL_get_servername_type;
-+ SSL_get_session;
-+ SSL_get_shared_ciphers;
-+ SSL_get_shutdown;
-+ SSL_get_SSL_CTX;
-+ SSL_get_ssl_method;
-+ SSL_get_verify_callback;
-+ SSL_get_verify_depth;
-+ SSL_get_verify_mode;
-+ SSL_get_verify_result;
-+ SSL_get_version;
-+ SSL_get_wbio;
-+ SSL_get_wfd;
-+ SSL_has_matching_session_id;
-+ SSL_library_init;
-+ SSL_load_client_CA_file;
-+ SSL_load_error_strings;
-+ SSL_new;
-+ SSL_peek;
-+ SSL_pending;
-+ SSL_read;
-+ SSL_renegotiate;
-+ SSL_renegotiate_pending;
-+ SSL_rstate_string;
-+ SSL_rstate_string_long;
-+ SSL_SESSION_cmp;
-+ SSL_SESSION_free;
-+ SSL_SESSION_get_ex_data;
-+ SSL_SESSION_get_ex_new_index;
-+ SSL_SESSION_get_id;
-+ SSL_SESSION_get_time;
-+ SSL_SESSION_get_timeout;
-+ SSL_SESSION_hash;
-+ SSL_SESSION_new;
-+ SSL_SESSION_print;
-+ SSL_SESSION_print_fp;
-+ SSL_SESSION_set_ex_data;
-+ SSL_SESSION_set_time;
-+ SSL_SESSION_set_timeout;
-+ SSL_set1_param;
-+ SSL_set_accept_state;
-+ SSL_set_bio;
-+ SSL_set_cipher_list;
-+ SSL_set_client_CA_list;
-+ SSL_set_connect_state;
-+ SSL_set_ex_data;
-+ SSL_set_fd;
-+ SSL_set_generate_session_id;
-+ SSL_set_info_callback;
-+ SSL_set_msg_callback;
-+ SSL_set_psk_client_callback;
-+ SSL_set_psk_server_callback;
-+ SSL_set_purpose;
-+ SSL_set_quiet_shutdown;
-+ SSL_set_read_ahead;
-+ SSL_set_rfd;
-+ SSL_set_session;
-+ SSL_set_session_id_context;
-+ SSL_set_session_secret_cb;
-+ SSL_set_session_ticket_ext;
-+ SSL_set_session_ticket_ext_cb;
-+ SSL_set_shutdown;
-+ SSL_set_SSL_CTX;
-+ SSL_set_ssl_method;
-+ SSL_set_tmp_dh_callback;
-+ SSL_set_tmp_ecdh_callback;
-+ SSL_set_tmp_rsa_callback;
-+ SSL_set_trust;
-+ SSL_set_verify;
-+ SSL_set_verify_depth;
-+ SSL_set_verify_result;
-+ SSL_set_wfd;
-+ SSL_shutdown;
-+ SSL_state;
-+ SSL_state_string;
-+ SSL_state_string_long;
-+ SSL_use_certificate;
-+ SSL_use_certificate_ASN1;
-+ SSL_use_certificate_file;
-+ SSL_use_PrivateKey;
-+ SSL_use_PrivateKey_ASN1;
-+ SSL_use_PrivateKey_file;
-+ SSL_use_psk_identity_hint;
-+ SSL_use_RSAPrivateKey;
-+ SSL_use_RSAPrivateKey_ASN1;
-+ SSL_use_RSAPrivateKey_file;
-+ SSLv23_client_method;
-+ SSLv23_method;
-+ SSLv23_server_method;
-+ SSLv2_client_method;
-+ SSLv2_method;
-+ SSLv2_server_method;
-+ SSLv3_client_method;
-+ SSLv3_method;
-+ SSLv3_server_method;
-+ SSL_version;
-+ SSL_want;
-+ SSL_write;
-+ TLSv1_client_method;
-+ TLSv1_method;
-+ TLSv1_server_method;
-+
-+
-+ SSLeay;
-+ SSLeay_version;
-+ ASN1_BIT_STRING_asn1_meth;
-+ ASN1_HEADER_free;
-+ ASN1_HEADER_new;
-+ ASN1_IA5STRING_asn1_meth;
-+ ASN1_INTEGER_get;
-+ ASN1_INTEGER_set;
-+ ASN1_INTEGER_to_BN;
-+ ASN1_OBJECT_create;
-+ ASN1_OBJECT_free;
-+ ASN1_OBJECT_new;
-+ ASN1_PRINTABLE_type;
-+ ASN1_STRING_cmp;
-+ ASN1_STRING_dup;
-+ ASN1_STRING_free;
-+ ASN1_STRING_new;
-+ ASN1_STRING_print;
-+ ASN1_STRING_set;
-+ ASN1_STRING_type_new;
-+ ASN1_TYPE_free;
-+ ASN1_TYPE_new;
-+ ASN1_UNIVERSALSTRING_to_string;
-+ ASN1_UTCTIME_check;
-+ ASN1_UTCTIME_print;
-+ ASN1_UTCTIME_set;
-+ ASN1_check_infinite_end;
-+ ASN1_d2i_bio;
-+ ASN1_d2i_fp;
-+ ASN1_digest;
-+ ASN1_dup;
-+ ASN1_get_object;
-+ ASN1_i2d_bio;
-+ ASN1_i2d_fp;
-+ ASN1_object_size;
-+ ASN1_parse;
-+ ASN1_put_object;
-+ ASN1_sign;
-+ ASN1_verify;
-+ BF_cbc_encrypt;
-+ BF_cfb64_encrypt;
-+ BF_ecb_encrypt;
-+ BF_encrypt;
-+ BF_ofb64_encrypt;
-+ BF_options;
-+ BF_set_key;
-+ BIO_CONNECT_free;
-+ BIO_CONNECT_new;
-+ BIO_accept;
-+ BIO_ctrl;
-+ BIO_int_ctrl;
-+ BIO_debug_callback;
-+ BIO_dump;
-+ BIO_dup_chain;
-+ BIO_f_base64;
-+ BIO_f_buffer;
-+ BIO_f_cipher;
-+ BIO_f_md;
-+ BIO_f_null;
-+ BIO_f_proxy_server;
-+ BIO_fd_non_fatal_error;
-+ BIO_fd_should_retry;
-+ BIO_find_type;
-+ BIO_free;
-+ BIO_free_all;
-+ BIO_get_accept_socket;
-+ BIO_get_filter_bio;
-+ BIO_get_host_ip;
-+ BIO_get_port;
-+ BIO_get_retry_BIO;
-+ BIO_get_retry_reason;
-+ BIO_gethostbyname;
-+ BIO_gets;
-+ BIO_new;
-+ BIO_new_accept;
-+ BIO_new_connect;
-+ BIO_new_fd;
-+ BIO_new_file;
-+ BIO_new_fp;
-+ BIO_new_socket;
-+ BIO_pop;
-+ BIO_printf;
-+ BIO_push;
-+ BIO_puts;
-+ BIO_read;
-+ BIO_s_accept;
-+ BIO_s_connect;
-+ BIO_s_fd;
-+ BIO_s_file;
-+ BIO_s_mem;
-+ BIO_s_null;
-+ BIO_s_proxy_client;
-+ BIO_s_socket;
-+ BIO_set;
-+ BIO_set_cipher;
-+ BIO_set_tcp_ndelay;
-+ BIO_sock_cleanup;
-+ BIO_sock_error;
-+ BIO_sock_init;
-+ BIO_sock_non_fatal_error;
-+ BIO_sock_should_retry;
-+ BIO_socket_ioctl;
-+ BIO_write;
-+ BN_CTX_free;
-+ BN_CTX_new;
-+ BN_MONT_CTX_free;
-+ BN_MONT_CTX_new;
-+ BN_MONT_CTX_set;
-+ BN_add;
-+ BN_add_word;
-+ BN_hex2bn;
-+ BN_bin2bn;
-+ BN_bn2hex;
-+ BN_bn2bin;
-+ BN_clear;
-+ BN_clear_bit;
-+ BN_clear_free;
-+ BN_cmp;
-+ BN_copy;
-+ BN_div;
-+ BN_div_word;
-+ BN_dup;
-+ BN_free;
-+ BN_from_montgomery;
-+ BN_gcd;
-+ BN_generate_prime;
-+ BN_get_word;
-+ BN_is_bit_set;
-+ BN_is_prime;
-+ BN_lshift;
-+ BN_lshift1;
-+ BN_mask_bits;
-+ BN_mod;
-+ BN_mod_exp;
-+ BN_mod_exp_mont;
-+ BN_mod_exp_simple;
-+ BN_mod_inverse;
-+ BN_mod_mul;
-+ BN_mod_mul_montgomery;
-+ BN_mod_word;
-+ BN_mul;
-+ BN_new;
-+ BN_num_bits;
-+ BN_num_bits_word;
-+ BN_options;
-+ BN_print;
-+ BN_print_fp;
-+ BN_rand;
-+ BN_reciprocal;
-+ BN_rshift;
-+ BN_rshift1;
-+ BN_set_bit;
-+ BN_set_word;
-+ BN_sqr;
-+ BN_sub;
-+ BN_to_ASN1_INTEGER;
-+ BN_ucmp;
-+ BN_value_one;
-+ BUF_MEM_free;
-+ BUF_MEM_grow;
-+ BUF_MEM_new;
-+ BUF_strdup;
-+ CONF_free;
-+ CONF_get_number;
-+ CONF_get_section;
-+ CONF_get_string;
-+ CONF_load;
-+ CRYPTO_add_lock;
-+ CRYPTO_dbg_free;
-+ CRYPTO_dbg_malloc;
-+ CRYPTO_dbg_realloc;
-+ CRYPTO_dbg_remalloc;
-+ CRYPTO_free;
-+ CRYPTO_get_add_lock_callback;
-+ CRYPTO_get_id_callback;
-+ CRYPTO_get_lock_name;
-+ CRYPTO_get_locking_callback;
-+ CRYPTO_get_mem_functions;
-+ CRYPTO_lock;
-+ CRYPTO_malloc;
-+ CRYPTO_mem_ctrl;
-+ CRYPTO_mem_leaks;
-+ CRYPTO_mem_leaks_cb;
-+ CRYPTO_mem_leaks_fp;
-+ CRYPTO_realloc;
-+ CRYPTO_remalloc;
-+ CRYPTO_set_add_lock_callback;
-+ CRYPTO_set_id_callback;
-+ CRYPTO_set_locking_callback;
-+ CRYPTO_set_mem_functions;
-+ CRYPTO_thread_id;
-+ DH_check;
-+ DH_compute_key;
-+ DH_free;
-+ DH_generate_key;
-+ DH_generate_parameters;
-+ DH_new;
-+ DH_size;
-+ DHparams_print;
-+ DHparams_print_fp;
-+ DSA_free;
-+ DSA_generate_key;
-+ DSA_generate_parameters;
-+ DSA_is_prime;
-+ DSA_new;
-+ DSA_print;
-+ DSA_print_fp;
-+ DSA_sign;
-+ DSA_sign_setup;
-+ DSA_size;
-+ DSA_verify;
-+ DSAparams_print;
-+ DSAparams_print_fp;
-+ ERR_clear_error;
-+ ERR_error_string;
-+ ERR_free_strings;
-+ ERR_func_error_string;
-+ ERR_get_err_state_table;
-+ ERR_get_error;
-+ ERR_get_error_line;
-+ ERR_get_state;
-+ ERR_get_string_table;
-+ ERR_lib_error_string;
-+ ERR_load_ASN1_strings;
-+ ERR_load_BIO_strings;
-+ ERR_load_BN_strings;
-+ ERR_load_BUF_strings;
-+ ERR_load_CONF_strings;
-+ ERR_load_DH_strings;
-+ ERR_load_DSA_strings;
-+ ERR_load_ERR_strings;
-+ ERR_load_EVP_strings;
-+ ERR_load_OBJ_strings;
-+ ERR_load_PEM_strings;
-+ ERR_load_PROXY_strings;
-+ ERR_load_RSA_strings;
-+ ERR_load_X509_strings;
-+ ERR_load_crypto_strings;
-+ ERR_load_strings;
-+ ERR_peek_error;
-+ ERR_peek_error_line;
-+ ERR_print_errors;
-+ ERR_print_errors_fp;
-+ ERR_put_error;
-+ ERR_reason_error_string;
-+ ERR_remove_state;
-+ EVP_BytesToKey;
-+ EVP_CIPHER_CTX_cleanup;
-+ EVP_CipherFinal;
-+ EVP_CipherInit;
-+ EVP_CipherUpdate;
-+ EVP_DecodeBlock;
-+ EVP_DecodeFinal;
-+ EVP_DecodeInit;
-+ EVP_DecodeUpdate;
-+ EVP_DecryptFinal;
-+ EVP_DecryptInit;
-+ EVP_DecryptUpdate;
-+ EVP_DigestFinal;
-+ EVP_DigestInit;
-+ EVP_DigestUpdate;
-+ EVP_EncodeBlock;
-+ EVP_EncodeFinal;
-+ EVP_EncodeInit;
-+ EVP_EncodeUpdate;
-+ EVP_EncryptFinal;
-+ EVP_EncryptInit;
-+ EVP_EncryptUpdate;
-+ EVP_OpenFinal;
-+ EVP_OpenInit;
-+ EVP_PKEY_assign;
-+ EVP_PKEY_copy_parameters;
-+ EVP_PKEY_free;
-+ EVP_PKEY_missing_parameters;
-+ EVP_PKEY_new;
-+ EVP_PKEY_save_parameters;
-+ EVP_PKEY_size;
-+ EVP_PKEY_type;
-+ EVP_SealFinal;
-+ EVP_SealInit;
-+ EVP_SignFinal;
-+ EVP_VerifyFinal;
-+ EVP_add_alias;
-+ EVP_add_cipher;
-+ EVP_add_digest;
-+ EVP_bf_cbc;
-+ EVP_bf_cfb64;
-+ EVP_bf_ecb;
-+ EVP_bf_ofb;
-+ EVP_cleanup;
-+ EVP_des_cbc;
-+ EVP_des_cfb64;
-+ EVP_des_ecb;
-+ EVP_des_ede;
-+ EVP_des_ede3;
-+ EVP_des_ede3_cbc;
-+ EVP_des_ede3_cfb64;
-+ EVP_des_ede3_ofb;
-+ EVP_des_ede_cbc;
-+ EVP_des_ede_cfb64;
-+ EVP_des_ede_ofb;
-+ EVP_des_ofb;
-+ EVP_desx_cbc;
-+ EVP_dss;
-+ EVP_dss1;
-+ EVP_enc_null;
-+ EVP_get_cipherbyname;
-+ EVP_get_digestbyname;
-+ EVP_get_pw_prompt;
-+ EVP_idea_cbc;
-+ EVP_idea_cfb64;
-+ EVP_idea_ecb;
-+ EVP_idea_ofb;
-+ EVP_md2;
-+ EVP_md5;
-+ EVP_md_null;
-+ EVP_rc2_cbc;
-+ EVP_rc2_cfb64;
-+ EVP_rc2_ecb;
-+ EVP_rc2_ofb;
-+ EVP_rc4;
-+ EVP_read_pw_string;
-+ EVP_set_pw_prompt;
-+ EVP_sha;
-+ EVP_sha1;
-+ MD2;
-+ MD2_Final;
-+ MD2_Init;
-+ MD2_Update;
-+ MD2_options;
-+ MD5;
-+ MD5_Final;
-+ MD5_Init;
-+ MD5_Update;
-+ MDC2;
-+ MDC2_Final;
-+ MDC2_Init;
-+ MDC2_Update;
-+ NETSCAPE_SPKAC_free;
-+ NETSCAPE_SPKAC_new;
-+ NETSCAPE_SPKI_free;
-+ NETSCAPE_SPKI_new;
-+ NETSCAPE_SPKI_sign;
-+ NETSCAPE_SPKI_verify;
-+ OBJ_add_object;
-+ OBJ_bsearch;
-+ OBJ_cleanup;
-+ OBJ_cmp;
-+ OBJ_create;
-+ OBJ_dup;
-+ OBJ_ln2nid;
-+ OBJ_new_nid;
-+ OBJ_nid2ln;
-+ OBJ_nid2obj;
-+ OBJ_nid2sn;
-+ OBJ_obj2nid;
-+ OBJ_sn2nid;
-+ OBJ_txt2nid;
-+ PEM_ASN1_read;
-+ PEM_ASN1_read_bio;
-+ PEM_ASN1_write;
-+ PEM_ASN1_write_bio;
-+ PEM_SealFinal;
-+ PEM_SealInit;
-+ PEM_SealUpdate;
-+ PEM_SignFinal;
-+ PEM_SignInit;
-+ PEM_SignUpdate;
-+ PEM_X509_INFO_read;
-+ PEM_X509_INFO_read_bio;
-+ PEM_X509_INFO_write_bio;
-+ PEM_dek_info;
-+ PEM_do_header;
-+ PEM_get_EVP_CIPHER_INFO;
-+ PEM_proc_type;
-+ PEM_read;
-+ PEM_read_DHparams;
-+ PEM_read_DSAPrivateKey;
-+ PEM_read_DSAparams;
-+ PEM_read_PKCS7;
-+ PEM_read_PrivateKey;
-+ PEM_read_RSAPrivateKey;
-+ PEM_read_X509;
-+ PEM_read_X509_CRL;
-+ PEM_read_X509_REQ;
-+ PEM_read_bio;
-+ PEM_read_bio_DHparams;
-+ PEM_read_bio_DSAPrivateKey;
-+ PEM_read_bio_DSAparams;
-+ PEM_read_bio_PKCS7;
-+ PEM_read_bio_PrivateKey;
-+ PEM_read_bio_RSAPrivateKey;
-+ PEM_read_bio_X509;
-+ PEM_read_bio_X509_CRL;
-+ PEM_read_bio_X509_REQ;
-+ PEM_write;
-+ PEM_write_DHparams;
-+ PEM_write_DSAPrivateKey;
-+ PEM_write_DSAparams;
-+ PEM_write_PKCS7;
-+ PEM_write_PrivateKey;
-+ PEM_write_RSAPrivateKey;
-+ PEM_write_X509;
-+ PEM_write_X509_CRL;
-+ PEM_write_X509_REQ;
-+ PEM_write_bio;
-+ PEM_write_bio_DHparams;
-+ PEM_write_bio_DSAPrivateKey;
-+ PEM_write_bio_DSAparams;
-+ PEM_write_bio_PKCS7;
-+ PEM_write_bio_PrivateKey;
-+ PEM_write_bio_RSAPrivateKey;
-+ PEM_write_bio_X509;
-+ PEM_write_bio_X509_CRL;
-+ PEM_write_bio_X509_REQ;
-+ PKCS7_DIGEST_free;
-+ PKCS7_DIGEST_new;
-+ PKCS7_ENCRYPT_free;
-+ PKCS7_ENCRYPT_new;
-+ PKCS7_ENC_CONTENT_free;
-+ PKCS7_ENC_CONTENT_new;
-+ PKCS7_ENVELOPE_free;
-+ PKCS7_ENVELOPE_new;
-+ PKCS7_ISSUER_AND_SERIAL_digest;
-+ PKCS7_ISSUER_AND_SERIAL_free;
-+ PKCS7_ISSUER_AND_SERIAL_new;
-+ PKCS7_RECIP_INFO_free;
-+ PKCS7_RECIP_INFO_new;
-+ PKCS7_SIGNED_free;
-+ PKCS7_SIGNED_new;
-+ PKCS7_SIGNER_INFO_free;
-+ PKCS7_SIGNER_INFO_new;
-+ PKCS7_SIGN_ENVELOPE_free;
-+ PKCS7_SIGN_ENVELOPE_new;
-+ PKCS7_dup;
-+ PKCS7_free;
-+ PKCS7_new;
-+ PROXY_ENTRY_add_noproxy;
-+ PROXY_ENTRY_clear_noproxy;
-+ PROXY_ENTRY_free;
-+ PROXY_ENTRY_get_noproxy;
-+ PROXY_ENTRY_new;
-+ PROXY_ENTRY_set_server;
-+ PROXY_add_noproxy;
-+ PROXY_add_server;
-+ PROXY_check_by_host;
-+ PROXY_check_url;
-+ PROXY_clear_noproxy;
-+ PROXY_free;
-+ PROXY_get_noproxy;
-+ PROXY_get_proxies;
-+ PROXY_get_proxy_entry;
-+ PROXY_load_conf;
-+ PROXY_new;
-+ PROXY_print;
-+ RAND_bytes;
-+ RAND_cleanup;
-+ RAND_file_name;
-+ RAND_load_file;
-+ RAND_screen;
-+ RAND_seed;
-+ RAND_write_file;
-+ RC2_cbc_encrypt;
-+ RC2_cfb64_encrypt;
-+ RC2_ecb_encrypt;
-+ RC2_encrypt;
-+ RC2_ofb64_encrypt;
-+ RC2_set_key;
-+ RC4;
-+ RC4_options;
-+ RC4_set_key;
-+ RSAPrivateKey_asn1_meth;
-+ RSAPrivateKey_dup;
-+ RSAPublicKey_dup;
-+ RSA_PKCS1_SSLeay;
-+ RSA_free;
-+ RSA_generate_key;
-+ RSA_new;
-+ RSA_new_method;
-+ RSA_print;
-+ RSA_print_fp;
-+ RSA_private_decrypt;
-+ RSA_private_encrypt;
-+ RSA_public_decrypt;
-+ RSA_public_encrypt;
-+ RSA_set_default_method;
-+ RSA_sign;
-+ RSA_sign_ASN1_OCTET_STRING;
-+ RSA_size;
-+ RSA_verify;
-+ RSA_verify_ASN1_OCTET_STRING;
-+ SHA;
-+ SHA1;
-+ SHA1_Final;
-+ SHA1_Init;
-+ SHA1_Update;
-+ SHA_Final;
-+ SHA_Init;
-+ SHA_Update;
-+ OpenSSL_add_all_algorithms;
-+ OpenSSL_add_all_ciphers;
-+ OpenSSL_add_all_digests;
-+ TXT_DB_create_index;
-+ TXT_DB_free;
-+ TXT_DB_get_by_index;
-+ TXT_DB_insert;
-+ TXT_DB_read;
-+ TXT_DB_write;
-+ X509_ALGOR_free;
-+ X509_ALGOR_new;
-+ X509_ATTRIBUTE_free;
-+ X509_ATTRIBUTE_new;
-+ X509_CINF_free;
-+ X509_CINF_new;
-+ X509_CRL_INFO_free;
-+ X509_CRL_INFO_new;
-+ X509_CRL_add_ext;
-+ X509_CRL_cmp;
-+ X509_CRL_delete_ext;
-+ X509_CRL_dup;
-+ X509_CRL_free;
-+ X509_CRL_get_ext;
-+ X509_CRL_get_ext_by_NID;
-+ X509_CRL_get_ext_by_OBJ;
-+ X509_CRL_get_ext_by_critical;
-+ X509_CRL_get_ext_count;
-+ X509_CRL_new;
-+ X509_CRL_sign;
-+ X509_CRL_verify;
-+ X509_EXTENSION_create_by_NID;
-+ X509_EXTENSION_create_by_OBJ;
-+ X509_EXTENSION_dup;
-+ X509_EXTENSION_free;
-+ X509_EXTENSION_get_critical;
-+ X509_EXTENSION_get_data;
-+ X509_EXTENSION_get_object;
-+ X509_EXTENSION_new;
-+ X509_EXTENSION_set_critical;
-+ X509_EXTENSION_set_data;
-+ X509_EXTENSION_set_object;
-+ X509_INFO_free;
-+ X509_INFO_new;
-+ X509_LOOKUP_by_alias;
-+ X509_LOOKUP_by_fingerprint;
-+ X509_LOOKUP_by_issuer_serial;
-+ X509_LOOKUP_by_subject;
-+ X509_LOOKUP_ctrl;
-+ X509_LOOKUP_file;
-+ X509_LOOKUP_free;
-+ X509_LOOKUP_hash_dir;
-+ X509_LOOKUP_init;
-+ X509_LOOKUP_new;
-+ X509_LOOKUP_shutdown;
-+ X509_NAME_ENTRY_create_by_NID;
-+ X509_NAME_ENTRY_create_by_OBJ;
-+ X509_NAME_ENTRY_dup;
-+ X509_NAME_ENTRY_free;
-+ X509_NAME_ENTRY_get_data;
-+ X509_NAME_ENTRY_get_object;
-+ X509_NAME_ENTRY_new;
-+ X509_NAME_ENTRY_set_data;
-+ X509_NAME_ENTRY_set_object;
-+ X509_NAME_add_entry;
-+ X509_NAME_cmp;
-+ X509_NAME_delete_entry;
-+ X509_NAME_digest;
-+ X509_NAME_dup;
-+ X509_NAME_entry_count;
-+ X509_NAME_free;
-+ X509_NAME_get_entry;
-+ X509_NAME_get_index_by_NID;
-+ X509_NAME_get_index_by_OBJ;
-+ X509_NAME_get_text_by_NID;
-+ X509_NAME_get_text_by_OBJ;
-+ X509_NAME_hash;
-+ X509_NAME_new;
-+ X509_NAME_oneline;
-+ X509_NAME_print;
-+ X509_NAME_set;
-+ X509_OBJECT_free_contents;
-+ X509_OBJECT_retrieve_by_subject;
-+ X509_OBJECT_up_ref_count;
-+ X509_PKEY_free;
-+ X509_PKEY_new;
-+ X509_PUBKEY_free;
-+ X509_PUBKEY_get;
-+ X509_PUBKEY_new;
-+ X509_PUBKEY_set;
-+ X509_REQ_INFO_free;
-+ X509_REQ_INFO_new;
-+ X509_REQ_dup;
-+ X509_REQ_free;
-+ X509_REQ_get_pubkey;
-+ X509_REQ_new;
-+ X509_REQ_print;
-+ X509_REQ_print_fp;
-+ X509_REQ_set_pubkey;
-+ X509_REQ_set_subject_name;
-+ X509_REQ_set_version;
-+ X509_REQ_sign;
-+ X509_REQ_to_X509;
-+ X509_REQ_verify;
-+ X509_REVOKED_add_ext;
-+ X509_REVOKED_delete_ext;
-+ X509_REVOKED_free;
-+ X509_REVOKED_get_ext;
-+ X509_REVOKED_get_ext_by_NID;
-+ X509_REVOKED_get_ext_by_OBJ;
-+ X509_REVOKED_get_ext_by_critical;
-+ X509_REVOKED_get_ext_by_critic;
-+ X509_REVOKED_get_ext_count;
-+ X509_REVOKED_new;
-+ X509_SIG_free;
-+ X509_SIG_new;
-+ X509_STORE_CTX_cleanup;
-+ X509_STORE_CTX_init;
-+ X509_STORE_add_cert;
-+ X509_STORE_add_lookup;
-+ X509_STORE_free;
-+ X509_STORE_get_by_subject;
-+ X509_STORE_load_locations;
-+ X509_STORE_new;
-+ X509_STORE_set_default_paths;
-+ X509_VAL_free;
-+ X509_VAL_new;
-+ X509_add_ext;
-+ X509_asn1_meth;
-+ X509_certificate_type;
-+ X509_check_private_key;
-+ X509_cmp_current_time;
-+ X509_delete_ext;
-+ X509_digest;
-+ X509_dup;
-+ X509_free;
-+ X509_get_default_cert_area;
-+ X509_get_default_cert_dir;
-+ X509_get_default_cert_dir_env;
-+ X509_get_default_cert_file;
-+ X509_get_default_cert_file_env;
-+ X509_get_default_private_dir;
-+ X509_get_ext;
-+ X509_get_ext_by_NID;
-+ X509_get_ext_by_OBJ;
-+ X509_get_ext_by_critical;
-+ X509_get_ext_count;
-+ X509_get_issuer_name;
-+ X509_get_pubkey;
-+ X509_get_pubkey_parameters;
-+ X509_get_serialNumber;
-+ X509_get_subject_name;
-+ X509_gmtime_adj;
-+ X509_issuer_and_serial_cmp;
-+ X509_issuer_and_serial_hash;
-+ X509_issuer_name_cmp;
-+ X509_issuer_name_hash;
-+ X509_load_cert_file;
-+ X509_new;
-+ X509_print;
-+ X509_print_fp;
-+ X509_set_issuer_name;
-+ X509_set_notAfter;
-+ X509_set_notBefore;
-+ X509_set_pubkey;
-+ X509_set_serialNumber;
-+ X509_set_subject_name;
-+ X509_set_version;
-+ X509_sign;
-+ X509_subject_name_cmp;
-+ X509_subject_name_hash;
-+ X509_to_X509_REQ;
-+ X509_verify;
-+ X509_verify_cert;
-+ X509_verify_cert_error_string;
-+ X509v3_add_ext;
-+ X509v3_add_extension;
-+ X509v3_add_netscape_extensions;
-+ X509v3_add_standard_extensions;
-+ X509v3_cleanup_extensions;
-+ X509v3_data_type_by_NID;
-+ X509v3_data_type_by_OBJ;
-+ X509v3_delete_ext;
-+ X509v3_get_ext;
-+ X509v3_get_ext_by_NID;
-+ X509v3_get_ext_by_OBJ;
-+ X509v3_get_ext_by_critical;
-+ X509v3_get_ext_count;
-+ X509v3_pack_string;
-+ X509v3_pack_type_by_NID;
-+ X509v3_pack_type_by_OBJ;
-+ X509v3_unpack_string;
-+ _des_crypt;
-+ a2d_ASN1_OBJECT;
-+ a2i_ASN1_INTEGER;
-+ a2i_ASN1_STRING;
-+ asn1_Finish;
-+ asn1_GetSequence;
-+ bn_div_words;
-+ bn_expand2;
-+ bn_mul_add_words;
-+ bn_mul_words;
-+ BN_uadd;
-+ BN_usub;
-+ bn_sqr_words;
-+ _ossl_old_crypt;
-+ d2i_ASN1_BIT_STRING;
-+ d2i_ASN1_BOOLEAN;
-+ d2i_ASN1_HEADER;
-+ d2i_ASN1_IA5STRING;
-+ d2i_ASN1_INTEGER;
-+ d2i_ASN1_OBJECT;
-+ d2i_ASN1_OCTET_STRING;
-+ d2i_ASN1_PRINTABLE;
-+ d2i_ASN1_PRINTABLESTRING;
-+ d2i_ASN1_SET;
-+ d2i_ASN1_T61STRING;
-+ d2i_ASN1_TYPE;
-+ d2i_ASN1_UTCTIME;
-+ d2i_ASN1_bytes;
-+ d2i_ASN1_type_bytes;
-+ d2i_DHparams;
-+ d2i_DSAPrivateKey;
-+ d2i_DSAPrivateKey_bio;
-+ d2i_DSAPrivateKey_fp;
-+ d2i_DSAPublicKey;
-+ d2i_DSAparams;
-+ d2i_NETSCAPE_SPKAC;
-+ d2i_NETSCAPE_SPKI;
-+ d2i_Netscape_RSA;
-+ d2i_PKCS7;
-+ d2i_PKCS7_DIGEST;
-+ d2i_PKCS7_ENCRYPT;
-+ d2i_PKCS7_ENC_CONTENT;
-+ d2i_PKCS7_ENVELOPE;
-+ d2i_PKCS7_ISSUER_AND_SERIAL;
-+ d2i_PKCS7_RECIP_INFO;
-+ d2i_PKCS7_SIGNED;
-+ d2i_PKCS7_SIGNER_INFO;
-+ d2i_PKCS7_SIGN_ENVELOPE;
-+ d2i_PKCS7_bio;
-+ d2i_PKCS7_fp;
-+ d2i_PrivateKey;
-+ d2i_PublicKey;
-+ d2i_RSAPrivateKey;
-+ d2i_RSAPrivateKey_bio;
-+ d2i_RSAPrivateKey_fp;
-+ d2i_RSAPublicKey;
-+ d2i_X509;
-+ d2i_X509_ALGOR;
-+ d2i_X509_ATTRIBUTE;
-+ d2i_X509_CINF;
-+ d2i_X509_CRL;
-+ d2i_X509_CRL_INFO;
-+ d2i_X509_CRL_bio;
-+ d2i_X509_CRL_fp;
-+ d2i_X509_EXTENSION;
-+ d2i_X509_NAME;
-+ d2i_X509_NAME_ENTRY;
-+ d2i_X509_PKEY;
-+ d2i_X509_PUBKEY;
-+ d2i_X509_REQ;
-+ d2i_X509_REQ_INFO;
-+ d2i_X509_REQ_bio;
-+ d2i_X509_REQ_fp;
-+ d2i_X509_REVOKED;
-+ d2i_X509_SIG;
-+ d2i_X509_VAL;
-+ d2i_X509_bio;
-+ d2i_X509_fp;
-+ DES_cbc_cksum;
-+ DES_cbc_encrypt;
-+ DES_cblock_print_file;
-+ DES_cfb64_encrypt;
-+ DES_cfb_encrypt;
-+ DES_decrypt3;
-+ DES_ecb3_encrypt;
-+ DES_ecb_encrypt;
-+ DES_ede3_cbc_encrypt;
-+ DES_ede3_cfb64_encrypt;
-+ DES_ede3_ofb64_encrypt;
-+ DES_enc_read;
-+ DES_enc_write;
-+ DES_encrypt1;
-+ DES_encrypt2;
-+ DES_encrypt3;
-+ DES_fcrypt;
-+ DES_is_weak_key;
-+ DES_key_sched;
-+ DES_ncbc_encrypt;
-+ DES_ofb64_encrypt;
-+ DES_ofb_encrypt;
-+ DES_options;
-+ DES_pcbc_encrypt;
-+ DES_quad_cksum;
-+ DES_random_key;
-+ _ossl_old_des_random_seed;
-+ _ossl_old_des_read_2passwords;
-+ _ossl_old_des_read_password;
-+ _ossl_old_des_read_pw;
-+ _ossl_old_des_read_pw_string;
-+ DES_set_key;
-+ DES_set_odd_parity;
-+ DES_string_to_2keys;
-+ DES_string_to_key;
-+ DES_xcbc_encrypt;
-+ DES_xwhite_in2out;
-+ fcrypt_body;
-+ i2a_ASN1_INTEGER;
-+ i2a_ASN1_OBJECT;
-+ i2a_ASN1_STRING;
-+ i2d_ASN1_BIT_STRING;
-+ i2d_ASN1_BOOLEAN;
-+ i2d_ASN1_HEADER;
-+ i2d_ASN1_IA5STRING;
-+ i2d_ASN1_INTEGER;
-+ i2d_ASN1_OBJECT;
-+ i2d_ASN1_OCTET_STRING;
-+ i2d_ASN1_PRINTABLE;
-+ i2d_ASN1_SET;
-+ i2d_ASN1_TYPE;
-+ i2d_ASN1_UTCTIME;
-+ i2d_ASN1_bytes;
-+ i2d_DHparams;
-+ i2d_DSAPrivateKey;
-+ i2d_DSAPrivateKey_bio;
-+ i2d_DSAPrivateKey_fp;
-+ i2d_DSAPublicKey;
-+ i2d_DSAparams;
-+ i2d_NETSCAPE_SPKAC;
-+ i2d_NETSCAPE_SPKI;
-+ i2d_Netscape_RSA;
-+ i2d_PKCS7;
-+ i2d_PKCS7_DIGEST;
-+ i2d_PKCS7_ENCRYPT;
-+ i2d_PKCS7_ENC_CONTENT;
-+ i2d_PKCS7_ENVELOPE;
-+ i2d_PKCS7_ISSUER_AND_SERIAL;
-+ i2d_PKCS7_RECIP_INFO;
-+ i2d_PKCS7_SIGNED;
-+ i2d_PKCS7_SIGNER_INFO;
-+ i2d_PKCS7_SIGN_ENVELOPE;
-+ i2d_PKCS7_bio;
-+ i2d_PKCS7_fp;
-+ i2d_PrivateKey;
-+ i2d_PublicKey;
-+ i2d_RSAPrivateKey;
-+ i2d_RSAPrivateKey_bio;
-+ i2d_RSAPrivateKey_fp;
-+ i2d_RSAPublicKey;
-+ i2d_X509;
-+ i2d_X509_ALGOR;
-+ i2d_X509_ATTRIBUTE;
-+ i2d_X509_CINF;
-+ i2d_X509_CRL;
-+ i2d_X509_CRL_INFO;
-+ i2d_X509_CRL_bio;
-+ i2d_X509_CRL_fp;
-+ i2d_X509_EXTENSION;
-+ i2d_X509_NAME;
-+ i2d_X509_NAME_ENTRY;
-+ i2d_X509_PKEY;
-+ i2d_X509_PUBKEY;
-+ i2d_X509_REQ;
-+ i2d_X509_REQ_INFO;
-+ i2d_X509_REQ_bio;
-+ i2d_X509_REQ_fp;
-+ i2d_X509_REVOKED;
-+ i2d_X509_SIG;
-+ i2d_X509_VAL;
-+ i2d_X509_bio;
-+ i2d_X509_fp;
-+ idea_cbc_encrypt;
-+ idea_cfb64_encrypt;
-+ idea_ecb_encrypt;
-+ idea_encrypt;
-+ idea_ofb64_encrypt;
-+ idea_options;
-+ idea_set_decrypt_key;
-+ idea_set_encrypt_key;
-+ lh_delete;
-+ lh_doall;
-+ lh_doall_arg;
-+ lh_free;
-+ lh_insert;
-+ lh_new;
-+ lh_node_stats;
-+ lh_node_stats_bio;
-+ lh_node_usage_stats;
-+ lh_node_usage_stats_bio;
-+ lh_retrieve;
-+ lh_stats;
-+ lh_stats_bio;
-+ lh_strhash;
-+ sk_delete;
-+ sk_delete_ptr;
-+ sk_dup;
-+ sk_find;
-+ sk_free;
-+ sk_insert;
-+ sk_new;
-+ sk_pop;
-+ sk_pop_free;
-+ sk_push;
-+ sk_set_cmp_func;
-+ sk_shift;
-+ sk_unshift;
-+ sk_zero;
-+ BIO_f_nbio_test;
-+ ASN1_TYPE_get;
-+ ASN1_TYPE_set;
-+ PKCS7_content_free;
-+ ERR_load_PKCS7_strings;
-+ X509_find_by_issuer_and_serial;
-+ X509_find_by_subject;
-+ PKCS7_ctrl;
-+ PKCS7_set_type;
-+ PKCS7_set_content;
-+ PKCS7_SIGNER_INFO_set;
-+ PKCS7_add_signer;
-+ PKCS7_add_certificate;
-+ PKCS7_add_crl;
-+ PKCS7_content_new;
-+ PKCS7_dataSign;
-+ PKCS7_dataVerify;
-+ PKCS7_dataInit;
-+ PKCS7_add_signature;
-+ PKCS7_cert_from_signer_info;
-+ PKCS7_get_signer_info;
-+ EVP_delete_alias;
-+ EVP_mdc2;
-+ PEM_read_bio_RSAPublicKey;
-+ PEM_write_bio_RSAPublicKey;
-+ d2i_RSAPublicKey_bio;
-+ i2d_RSAPublicKey_bio;
-+ PEM_read_RSAPublicKey;
-+ PEM_write_RSAPublicKey;
-+ d2i_RSAPublicKey_fp;
-+ i2d_RSAPublicKey_fp;
-+ BIO_copy_next_retry;
-+ RSA_flags;
-+ X509_STORE_add_crl;
-+ X509_load_crl_file;
-+ EVP_rc2_40_cbc;
-+ EVP_rc4_40;
-+ EVP_CIPHER_CTX_init;
-+ HMAC;
-+ HMAC_Init;
-+ HMAC_Update;
-+ HMAC_Final;
-+ ERR_get_next_error_library;
-+ EVP_PKEY_cmp_parameters;
-+ HMAC_cleanup;
-+ BIO_ptr_ctrl;
-+ BIO_new_file_internal;
-+ BIO_new_fp_internal;
-+ BIO_s_file_internal;
-+ BN_BLINDING_convert;
-+ BN_BLINDING_invert;
-+ BN_BLINDING_update;
-+ RSA_blinding_on;
-+ RSA_blinding_off;
-+ i2t_ASN1_OBJECT;
-+ BN_BLINDING_new;
-+ BN_BLINDING_free;
-+ EVP_cast5_cbc;
-+ EVP_cast5_cfb64;
-+ EVP_cast5_ecb;
-+ EVP_cast5_ofb;
-+ BF_decrypt;
-+ CAST_set_key;
-+ CAST_encrypt;
-+ CAST_decrypt;
-+ CAST_ecb_encrypt;
-+ CAST_cbc_encrypt;
-+ CAST_cfb64_encrypt;
-+ CAST_ofb64_encrypt;
-+ RC2_decrypt;
-+ OBJ_create_objects;
-+ BN_exp;
-+ BN_mul_word;
-+ BN_sub_word;
-+ BN_dec2bn;
-+ BN_bn2dec;
-+ BIO_ghbn_ctrl;
-+ CRYPTO_free_ex_data;
-+ CRYPTO_get_ex_data;
-+ CRYPTO_set_ex_data;
-+ ERR_load_CRYPTO_strings;
-+ ERR_load_CRYPTOlib_strings;
-+ EVP_PKEY_bits;
-+ MD5_Transform;
-+ SHA1_Transform;
-+ SHA_Transform;
-+ X509_STORE_CTX_get_chain;
-+ X509_STORE_CTX_get_current_cert;
-+ X509_STORE_CTX_get_error;
-+ X509_STORE_CTX_get_error_depth;
-+ X509_STORE_CTX_get_ex_data;
-+ X509_STORE_CTX_set_cert;
-+ X509_STORE_CTX_set_chain;
-+ X509_STORE_CTX_set_error;
-+ X509_STORE_CTX_set_ex_data;
-+ CRYPTO_dup_ex_data;
-+ CRYPTO_get_new_lockid;
-+ CRYPTO_new_ex_data;
-+ RSA_set_ex_data;
-+ RSA_get_ex_data;
-+ RSA_get_ex_new_index;
-+ RSA_padding_add_PKCS1_type_1;
-+ RSA_padding_add_PKCS1_type_2;
-+ RSA_padding_add_SSLv23;
-+ RSA_padding_add_none;
-+ RSA_padding_check_PKCS1_type_1;
-+ RSA_padding_check_PKCS1_type_2;
-+ RSA_padding_check_SSLv23;
-+ RSA_padding_check_none;
-+ bn_add_words;
-+ d2i_Netscape_RSA_2;
-+ CRYPTO_get_ex_new_index;
-+ RIPEMD160_Init;
-+ RIPEMD160_Update;
-+ RIPEMD160_Final;
-+ RIPEMD160;
-+ RIPEMD160_Transform;
-+ RC5_32_set_key;
-+ RC5_32_ecb_encrypt;
-+ RC5_32_encrypt;
-+ RC5_32_decrypt;
-+ RC5_32_cbc_encrypt;
-+ RC5_32_cfb64_encrypt;
-+ RC5_32_ofb64_encrypt;
-+ BN_bn2mpi;
-+ BN_mpi2bn;
-+ ASN1_BIT_STRING_get_bit;
-+ ASN1_BIT_STRING_set_bit;
-+ BIO_get_ex_data;
-+ BIO_get_ex_new_index;
-+ BIO_set_ex_data;
-+ X509v3_get_key_usage;
-+ X509v3_set_key_usage;
-+ a2i_X509v3_key_usage;
-+ i2a_X509v3_key_usage;
-+ EVP_PKEY_decrypt;
-+ EVP_PKEY_encrypt;
-+ PKCS7_RECIP_INFO_set;
-+ PKCS7_add_recipient;
-+ PKCS7_add_recipient_info;
-+ PKCS7_set_cipher;
-+ ASN1_TYPE_get_int_octetstring;
-+ ASN1_TYPE_get_octetstring;
-+ ASN1_TYPE_set_int_octetstring;
-+ ASN1_TYPE_set_octetstring;
-+ ASN1_UTCTIME_set_string;
-+ ERR_add_error_data;
-+ ERR_set_error_data;
-+ EVP_CIPHER_asn1_to_param;
-+ EVP_CIPHER_param_to_asn1;
-+ EVP_CIPHER_get_asn1_iv;
-+ EVP_CIPHER_set_asn1_iv;
-+ EVP_rc5_32_12_16_cbc;
-+ EVP_rc5_32_12_16_cfb64;
-+ EVP_rc5_32_12_16_ecb;
-+ EVP_rc5_32_12_16_ofb;
-+ asn1_add_error;
-+ d2i_ASN1_BMPSTRING;
-+ i2d_ASN1_BMPSTRING;
-+ BIO_f_ber;
-+ BN_init;
-+ COMP_CTX_new;
-+ COMP_CTX_free;
-+ COMP_CTX_compress_block;
-+ COMP_CTX_expand_block;
-+ X509_STORE_CTX_get_ex_new_index;
-+ OBJ_NAME_add;
-+ BIO_socket_nbio;
-+ EVP_rc2_64_cbc;
-+ OBJ_NAME_cleanup;
-+ OBJ_NAME_get;
-+ OBJ_NAME_init;
-+ OBJ_NAME_new_index;
-+ OBJ_NAME_remove;
-+ BN_MONT_CTX_copy;
-+ BIO_new_socks4a_connect;
-+ BIO_s_socks4a_connect;
-+ PROXY_set_connect_mode;
-+ RAND_SSLeay;
-+ RAND_set_rand_method;
-+ RSA_memory_lock;
-+ bn_sub_words;
-+ bn_mul_normal;
-+ bn_mul_comba8;
-+ bn_mul_comba4;
-+ bn_sqr_normal;
-+ bn_sqr_comba8;
-+ bn_sqr_comba4;
-+ bn_cmp_words;
-+ bn_mul_recursive;
-+ bn_mul_part_recursive;
-+ bn_sqr_recursive;
-+ bn_mul_low_normal;
-+ BN_RECP_CTX_init;
-+ BN_RECP_CTX_new;
-+ BN_RECP_CTX_free;
-+ BN_RECP_CTX_set;
-+ BN_mod_mul_reciprocal;
-+ BN_mod_exp_recp;
-+ BN_div_recp;
-+ BN_CTX_init;
-+ BN_MONT_CTX_init;
-+ RAND_get_rand_method;
-+ PKCS7_add_attribute;
-+ PKCS7_add_signed_attribute;
-+ PKCS7_digest_from_attributes;
-+ PKCS7_get_attribute;
-+ PKCS7_get_issuer_and_serial;
-+ PKCS7_get_signed_attribute;
-+ COMP_compress_block;
-+ COMP_expand_block;
-+ COMP_rle;
-+ COMP_zlib;
-+ ms_time_diff;
-+ ms_time_new;
-+ ms_time_free;
-+ ms_time_cmp;
-+ ms_time_get;
-+ PKCS7_set_attributes;
-+ PKCS7_set_signed_attributes;
-+ X509_ATTRIBUTE_create;
-+ X509_ATTRIBUTE_dup;
-+ ASN1_GENERALIZEDTIME_check;
-+ ASN1_GENERALIZEDTIME_print;
-+ ASN1_GENERALIZEDTIME_set;
-+ ASN1_GENERALIZEDTIME_set_string;
-+ ASN1_TIME_print;
-+ BASIC_CONSTRAINTS_free;
-+ BASIC_CONSTRAINTS_new;
-+ ERR_load_X509V3_strings;
-+ NETSCAPE_CERT_SEQUENCE_free;
-+ NETSCAPE_CERT_SEQUENCE_new;
-+ OBJ_txt2obj;
-+ PEM_read_NETSCAPE_CERT_SEQUENCE;
-+ PEM_read_NS_CERT_SEQ;
-+ PEM_read_bio_NETSCAPE_CERT_SEQUENCE;
-+ PEM_read_bio_NS_CERT_SEQ;
-+ PEM_write_NETSCAPE_CERT_SEQUENCE;
-+ PEM_write_NS_CERT_SEQ;
-+ PEM_write_bio_NETSCAPE_CERT_SEQUENCE;
-+ PEM_write_bio_NS_CERT_SEQ;
-+ X509V3_EXT_add;
-+ X509V3_EXT_add_alias;
-+ X509V3_EXT_add_conf;
-+ X509V3_EXT_cleanup;
-+ X509V3_EXT_conf;
-+ X509V3_EXT_conf_nid;
-+ X509V3_EXT_get;
-+ X509V3_EXT_get_nid;
-+ X509V3_EXT_print;
-+ X509V3_EXT_print_fp;
-+ X509V3_add_standard_extensions;
-+ X509V3_add_value;
-+ X509V3_add_value_bool;
-+ X509V3_add_value_int;
-+ X509V3_conf_free;
-+ X509V3_get_value_bool;
-+ X509V3_get_value_int;
-+ X509V3_parse_list;
-+ d2i_ASN1_GENERALIZEDTIME;
-+ d2i_ASN1_TIME;
-+ d2i_BASIC_CONSTRAINTS;
-+ d2i_NETSCAPE_CERT_SEQUENCE;
-+ d2i_ext_ku;
-+ ext_ku_free;
-+ ext_ku_new;
-+ i2d_ASN1_GENERALIZEDTIME;
-+ i2d_ASN1_TIME;
-+ i2d_BASIC_CONSTRAINTS;
-+ i2d_NETSCAPE_CERT_SEQUENCE;
-+ i2d_ext_ku;
-+ EVP_MD_CTX_copy;
-+ i2d_ASN1_ENUMERATED;
-+ d2i_ASN1_ENUMERATED;
-+ ASN1_ENUMERATED_set;
-+ ASN1_ENUMERATED_get;
-+ BN_to_ASN1_ENUMERATED;
-+ ASN1_ENUMERATED_to_BN;
-+ i2a_ASN1_ENUMERATED;
-+ a2i_ASN1_ENUMERATED;
-+ i2d_GENERAL_NAME;
-+ d2i_GENERAL_NAME;
-+ GENERAL_NAME_new;
-+ GENERAL_NAME_free;
-+ GENERAL_NAMES_new;
-+ GENERAL_NAMES_free;
-+ d2i_GENERAL_NAMES;
-+ i2d_GENERAL_NAMES;
-+ i2v_GENERAL_NAMES;
-+ i2s_ASN1_OCTET_STRING;
-+ s2i_ASN1_OCTET_STRING;
-+ X509V3_EXT_check_conf;
-+ hex_to_string;
-+ string_to_hex;
-+ DES_ede3_cbcm_encrypt;
-+ RSA_padding_add_PKCS1_OAEP;
-+ RSA_padding_check_PKCS1_OAEP;
-+ X509_CRL_print_fp;
-+ X509_CRL_print;
-+ i2v_GENERAL_NAME;
-+ v2i_GENERAL_NAME;
-+ i2d_PKEY_USAGE_PERIOD;
-+ d2i_PKEY_USAGE_PERIOD;
-+ PKEY_USAGE_PERIOD_new;
-+ PKEY_USAGE_PERIOD_free;
-+ v2i_GENERAL_NAMES;
-+ i2s_ASN1_INTEGER;
-+ X509V3_EXT_d2i;
-+ name_cmp;
-+ str_dup;
-+ i2s_ASN1_ENUMERATED;
-+ i2s_ASN1_ENUMERATED_TABLE;
-+ BIO_s_log;
-+ BIO_f_reliable;
-+ PKCS7_dataFinal;
-+ PKCS7_dataDecode;
-+ X509V3_EXT_CRL_add_conf;
-+ BN_set_params;
-+ BN_get_params;
-+ BIO_get_ex_num;
-+ BIO_set_ex_free_func;
-+ EVP_ripemd160;
-+ ASN1_TIME_set;
-+ i2d_AUTHORITY_KEYID;
-+ d2i_AUTHORITY_KEYID;
-+ AUTHORITY_KEYID_new;
-+ AUTHORITY_KEYID_free;
-+ ASN1_seq_unpack;
-+ ASN1_seq_pack;
-+ ASN1_unpack_string;
-+ ASN1_pack_string;
-+ PKCS12_pack_safebag;
-+ PKCS12_MAKE_KEYBAG;
-+ PKCS8_encrypt;
-+ PKCS12_MAKE_SHKEYBAG;
-+ PKCS12_pack_p7data;
-+ PKCS12_pack_p7encdata;
-+ PKCS12_add_localkeyid;
-+ PKCS12_add_friendlyname_asc;
-+ PKCS12_add_friendlyname_uni;
-+ PKCS12_get_friendlyname;
-+ PKCS12_pbe_crypt;
-+ PKCS12_decrypt_d2i;
-+ PKCS12_i2d_encrypt;
-+ PKCS12_init;
-+ PKCS12_key_gen_asc;
-+ PKCS12_key_gen_uni;
-+ PKCS12_gen_mac;
-+ PKCS12_verify_mac;
-+ PKCS12_set_mac;
-+ PKCS12_setup_mac;
-+ OPENSSL_asc2uni;
-+ OPENSSL_uni2asc;
-+ i2d_PKCS12_BAGS;
-+ PKCS12_BAGS_new;
-+ d2i_PKCS12_BAGS;
-+ PKCS12_BAGS_free;
-+ i2d_PKCS12;
-+ d2i_PKCS12;
-+ PKCS12_new;
-+ PKCS12_free;
-+ i2d_PKCS12_MAC_DATA;
-+ PKCS12_MAC_DATA_new;
-+ d2i_PKCS12_MAC_DATA;
-+ PKCS12_MAC_DATA_free;
-+ i2d_PKCS12_SAFEBAG;
-+ PKCS12_SAFEBAG_new;
-+ d2i_PKCS12_SAFEBAG;
-+ PKCS12_SAFEBAG_free;
-+ ERR_load_PKCS12_strings;
-+ PKCS12_PBE_add;
-+ PKCS8_add_keyusage;
-+ PKCS12_get_attr_gen;
-+ PKCS12_parse;
-+ PKCS12_create;
-+ i2d_PKCS12_bio;
-+ i2d_PKCS12_fp;
-+ d2i_PKCS12_bio;
-+ d2i_PKCS12_fp;
-+ i2d_PBEPARAM;
-+ PBEPARAM_new;
-+ d2i_PBEPARAM;
-+ PBEPARAM_free;
-+ i2d_PKCS8_PRIV_KEY_INFO;
-+ PKCS8_PRIV_KEY_INFO_new;
-+ d2i_PKCS8_PRIV_KEY_INFO;
-+ PKCS8_PRIV_KEY_INFO_free;
-+ EVP_PKCS82PKEY;
-+ EVP_PKEY2PKCS8;
-+ PKCS8_set_broken;
-+ EVP_PBE_ALGOR_CipherInit;
-+ EVP_PBE_alg_add;
-+ PKCS5_pbe_set;
-+ EVP_PBE_cleanup;
-+ i2d_SXNET;
-+ d2i_SXNET;
-+ SXNET_new;
-+ SXNET_free;
-+ i2d_SXNETID;
-+ d2i_SXNETID;
-+ SXNETID_new;
-+ SXNETID_free;
-+ DSA_SIG_new;
-+ DSA_SIG_free;
-+ DSA_do_sign;
-+ DSA_do_verify;
-+ d2i_DSA_SIG;
-+ i2d_DSA_SIG;
-+ i2d_ASN1_VISIBLESTRING;
-+ d2i_ASN1_VISIBLESTRING;
-+ i2d_ASN1_UTF8STRING;
-+ d2i_ASN1_UTF8STRING;
-+ i2d_DIRECTORYSTRING;
-+ d2i_DIRECTORYSTRING;
-+ i2d_DISPLAYTEXT;
-+ d2i_DISPLAYTEXT;
-+ d2i_ASN1_SET_OF_X509;
-+ i2d_ASN1_SET_OF_X509;
-+ i2d_PBKDF2PARAM;
-+ PBKDF2PARAM_new;
-+ d2i_PBKDF2PARAM;
-+ PBKDF2PARAM_free;
-+ i2d_PBE2PARAM;
-+ PBE2PARAM_new;
-+ d2i_PBE2PARAM;
-+ PBE2PARAM_free;
-+ d2i_ASN1_SET_OF_GENERAL_NAME;
-+ i2d_ASN1_SET_OF_GENERAL_NAME;
-+ d2i_ASN1_SET_OF_SXNETID;
-+ i2d_ASN1_SET_OF_SXNETID;
-+ d2i_ASN1_SET_OF_POLICYQUALINFO;
-+ i2d_ASN1_SET_OF_POLICYQUALINFO;
-+ d2i_ASN1_SET_OF_POLICYINFO;
-+ i2d_ASN1_SET_OF_POLICYINFO;
-+ SXNET_add_id_asc;
-+ SXNET_add_id_ulong;
-+ SXNET_add_id_INTEGER;
-+ SXNET_get_id_asc;
-+ SXNET_get_id_ulong;
-+ SXNET_get_id_INTEGER;
-+ X509V3_set_conf_lhash;
-+ i2d_CERTIFICATEPOLICIES;
-+ CERTIFICATEPOLICIES_new;
-+ CERTIFICATEPOLICIES_free;
-+ d2i_CERTIFICATEPOLICIES;
-+ i2d_POLICYINFO;
-+ POLICYINFO_new;
-+ d2i_POLICYINFO;
-+ POLICYINFO_free;
-+ i2d_POLICYQUALINFO;
-+ POLICYQUALINFO_new;
-+ d2i_POLICYQUALINFO;
-+ POLICYQUALINFO_free;
-+ i2d_USERNOTICE;
-+ USERNOTICE_new;
-+ d2i_USERNOTICE;
-+ USERNOTICE_free;
-+ i2d_NOTICEREF;
-+ NOTICEREF_new;
-+ d2i_NOTICEREF;
-+ NOTICEREF_free;
-+ X509V3_get_string;
-+ X509V3_get_section;
-+ X509V3_string_free;
-+ X509V3_section_free;
-+ X509V3_set_ctx;
-+ s2i_ASN1_INTEGER;
-+ CRYPTO_set_locked_mem_functions;
-+ CRYPTO_get_locked_mem_functions;
-+ CRYPTO_malloc_locked;
-+ CRYPTO_free_locked;
-+ BN_mod_exp2_mont;
-+ ERR_get_error_line_data;
-+ ERR_peek_error_line_data;
-+ PKCS12_PBE_keyivgen;
-+ X509_ALGOR_dup;
-+ d2i_ASN1_SET_OF_DIST_POINT;
-+ i2d_ASN1_SET_OF_DIST_POINT;
-+ i2d_CRL_DIST_POINTS;
-+ CRL_DIST_POINTS_new;
-+ CRL_DIST_POINTS_free;
-+ d2i_CRL_DIST_POINTS;
-+ i2d_DIST_POINT;
-+ DIST_POINT_new;
-+ d2i_DIST_POINT;
-+ DIST_POINT_free;
-+ i2d_DIST_POINT_NAME;
-+ DIST_POINT_NAME_new;
-+ DIST_POINT_NAME_free;
-+ d2i_DIST_POINT_NAME;
-+ X509V3_add_value_uchar;
-+ d2i_ASN1_SET_OF_X509_ATTRIBUTE;
-+ i2d_ASN1_SET_OF_ASN1_TYPE;
-+ d2i_ASN1_SET_OF_X509_EXTENSION;
-+ d2i_ASN1_SET_OF_X509_NAME_ENTRY;
-+ d2i_ASN1_SET_OF_ASN1_TYPE;
-+ i2d_ASN1_SET_OF_X509_ATTRIBUTE;
-+ i2d_ASN1_SET_OF_X509_EXTENSION;
-+ i2d_ASN1_SET_OF_X509_NAME_ENTRY;
-+ X509V3_EXT_i2d;
-+ X509V3_EXT_val_prn;
-+ X509V3_EXT_add_list;
-+ EVP_CIPHER_type;
-+ EVP_PBE_CipherInit;
-+ X509V3_add_value_bool_nf;
-+ d2i_ASN1_UINTEGER;
-+ sk_value;
-+ sk_num;
-+ sk_set;
-+ i2d_ASN1_SET_OF_X509_REVOKED;
-+ sk_sort;
-+ d2i_ASN1_SET_OF_X509_REVOKED;
-+ i2d_ASN1_SET_OF_X509_ALGOR;
-+ i2d_ASN1_SET_OF_X509_CRL;
-+ d2i_ASN1_SET_OF_X509_ALGOR;
-+ d2i_ASN1_SET_OF_X509_CRL;
-+ i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO;
-+ i2d_ASN1_SET_OF_PKCS7_RECIP_INFO;
-+ d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO;
-+ d2i_ASN1_SET_OF_PKCS7_RECIP_INFO;
-+ PKCS5_PBE_add;
-+ PEM_write_bio_PKCS8;
-+ i2d_PKCS8_fp;
-+ PEM_read_bio_PKCS8_PRIV_KEY_INFO;
-+ PEM_read_bio_P8_PRIV_KEY_INFO;
-+ d2i_PKCS8_bio;
-+ d2i_PKCS8_PRIV_KEY_INFO_fp;
-+ PEM_write_bio_PKCS8_PRIV_KEY_INFO;
-+ PEM_write_bio_P8_PRIV_KEY_INFO;
-+ PEM_read_PKCS8;
-+ d2i_PKCS8_PRIV_KEY_INFO_bio;
-+ d2i_PKCS8_fp;
-+ PEM_write_PKCS8;
-+ PEM_read_PKCS8_PRIV_KEY_INFO;
-+ PEM_read_P8_PRIV_KEY_INFO;
-+ PEM_read_bio_PKCS8;
-+ PEM_write_PKCS8_PRIV_KEY_INFO;
-+ PEM_write_P8_PRIV_KEY_INFO;
-+ PKCS5_PBE_keyivgen;
-+ i2d_PKCS8_bio;
-+ i2d_PKCS8_PRIV_KEY_INFO_fp;
-+ i2d_PKCS8_PRIV_KEY_INFO_bio;
-+ BIO_s_bio;
-+ PKCS5_pbe2_set;
-+ PKCS5_PBKDF2_HMAC_SHA1;
-+ PKCS5_v2_PBE_keyivgen;
-+ PEM_write_bio_PKCS8PrivateKey;
-+ PEM_write_PKCS8PrivateKey;
-+ BIO_ctrl_get_read_request;
-+ BIO_ctrl_pending;
-+ BIO_ctrl_wpending;
-+ BIO_new_bio_pair;
-+ BIO_ctrl_get_write_guarantee;
-+ CRYPTO_num_locks;
-+ CONF_load_bio;
-+ CONF_load_fp;
-+ i2d_ASN1_SET_OF_ASN1_OBJECT;
-+ d2i_ASN1_SET_OF_ASN1_OBJECT;
-+ PKCS7_signatureVerify;
-+ RSA_set_method;
-+ RSA_get_method;
-+ RSA_get_default_method;
-+ RSA_check_key;
-+ OBJ_obj2txt;
-+ DSA_dup_DH;
-+ X509_REQ_get_extensions;
-+ X509_REQ_set_extension_nids;
-+ BIO_nwrite;
-+ X509_REQ_extension_nid;
-+ BIO_nread;
-+ X509_REQ_get_extension_nids;
-+ BIO_nwrite0;
-+ X509_REQ_add_extensions_nid;
-+ BIO_nread0;
-+ X509_REQ_add_extensions;
-+ BIO_new_mem_buf;
-+ DH_set_ex_data;
-+ DH_set_method;
-+ DSA_OpenSSL;
-+ DH_get_ex_data;
-+ DH_get_ex_new_index;
-+ DSA_new_method;
-+ DH_new_method;
-+ DH_OpenSSL;
-+ DSA_get_ex_new_index;
-+ DH_get_default_method;
-+ DSA_set_ex_data;
-+ DH_set_default_method;
-+ DSA_get_ex_data;
-+ X509V3_EXT_REQ_add_conf;
-+ NETSCAPE_SPKI_print;
-+ NETSCAPE_SPKI_set_pubkey;
-+ NETSCAPE_SPKI_b64_encode;
-+ NETSCAPE_SPKI_get_pubkey;
-+ NETSCAPE_SPKI_b64_decode;
-+ UTF8_putc;
-+ UTF8_getc;
-+ RSA_null_method;
-+ ASN1_tag2str;
-+ BIO_ctrl_reset_read_request;
-+ DISPLAYTEXT_new;
-+ ASN1_GENERALIZEDTIME_free;
-+ X509_REVOKED_get_ext_d2i;
-+ X509_set_ex_data;
-+ X509_reject_set_bit_asc;
-+ X509_NAME_add_entry_by_txt;
-+ X509_NAME_add_entry_by_NID;
-+ X509_PURPOSE_get0;
-+ PEM_read_X509_AUX;
-+ d2i_AUTHORITY_INFO_ACCESS;
-+ PEM_write_PUBKEY;
-+ ACCESS_DESCRIPTION_new;
-+ X509_CERT_AUX_free;
-+ d2i_ACCESS_DESCRIPTION;
-+ X509_trust_clear;
-+ X509_TRUST_add;
-+ ASN1_VISIBLESTRING_new;
-+ X509_alias_set1;
-+ ASN1_PRINTABLESTRING_free;
-+ EVP_PKEY_get1_DSA;
-+ ASN1_BMPSTRING_new;
-+ ASN1_mbstring_copy;
-+ ASN1_UTF8STRING_new;
-+ DSA_get_default_method;
-+ i2d_ASN1_SET_OF_ACCESS_DESCRIPTION;
-+ ASN1_T61STRING_free;
-+ DSA_set_method;
-+ X509_get_ex_data;
-+ ASN1_STRING_type;
-+ X509_PURPOSE_get_by_sname;
-+ ASN1_TIME_free;
-+ ASN1_OCTET_STRING_cmp;
-+ ASN1_BIT_STRING_new;
-+ X509_get_ext_d2i;
-+ PEM_read_bio_X509_AUX;
-+ ASN1_STRING_set_default_mask_asc;
-+ ASN1_STRING_set_def_mask_asc;
-+ PEM_write_bio_RSA_PUBKEY;
-+ ASN1_INTEGER_cmp;
-+ d2i_RSA_PUBKEY_fp;
-+ X509_trust_set_bit_asc;
-+ PEM_write_bio_DSA_PUBKEY;
-+ X509_STORE_CTX_free;
-+ EVP_PKEY_set1_DSA;
-+ i2d_DSA_PUBKEY_fp;
-+ X509_load_cert_crl_file;
-+ ASN1_TIME_new;
-+ i2d_RSA_PUBKEY;
-+ X509_STORE_CTX_purpose_inherit;
-+ PEM_read_RSA_PUBKEY;
-+ d2i_X509_AUX;
-+ i2d_DSA_PUBKEY;
-+ X509_CERT_AUX_print;
-+ PEM_read_DSA_PUBKEY;
-+ i2d_RSA_PUBKEY_bio;
-+ ASN1_BIT_STRING_num_asc;
-+ i2d_PUBKEY;
-+ ASN1_UTCTIME_free;
-+ DSA_set_default_method;
-+ X509_PURPOSE_get_by_id;
-+ ACCESS_DESCRIPTION_free;
-+ PEM_read_bio_PUBKEY;
-+ ASN1_STRING_set_by_NID;
-+ X509_PURPOSE_get_id;
-+ DISPLAYTEXT_free;
-+ OTHERNAME_new;
-+ X509_CERT_AUX_new;
-+ X509_TRUST_cleanup;
-+ X509_NAME_add_entry_by_OBJ;
-+ X509_CRL_get_ext_d2i;
-+ X509_PURPOSE_get0_name;
-+ PEM_read_PUBKEY;
-+ i2d_DSA_PUBKEY_bio;
-+ i2d_OTHERNAME;
-+ ASN1_OCTET_STRING_free;
-+ ASN1_BIT_STRING_set_asc;
-+ X509_get_ex_new_index;
-+ ASN1_STRING_TABLE_cleanup;
-+ X509_TRUST_get_by_id;
-+ X509_PURPOSE_get_trust;
-+ ASN1_STRING_length;
-+ d2i_ASN1_SET_OF_ACCESS_DESCRIPTION;
-+ ASN1_PRINTABLESTRING_new;
-+ X509V3_get_d2i;
-+ ASN1_ENUMERATED_free;
-+ i2d_X509_CERT_AUX;
-+ X509_STORE_CTX_set_trust;
-+ ASN1_STRING_set_default_mask;
-+ X509_STORE_CTX_new;
-+ EVP_PKEY_get1_RSA;
-+ DIRECTORYSTRING_free;
-+ PEM_write_X509_AUX;
-+ ASN1_OCTET_STRING_set;
-+ d2i_DSA_PUBKEY_fp;
-+ d2i_RSA_PUBKEY;
-+ X509_TRUST_get0_name;
-+ X509_TRUST_get0;
-+ AUTHORITY_INFO_ACCESS_free;
-+ ASN1_IA5STRING_new;
-+ d2i_DSA_PUBKEY;
-+ X509_check_purpose;
-+ ASN1_ENUMERATED_new;
-+ d2i_RSA_PUBKEY_bio;
-+ d2i_PUBKEY;
-+ X509_TRUST_get_trust;
-+ X509_TRUST_get_flags;
-+ ASN1_BMPSTRING_free;
-+ ASN1_T61STRING_new;
-+ ASN1_UTCTIME_new;
-+ i2d_AUTHORITY_INFO_ACCESS;
-+ EVP_PKEY_set1_RSA;
-+ X509_STORE_CTX_set_purpose;
-+ ASN1_IA5STRING_free;
-+ PEM_write_bio_X509_AUX;
-+ X509_PURPOSE_get_count;
-+ CRYPTO_add_info;
-+ X509_NAME_ENTRY_create_by_txt;
-+ ASN1_STRING_get_default_mask;
-+ X509_alias_get0;
-+ ASN1_STRING_data;
-+ i2d_ACCESS_DESCRIPTION;
-+ X509_trust_set_bit;
-+ ASN1_BIT_STRING_free;
-+ PEM_read_bio_RSA_PUBKEY;
-+ X509_add1_reject_object;
-+ X509_check_trust;
-+ PEM_read_bio_DSA_PUBKEY;
-+ X509_PURPOSE_add;
-+ ASN1_STRING_TABLE_get;
-+ ASN1_UTF8STRING_free;
-+ d2i_DSA_PUBKEY_bio;
-+ PEM_write_RSA_PUBKEY;
-+ d2i_OTHERNAME;
-+ X509_reject_set_bit;
-+ PEM_write_DSA_PUBKEY;
-+ X509_PURPOSE_get0_sname;
-+ EVP_PKEY_set1_DH;
-+ ASN1_OCTET_STRING_dup;
-+ ASN1_BIT_STRING_set;
-+ X509_TRUST_get_count;
-+ ASN1_INTEGER_free;
-+ OTHERNAME_free;
-+ i2d_RSA_PUBKEY_fp;
-+ ASN1_INTEGER_dup;
-+ d2i_X509_CERT_AUX;
-+ PEM_write_bio_PUBKEY;
-+ ASN1_VISIBLESTRING_free;
-+ X509_PURPOSE_cleanup;
-+ ASN1_mbstring_ncopy;
-+ ASN1_GENERALIZEDTIME_new;
-+ EVP_PKEY_get1_DH;
-+ ASN1_OCTET_STRING_new;
-+ ASN1_INTEGER_new;
-+ i2d_X509_AUX;
-+ ASN1_BIT_STRING_name_print;
-+ X509_cmp;
-+ ASN1_STRING_length_set;
-+ DIRECTORYSTRING_new;
-+ X509_add1_trust_object;
-+ PKCS12_newpass;
-+ SMIME_write_PKCS7;
-+ SMIME_read_PKCS7;
-+ DES_set_key_checked;
-+ PKCS7_verify;
-+ PKCS7_encrypt;
-+ DES_set_key_unchecked;
-+ SMIME_crlf_copy;
-+ i2d_ASN1_PRINTABLESTRING;
-+ PKCS7_get0_signers;
-+ PKCS7_decrypt;
-+ SMIME_text;
-+ PKCS7_simple_smimecap;
-+ PKCS7_get_smimecap;
-+ PKCS7_sign;
-+ PKCS7_add_attrib_smimecap;
-+ CRYPTO_dbg_set_options;
-+ CRYPTO_remove_all_info;
-+ CRYPTO_get_mem_debug_functions;
-+ CRYPTO_is_mem_check_on;
-+ CRYPTO_set_mem_debug_functions;
-+ CRYPTO_pop_info;
-+ CRYPTO_push_info_;
-+ CRYPTO_set_mem_debug_options;
-+ PEM_write_PKCS8PrivateKey_nid;
-+ PEM_write_bio_PKCS8PrivateKey_nid;
-+ PEM_write_bio_PKCS8PrivKey_nid;
-+ d2i_PKCS8PrivateKey_bio;
-+ ASN1_NULL_free;
-+ d2i_ASN1_NULL;
-+ ASN1_NULL_new;
-+ i2d_PKCS8PrivateKey_bio;
-+ i2d_PKCS8PrivateKey_fp;
-+ i2d_ASN1_NULL;
-+ i2d_PKCS8PrivateKey_nid_fp;
-+ d2i_PKCS8PrivateKey_fp;
-+ i2d_PKCS8PrivateKey_nid_bio;
-+ i2d_PKCS8PrivateKeyInfo_fp;
-+ i2d_PKCS8PrivateKeyInfo_bio;
-+ PEM_cb;
-+ i2d_PrivateKey_fp;
-+ d2i_PrivateKey_bio;
-+ d2i_PrivateKey_fp;
-+ i2d_PrivateKey_bio;
-+ X509_reject_clear;
-+ X509_TRUST_set_default;
-+ d2i_AutoPrivateKey;
-+ X509_ATTRIBUTE_get0_type;
-+ X509_ATTRIBUTE_set1_data;
-+ X509at_get_attr;
-+ X509at_get_attr_count;
-+ X509_ATTRIBUTE_create_by_NID;
-+ X509_ATTRIBUTE_set1_object;
-+ X509_ATTRIBUTE_count;
-+ X509_ATTRIBUTE_create_by_OBJ;
-+ X509_ATTRIBUTE_get0_object;
-+ X509at_get_attr_by_NID;
-+ X509at_add1_attr;
-+ X509_ATTRIBUTE_get0_data;
-+ X509at_delete_attr;
-+ X509at_get_attr_by_OBJ;
-+ RAND_add;
-+ BIO_number_written;
-+ BIO_number_read;
-+ X509_STORE_CTX_get1_chain;
-+ ERR_load_RAND_strings;
-+ RAND_pseudo_bytes;
-+ X509_REQ_get_attr_by_NID;
-+ X509_REQ_get_attr;
-+ X509_REQ_add1_attr_by_NID;
-+ X509_REQ_get_attr_by_OBJ;
-+ X509at_add1_attr_by_NID;
-+ X509_REQ_add1_attr_by_OBJ;
-+ X509_REQ_get_attr_count;
-+ X509_REQ_add1_attr;
-+ X509_REQ_delete_attr;
-+ X509at_add1_attr_by_OBJ;
-+ X509_REQ_add1_attr_by_txt;
-+ X509_ATTRIBUTE_create_by_txt;
-+ X509at_add1_attr_by_txt;
-+ BN_pseudo_rand;
-+ BN_is_prime_fasttest;
-+ BN_CTX_end;
-+ BN_CTX_start;
-+ BN_CTX_get;
-+ EVP_PKEY2PKCS8_broken;
-+ ASN1_STRING_TABLE_add;
-+ CRYPTO_dbg_get_options;
-+ AUTHORITY_INFO_ACCESS_new;
-+ CRYPTO_get_mem_debug_options;
-+ DES_crypt;
-+ PEM_write_bio_X509_REQ_NEW;
-+ PEM_write_X509_REQ_NEW;
-+ BIO_callback_ctrl;
-+ RAND_egd;
-+ RAND_status;
-+ bn_dump1;
-+ DES_check_key_parity;
-+ lh_num_items;
-+ RAND_event;
-+ DSO_new;
-+ DSO_new_method;
-+ DSO_free;
-+ DSO_flags;
-+ DSO_up;
-+ DSO_set_default_method;
-+ DSO_get_default_method;
-+ DSO_get_method;
-+ DSO_set_method;
-+ DSO_load;
-+ DSO_bind_var;
-+ DSO_METHOD_null;
-+ DSO_METHOD_openssl;
-+ DSO_METHOD_dlfcn;
-+ DSO_METHOD_win32;
-+ ERR_load_DSO_strings;
-+ DSO_METHOD_dl;
-+ NCONF_load;
-+ NCONF_load_fp;
-+ NCONF_new;
-+ NCONF_get_string;
-+ NCONF_free;
-+ NCONF_get_number;
-+ CONF_dump_fp;
-+ NCONF_load_bio;
-+ NCONF_dump_fp;
-+ NCONF_get_section;
-+ NCONF_dump_bio;
-+ CONF_dump_bio;
-+ NCONF_free_data;
-+ CONF_set_default_method;
-+ ERR_error_string_n;
-+ BIO_snprintf;
-+ DSO_ctrl;
-+ i2d_ASN1_SET_OF_ASN1_INTEGER;
-+ i2d_ASN1_SET_OF_PKCS12_SAFEBAG;
-+ i2d_ASN1_SET_OF_PKCS7;
-+ BIO_vfree;
-+ d2i_ASN1_SET_OF_ASN1_INTEGER;
-+ d2i_ASN1_SET_OF_PKCS12_SAFEBAG;
-+ ASN1_UTCTIME_get;
-+ X509_REQ_digest;
-+ X509_CRL_digest;
-+ d2i_ASN1_SET_OF_PKCS7;
-+ EVP_CIPHER_CTX_set_key_length;
-+ EVP_CIPHER_CTX_ctrl;
-+ BN_mod_exp_mont_word;
-+ RAND_egd_bytes;
-+ X509_REQ_get1_email;
-+ X509_get1_email;
-+ X509_email_free;
-+ i2d_RSA_NET;
-+ d2i_RSA_NET_2;
-+ d2i_RSA_NET;
-+ DSO_bind_func;
-+ CRYPTO_get_new_dynlockid;
-+ sk_new_null;
-+ CRYPTO_set_dynlock_destroy_callback;
-+ CRYPTO_set_dynlock_destroy_cb;
-+ CRYPTO_destroy_dynlockid;
-+ CRYPTO_set_dynlock_size;
-+ CRYPTO_set_dynlock_create_callback;
-+ CRYPTO_set_dynlock_create_cb;
-+ CRYPTO_set_dynlock_lock_callback;
-+ CRYPTO_set_dynlock_lock_cb;
-+ CRYPTO_get_dynlock_lock_callback;
-+ CRYPTO_get_dynlock_lock_cb;
-+ CRYPTO_get_dynlock_destroy_callback;
-+ CRYPTO_get_dynlock_destroy_cb;
-+ CRYPTO_get_dynlock_value;
-+ CRYPTO_get_dynlock_create_callback;
-+ CRYPTO_get_dynlock_create_cb;
-+ c2i_ASN1_BIT_STRING;
-+ i2c_ASN1_BIT_STRING;
-+ RAND_poll;
-+ c2i_ASN1_INTEGER;
-+ i2c_ASN1_INTEGER;
-+ BIO_dump_indent;
-+ ASN1_parse_dump;
-+ c2i_ASN1_OBJECT;
-+ X509_NAME_print_ex_fp;
-+ ASN1_STRING_print_ex_fp;
-+ X509_NAME_print_ex;
-+ ASN1_STRING_print_ex;
-+ MD4;
-+ MD4_Transform;
-+ MD4_Final;
-+ MD4_Update;
-+ MD4_Init;
-+ EVP_md4;
-+ i2d_PUBKEY_bio;
-+ i2d_PUBKEY_fp;
-+ d2i_PUBKEY_bio;
-+ ASN1_STRING_to_UTF8;
-+ BIO_vprintf;
-+ BIO_vsnprintf;
-+ d2i_PUBKEY_fp;
-+ X509_cmp_time;
-+ X509_STORE_CTX_set_time;
-+ X509_STORE_CTX_get1_issuer;
-+ X509_OBJECT_retrieve_match;
-+ X509_OBJECT_idx_by_subject;
-+ X509_STORE_CTX_set_flags;
-+ X509_STORE_CTX_trusted_stack;
-+ X509_time_adj;
-+ X509_check_issued;
-+ ASN1_UTCTIME_cmp_time_t;
-+ DES_set_weak_key_flag;
-+ DES_check_key;
-+ DES_rw_mode;
-+ RSA_PKCS1_RSAref;
-+ X509_keyid_set1;
-+ BIO_next;
-+ DSO_METHOD_vms;
-+ BIO_f_linebuffer;
-+ BN_bntest_rand;
-+ OPENSSL_issetugid;
-+ BN_rand_range;
-+ ERR_load_ENGINE_strings;
-+ ENGINE_set_DSA;
-+ ENGINE_get_finish_function;
-+ ENGINE_get_default_RSA;
-+ ENGINE_get_BN_mod_exp;
-+ DSA_get_default_openssl_method;
-+ ENGINE_set_DH;
-+ ENGINE_set_def_BN_mod_exp_crt;
-+ ENGINE_set_default_BN_mod_exp_crt;
-+ ENGINE_init;
-+ DH_get_default_openssl_method;
-+ RSA_set_default_openssl_method;
-+ ENGINE_finish;
-+ ENGINE_load_public_key;
-+ ENGINE_get_DH;
-+ ENGINE_ctrl;
-+ ENGINE_get_init_function;
-+ ENGINE_set_init_function;
-+ ENGINE_set_default_DSA;
-+ ENGINE_get_name;
-+ ENGINE_get_last;
-+ ENGINE_get_prev;
-+ ENGINE_get_default_DH;
-+ ENGINE_get_RSA;
-+ ENGINE_set_default;
-+ ENGINE_get_RAND;
-+ ENGINE_get_first;
-+ ENGINE_by_id;
-+ ENGINE_set_finish_function;
-+ ENGINE_get_def_BN_mod_exp_crt;
-+ ENGINE_get_default_BN_mod_exp_crt;
-+ RSA_get_default_openssl_method;
-+ ENGINE_set_RSA;
-+ ENGINE_load_private_key;
-+ ENGINE_set_default_RAND;
-+ ENGINE_set_BN_mod_exp;
-+ ENGINE_remove;
-+ ENGINE_free;
-+ ENGINE_get_BN_mod_exp_crt;
-+ ENGINE_get_next;
-+ ENGINE_set_name;
-+ ENGINE_get_default_DSA;
-+ ENGINE_set_default_BN_mod_exp;
-+ ENGINE_set_default_RSA;
-+ ENGINE_get_default_RAND;
-+ ENGINE_get_default_BN_mod_exp;
-+ ENGINE_set_RAND;
-+ ENGINE_set_id;
-+ ENGINE_set_BN_mod_exp_crt;
-+ ENGINE_set_default_DH;
-+ ENGINE_new;
-+ ENGINE_get_id;
-+ DSA_set_default_openssl_method;
-+ ENGINE_add;
-+ DH_set_default_openssl_method;
-+ ENGINE_get_DSA;
-+ ENGINE_get_ctrl_function;
-+ ENGINE_set_ctrl_function;
-+ BN_pseudo_rand_range;
-+ X509_STORE_CTX_set_verify_cb;
-+ ERR_load_COMP_strings;
-+ PKCS12_item_decrypt_d2i;
-+ ASN1_UTF8STRING_it;
-+ ENGINE_unregister_ciphers;
-+ ENGINE_get_ciphers;
-+ d2i_OCSP_BASICRESP;
-+ KRB5_CHECKSUM_it;
-+ EC_POINT_add;
-+ ASN1_item_ex_i2d;
-+ OCSP_CERTID_it;
-+ d2i_OCSP_RESPBYTES;
-+ X509V3_add1_i2d;
-+ PKCS7_ENVELOPE_it;
-+ UI_add_input_boolean;
-+ ENGINE_unregister_RSA;
-+ X509V3_EXT_nconf;
-+ ASN1_GENERALSTRING_free;
-+ d2i_OCSP_CERTSTATUS;
-+ X509_REVOKED_set_serialNumber;
-+ X509_print_ex;
-+ OCSP_ONEREQ_get1_ext_d2i;
-+ ENGINE_register_all_RAND;
-+ ENGINE_load_dynamic;
-+ PBKDF2PARAM_it;
-+ EXTENDED_KEY_USAGE_new;
-+ EC_GROUP_clear_free;
-+ OCSP_sendreq_bio;
-+ ASN1_item_digest;
-+ OCSP_BASICRESP_delete_ext;
-+ OCSP_SIGNATURE_it;
-+ X509_CRL_it;
-+ OCSP_BASICRESP_add_ext;
-+ KRB5_ENCKEY_it;
-+ UI_method_set_closer;
-+ X509_STORE_set_purpose;
-+ i2d_ASN1_GENERALSTRING;
-+ OCSP_response_status;
-+ i2d_OCSP_SERVICELOC;
-+ ENGINE_get_digest_engine;
-+ EC_GROUP_set_curve_GFp;
-+ OCSP_REQUEST_get_ext_by_OBJ;
-+ _ossl_old_des_random_key;
-+ ASN1_T61STRING_it;
-+ EC_GROUP_method_of;
-+ i2d_KRB5_APREQ;
-+ _ossl_old_des_encrypt;
-+ ASN1_PRINTABLE_new;
-+ HMAC_Init_ex;
-+ d2i_KRB5_AUTHENT;
-+ OCSP_archive_cutoff_new;
-+ EC_POINT_set_Jprojective_coordinates_GFp;
-+ EC_POINT_set_Jproj_coords_GFp;
-+ _ossl_old_des_is_weak_key;
-+ OCSP_BASICRESP_get_ext_by_OBJ;
-+ EC_POINT_oct2point;
-+ OCSP_SINGLERESP_get_ext_count;
-+ UI_ctrl;
-+ _shadow_DES_rw_mode;
-+ asn1_do_adb;
-+ ASN1_template_i2d;
-+ ENGINE_register_DH;
-+ UI_construct_prompt;
-+ X509_STORE_set_trust;
-+ UI_dup_input_string;
-+ d2i_KRB5_APREQ;
-+ EVP_MD_CTX_copy_ex;
-+ OCSP_request_is_signed;
-+ i2d_OCSP_REQINFO;
-+ KRB5_ENCKEY_free;
-+ OCSP_resp_get0;
-+ GENERAL_NAME_it;
-+ ASN1_GENERALIZEDTIME_it;
-+ X509_STORE_set_flags;
-+ EC_POINT_set_compressed_coordinates_GFp;
-+ EC_POINT_set_compr_coords_GFp;
-+ OCSP_response_status_str;
-+ d2i_OCSP_REVOKEDINFO;
-+ OCSP_basic_add1_cert;
-+ ERR_get_implementation;
-+ EVP_CipherFinal_ex;
-+ OCSP_CERTSTATUS_new;
-+ CRYPTO_cleanup_all_ex_data;
-+ OCSP_resp_find;
-+ BN_nnmod;
-+ X509_CRL_sort;
-+ X509_REVOKED_set_revocationDate;
-+ ENGINE_register_RAND;
-+ OCSP_SERVICELOC_new;
-+ EC_POINT_set_affine_coordinates_GFp;
-+ EC_POINT_set_affine_coords_GFp;
-+ _ossl_old_des_options;
-+ SXNET_it;
-+ UI_dup_input_boolean;
-+ PKCS12_add_CSPName_asc;
-+ EC_POINT_is_at_infinity;
-+ ENGINE_load_cryptodev;
-+ DSO_convert_filename;
-+ POLICYQUALINFO_it;
-+ ENGINE_register_ciphers;
-+ BN_mod_lshift_quick;
-+ DSO_set_filename;
-+ ASN1_item_free;
-+ KRB5_TKTBODY_free;
-+ AUTHORITY_KEYID_it;
-+ KRB5_APREQBODY_new;
-+ X509V3_EXT_REQ_add_nconf;
-+ ENGINE_ctrl_cmd_string;
-+ i2d_OCSP_RESPDATA;
-+ EVP_MD_CTX_init;
-+ EXTENDED_KEY_USAGE_free;
-+ PKCS7_ATTR_SIGN_it;
-+ UI_add_error_string;
-+ KRB5_CHECKSUM_free;
-+ OCSP_REQUEST_get_ext;
-+ ENGINE_load_ubsec;
-+ ENGINE_register_all_digests;
-+ PKEY_USAGE_PERIOD_it;
-+ PKCS12_unpack_authsafes;
-+ ASN1_item_unpack;
-+ NETSCAPE_SPKAC_it;
-+ X509_REVOKED_it;
-+ ASN1_STRING_encode;
-+ EVP_aes_128_ecb;
-+ KRB5_AUTHENT_free;
-+ OCSP_BASICRESP_get_ext_by_critical;
-+ OCSP_BASICRESP_get_ext_by_crit;
-+ OCSP_cert_status_str;
-+ d2i_OCSP_REQUEST;
-+ UI_dup_info_string;
-+ _ossl_old_des_xwhite_in2out;
-+ PKCS12_it;
-+ OCSP_SINGLERESP_get_ext_by_critical;
-+ OCSP_SINGLERESP_get_ext_by_crit;
-+ OCSP_CERTSTATUS_free;
-+ _ossl_old_des_crypt;
-+ ASN1_item_i2d;
-+ EVP_DecryptFinal_ex;
-+ ENGINE_load_openssl;
-+ ENGINE_get_cmd_defns;
-+ ENGINE_set_load_privkey_function;
-+ ENGINE_set_load_privkey_fn;
-+ EVP_EncryptFinal_ex;
-+ ENGINE_set_default_digests;
-+ X509_get0_pubkey_bitstr;
-+ asn1_ex_i2c;
-+ ENGINE_register_RSA;
-+ ENGINE_unregister_DSA;
-+ _ossl_old_des_key_sched;
-+ X509_EXTENSION_it;
-+ i2d_KRB5_AUTHENT;
-+ SXNETID_it;
-+ d2i_OCSP_SINGLERESP;
-+ EDIPARTYNAME_new;
-+ PKCS12_certbag2x509;
-+ _ossl_old_des_ofb64_encrypt;
-+ d2i_EXTENDED_KEY_USAGE;
-+ ERR_print_errors_cb;
-+ ENGINE_set_ciphers;
-+ d2i_KRB5_APREQBODY;
-+ UI_method_get_flusher;
-+ X509_PUBKEY_it;
-+ _ossl_old_des_enc_read;
-+ PKCS7_ENCRYPT_it;
-+ i2d_OCSP_RESPONSE;
-+ EC_GROUP_get_cofactor;
-+ PKCS12_unpack_p7data;
-+ d2i_KRB5_AUTHDATA;
-+ OCSP_copy_nonce;
-+ KRB5_AUTHDATA_new;
-+ OCSP_RESPDATA_new;
-+ EC_GFp_mont_method;
-+ OCSP_REVOKEDINFO_free;
-+ UI_get_ex_data;
-+ KRB5_APREQBODY_free;
-+ EC_GROUP_get0_generator;
-+ UI_get_default_method;
-+ X509V3_set_nconf;
-+ PKCS12_item_i2d_encrypt;
-+ X509_add1_ext_i2d;
-+ PKCS7_SIGNER_INFO_it;
-+ KRB5_PRINCNAME_new;
-+ PKCS12_SAFEBAG_it;
-+ EC_GROUP_get_order;
-+ d2i_OCSP_RESPID;
-+ OCSP_request_verify;
-+ NCONF_get_number_e;
-+ _ossl_old_des_decrypt3;
-+ X509_signature_print;
-+ OCSP_SINGLERESP_free;
-+ ENGINE_load_builtin_engines;
-+ i2d_OCSP_ONEREQ;
-+ OCSP_REQUEST_add_ext;
-+ OCSP_RESPBYTES_new;
-+ EVP_MD_CTX_create;
-+ OCSP_resp_find_status;
-+ X509_ALGOR_it;
-+ ASN1_TIME_it;
-+ OCSP_request_set1_name;
-+ OCSP_ONEREQ_get_ext_count;
-+ UI_get0_result;
-+ PKCS12_AUTHSAFES_it;
-+ EVP_aes_256_ecb;
-+ PKCS12_pack_authsafes;
-+ ASN1_IA5STRING_it;
-+ UI_get_input_flags;
-+ EC_GROUP_set_generator;
-+ _ossl_old_des_string_to_2keys;
-+ OCSP_CERTID_free;
-+ X509_CERT_AUX_it;
-+ CERTIFICATEPOLICIES_it;
-+ _ossl_old_des_ede3_cbc_encrypt;
-+ RAND_set_rand_engine;
-+ DSO_get_loaded_filename;
-+ X509_ATTRIBUTE_it;
-+ OCSP_ONEREQ_get_ext_by_NID;
-+ PKCS12_decrypt_skey;
-+ KRB5_AUTHENT_it;
-+ UI_dup_error_string;
-+ RSAPublicKey_it;
-+ i2d_OCSP_REQUEST;
-+ PKCS12_x509crl2certbag;
-+ OCSP_SERVICELOC_it;
-+ ASN1_item_sign;
-+ X509_CRL_set_issuer_name;
-+ OBJ_NAME_do_all_sorted;
-+ i2d_OCSP_BASICRESP;
-+ i2d_OCSP_RESPBYTES;
-+ PKCS12_unpack_p7encdata;
-+ HMAC_CTX_init;
-+ ENGINE_get_digest;
-+ OCSP_RESPONSE_print;
-+ KRB5_TKTBODY_it;
-+ ACCESS_DESCRIPTION_it;
-+ PKCS7_ISSUER_AND_SERIAL_it;
-+ PBE2PARAM_it;
-+ PKCS12_certbag2x509crl;
-+ PKCS7_SIGNED_it;
-+ ENGINE_get_cipher;
-+ i2d_OCSP_CRLID;
-+ OCSP_SINGLERESP_new;
-+ ENGINE_cmd_is_executable;
-+ RSA_up_ref;
-+ ASN1_GENERALSTRING_it;
-+ ENGINE_register_DSA;
-+ X509V3_EXT_add_nconf_sk;
-+ ENGINE_set_load_pubkey_function;
-+ PKCS8_decrypt;
-+ PEM_bytes_read_bio;
-+ DIRECTORYSTRING_it;
-+ d2i_OCSP_CRLID;
-+ EC_POINT_is_on_curve;
-+ CRYPTO_set_locked_mem_ex_functions;
-+ CRYPTO_set_locked_mem_ex_funcs;
-+ d2i_KRB5_CHECKSUM;
-+ ASN1_item_dup;
-+ X509_it;
-+ BN_mod_add;
-+ KRB5_AUTHDATA_free;
-+ _ossl_old_des_cbc_cksum;
-+ ASN1_item_verify;
-+ CRYPTO_set_mem_ex_functions;
-+ EC_POINT_get_Jprojective_coordinates_GFp;
-+ EC_POINT_get_Jproj_coords_GFp;
-+ ZLONG_it;
-+ CRYPTO_get_locked_mem_ex_functions;
-+ CRYPTO_get_locked_mem_ex_funcs;
-+ ASN1_TIME_check;
-+ UI_get0_user_data;
-+ HMAC_CTX_cleanup;
-+ DSA_up_ref;
-+ _ossl_old_des_ede3_cfb64_encrypt;
-+ _ossl_odes_ede3_cfb64_encrypt;
-+ ASN1_BMPSTRING_it;
-+ ASN1_tag2bit;
-+ UI_method_set_flusher;
-+ X509_ocspid_print;
-+ KRB5_ENCDATA_it;
-+ ENGINE_get_load_pubkey_function;
-+ UI_add_user_data;
-+ OCSP_REQUEST_delete_ext;
-+ UI_get_method;
-+ OCSP_ONEREQ_free;
-+ ASN1_PRINTABLESTRING_it;
-+ X509_CRL_set_nextUpdate;
-+ OCSP_REQUEST_it;
-+ OCSP_BASICRESP_it;
-+ AES_ecb_encrypt;
-+ BN_mod_sqr;
-+ NETSCAPE_CERT_SEQUENCE_it;
-+ GENERAL_NAMES_it;
-+ AUTHORITY_INFO_ACCESS_it;
-+ ASN1_FBOOLEAN_it;
-+ UI_set_ex_data;
-+ _ossl_old_des_string_to_key;
-+ ENGINE_register_all_RSA;
-+ d2i_KRB5_PRINCNAME;
-+ OCSP_RESPBYTES_it;
-+ X509_CINF_it;
-+ ENGINE_unregister_digests;
-+ d2i_EDIPARTYNAME;
-+ d2i_OCSP_SERVICELOC;
-+ ENGINE_get_digests;
-+ _ossl_old_des_set_odd_parity;
-+ OCSP_RESPDATA_free;
-+ d2i_KRB5_TICKET;
-+ OTHERNAME_it;
-+ EVP_MD_CTX_cleanup;
-+ d2i_ASN1_GENERALSTRING;
-+ X509_CRL_set_version;
-+ BN_mod_sub;
-+ OCSP_SINGLERESP_get_ext_by_NID;
-+ ENGINE_get_ex_new_index;
-+ OCSP_REQUEST_free;
-+ OCSP_REQUEST_add1_ext_i2d;
-+ X509_VAL_it;
-+ EC_POINTs_make_affine;
-+ EC_POINT_mul;
-+ X509V3_EXT_add_nconf;
-+ X509_TRUST_set;
-+ X509_CRL_add1_ext_i2d;
-+ _ossl_old_des_fcrypt;
-+ DISPLAYTEXT_it;
-+ X509_CRL_set_lastUpdate;
-+ OCSP_BASICRESP_free;
-+ OCSP_BASICRESP_add1_ext_i2d;
-+ d2i_KRB5_AUTHENTBODY;
-+ CRYPTO_set_ex_data_implementation;
-+ CRYPTO_set_ex_data_impl;
-+ KRB5_ENCDATA_new;
-+ DSO_up_ref;
-+ OCSP_crl_reason_str;
-+ UI_get0_result_string;
-+ ASN1_GENERALSTRING_new;
-+ X509_SIG_it;
-+ ERR_set_implementation;
-+ ERR_load_EC_strings;
-+ UI_get0_action_string;
-+ OCSP_ONEREQ_get_ext;
-+ EC_POINT_method_of;
-+ i2d_KRB5_APREQBODY;
-+ _ossl_old_des_ecb3_encrypt;
-+ CRYPTO_get_mem_ex_functions;
-+ ENGINE_get_ex_data;
-+ UI_destroy_method;
-+ ASN1_item_i2d_bio;
-+ OCSP_ONEREQ_get_ext_by_OBJ;
-+ ASN1_primitive_new;
-+ ASN1_PRINTABLE_it;
-+ EVP_aes_192_ecb;
-+ OCSP_SIGNATURE_new;
-+ LONG_it;
-+ ASN1_VISIBLESTRING_it;
-+ OCSP_SINGLERESP_add1_ext_i2d;
-+ d2i_OCSP_CERTID;
-+ ASN1_item_d2i_fp;
-+ CRL_DIST_POINTS_it;
-+ GENERAL_NAME_print;
-+ OCSP_SINGLERESP_delete_ext;
-+ PKCS12_SAFEBAGS_it;
-+ d2i_OCSP_SIGNATURE;
-+ OCSP_request_add1_nonce;
-+ ENGINE_set_cmd_defns;
-+ OCSP_SERVICELOC_free;
-+ EC_GROUP_free;
-+ ASN1_BIT_STRING_it;
-+ X509_REQ_it;
-+ _ossl_old_des_cbc_encrypt;
-+ ERR_unload_strings;
-+ PKCS7_SIGN_ENVELOPE_it;
-+ EDIPARTYNAME_free;
-+ OCSP_REQINFO_free;
-+ EC_GROUP_new_curve_GFp;
-+ OCSP_REQUEST_get1_ext_d2i;
-+ PKCS12_item_pack_safebag;
-+ asn1_ex_c2i;
-+ ENGINE_register_digests;
-+ i2d_OCSP_REVOKEDINFO;
-+ asn1_enc_restore;
-+ UI_free;
-+ UI_new_method;
-+ EVP_EncryptInit_ex;
-+ X509_pubkey_digest;
-+ EC_POINT_invert;
-+ OCSP_basic_sign;
-+ i2d_OCSP_RESPID;
-+ OCSP_check_nonce;
-+ ENGINE_ctrl_cmd;
-+ d2i_KRB5_ENCKEY;
-+ OCSP_parse_url;
-+ OCSP_SINGLERESP_get_ext;
-+ OCSP_CRLID_free;
-+ OCSP_BASICRESP_get1_ext_d2i;
-+ RSAPrivateKey_it;
-+ ENGINE_register_all_DH;
-+ i2d_EDIPARTYNAME;
-+ EC_POINT_get_affine_coordinates_GFp;
-+ EC_POINT_get_affine_coords_GFp;
-+ OCSP_CRLID_new;
-+ ENGINE_get_flags;
-+ OCSP_ONEREQ_it;
-+ UI_process;
-+ ASN1_INTEGER_it;
-+ EVP_CipherInit_ex;
-+ UI_get_string_type;
-+ ENGINE_unregister_DH;
-+ ENGINE_register_all_DSA;
-+ OCSP_ONEREQ_get_ext_by_critical;
-+ bn_dup_expand;
-+ OCSP_cert_id_new;
-+ BASIC_CONSTRAINTS_it;
-+ BN_mod_add_quick;
-+ EC_POINT_new;
-+ EVP_MD_CTX_destroy;
-+ OCSP_RESPBYTES_free;
-+ EVP_aes_128_cbc;
-+ OCSP_SINGLERESP_get1_ext_d2i;
-+ EC_POINT_free;
-+ DH_up_ref;
-+ X509_NAME_ENTRY_it;
-+ UI_get_ex_new_index;
-+ BN_mod_sub_quick;
-+ OCSP_ONEREQ_add_ext;
-+ OCSP_request_sign;
-+ EVP_DigestFinal_ex;
-+ ENGINE_set_digests;
-+ OCSP_id_issuer_cmp;
-+ OBJ_NAME_do_all;
-+ EC_POINTs_mul;
-+ ENGINE_register_complete;
-+ X509V3_EXT_nconf_nid;
-+ ASN1_SEQUENCE_it;
-+ UI_set_default_method;
-+ RAND_query_egd_bytes;
-+ UI_method_get_writer;
-+ UI_OpenSSL;
-+ PEM_def_callback;
-+ ENGINE_cleanup;
-+ DIST_POINT_it;
-+ OCSP_SINGLERESP_it;
-+ d2i_KRB5_TKTBODY;
-+ EC_POINT_cmp;
-+ OCSP_REVOKEDINFO_new;
-+ i2d_OCSP_CERTSTATUS;
-+ OCSP_basic_add1_nonce;
-+ ASN1_item_ex_d2i;
-+ BN_mod_lshift1_quick;
-+ UI_set_method;
-+ OCSP_id_get0_info;
-+ BN_mod_sqrt;
-+ EC_GROUP_copy;
-+ KRB5_ENCDATA_free;
-+ _ossl_old_des_cfb_encrypt;
-+ OCSP_SINGLERESP_get_ext_by_OBJ;
-+ OCSP_cert_to_id;
-+ OCSP_RESPID_new;
-+ OCSP_RESPDATA_it;
-+ d2i_OCSP_RESPDATA;
-+ ENGINE_register_all_complete;
-+ OCSP_check_validity;
-+ PKCS12_BAGS_it;
-+ OCSP_url_svcloc_new;
-+ ASN1_template_free;
-+ OCSP_SINGLERESP_add_ext;
-+ KRB5_AUTHENTBODY_it;
-+ X509_supported_extension;
-+ i2d_KRB5_AUTHDATA;
-+ UI_method_get_opener;
-+ ENGINE_set_ex_data;
-+ OCSP_REQUEST_print;
-+ CBIGNUM_it;
-+ KRB5_TICKET_new;
-+ KRB5_APREQ_new;
-+ EC_GROUP_get_curve_GFp;
-+ KRB5_ENCKEY_new;
-+ ASN1_template_d2i;
-+ _ossl_old_des_quad_cksum;
-+ OCSP_single_get0_status;
-+ BN_swap;
-+ POLICYINFO_it;
-+ ENGINE_set_destroy_function;
-+ asn1_enc_free;
-+ OCSP_RESPID_it;
-+ EC_GROUP_new;
-+ EVP_aes_256_cbc;
-+ i2d_KRB5_PRINCNAME;
-+ _ossl_old_des_encrypt2;
-+ _ossl_old_des_encrypt3;
-+ PKCS8_PRIV_KEY_INFO_it;
-+ OCSP_REQINFO_it;
-+ PBEPARAM_it;
-+ KRB5_AUTHENTBODY_new;
-+ X509_CRL_add0_revoked;
-+ EDIPARTYNAME_it;
-+ NETSCAPE_SPKI_it;
-+ UI_get0_test_string;
-+ ENGINE_get_cipher_engine;
-+ ENGINE_register_all_ciphers;
-+ EC_POINT_copy;
-+ BN_kronecker;
-+ _ossl_old_des_ede3_ofb64_encrypt;
-+ _ossl_odes_ede3_ofb64_encrypt;
-+ UI_method_get_reader;
-+ OCSP_BASICRESP_get_ext_count;
-+ ASN1_ENUMERATED_it;
-+ UI_set_result;
-+ i2d_KRB5_TICKET;
-+ X509_print_ex_fp;
-+ EVP_CIPHER_CTX_set_padding;
-+ d2i_OCSP_RESPONSE;
-+ ASN1_UTCTIME_it;
-+ _ossl_old_des_enc_write;
-+ OCSP_RESPONSE_new;
-+ AES_set_encrypt_key;
-+ OCSP_resp_count;
-+ KRB5_CHECKSUM_new;
-+ ENGINE_load_cswift;
-+ OCSP_onereq_get0_id;
-+ ENGINE_set_default_ciphers;
-+ NOTICEREF_it;
-+ X509V3_EXT_CRL_add_nconf;
-+ OCSP_REVOKEDINFO_it;
-+ AES_encrypt;
-+ OCSP_REQUEST_new;
-+ ASN1_ANY_it;
-+ CRYPTO_ex_data_new_class;
-+ _ossl_old_des_ncbc_encrypt;
-+ i2d_KRB5_TKTBODY;
-+ EC_POINT_clear_free;
-+ AES_decrypt;
-+ asn1_enc_init;
-+ UI_get_result_maxsize;
-+ OCSP_CERTID_new;
-+ ENGINE_unregister_RAND;
-+ UI_method_get_closer;
-+ d2i_KRB5_ENCDATA;
-+ OCSP_request_onereq_count;
-+ OCSP_basic_verify;
-+ KRB5_AUTHENTBODY_free;
-+ ASN1_item_d2i;
-+ ASN1_primitive_free;
-+ i2d_EXTENDED_KEY_USAGE;
-+ i2d_OCSP_SIGNATURE;
-+ asn1_enc_save;
-+ ENGINE_load_nuron;
-+ _ossl_old_des_pcbc_encrypt;
-+ PKCS12_MAC_DATA_it;
-+ OCSP_accept_responses_new;
-+ asn1_do_lock;
-+ PKCS7_ATTR_VERIFY_it;
-+ KRB5_APREQBODY_it;
-+ i2d_OCSP_SINGLERESP;
-+ ASN1_item_ex_new;
-+ UI_add_verify_string;
-+ _ossl_old_des_set_key;
-+ KRB5_PRINCNAME_it;
-+ EVP_DecryptInit_ex;
-+ i2d_OCSP_CERTID;
-+ ASN1_item_d2i_bio;
-+ EC_POINT_dbl;
-+ asn1_get_choice_selector;
-+ i2d_KRB5_CHECKSUM;
-+ ENGINE_set_table_flags;
-+ AES_options;
-+ ENGINE_load_chil;
-+ OCSP_id_cmp;
-+ OCSP_BASICRESP_new;
-+ OCSP_REQUEST_get_ext_by_NID;
-+ KRB5_APREQ_it;
-+ ENGINE_get_destroy_function;
-+ CONF_set_nconf;
-+ ASN1_PRINTABLE_free;
-+ OCSP_BASICRESP_get_ext_by_NID;
-+ DIST_POINT_NAME_it;
-+ X509V3_extensions_print;
-+ _ossl_old_des_cfb64_encrypt;
-+ X509_REVOKED_add1_ext_i2d;
-+ _ossl_old_des_ofb_encrypt;
-+ KRB5_TKTBODY_new;
-+ ASN1_OCTET_STRING_it;
-+ ERR_load_UI_strings;
-+ i2d_KRB5_ENCKEY;
-+ ASN1_template_new;
-+ OCSP_SIGNATURE_free;
-+ ASN1_item_i2d_fp;
-+ KRB5_PRINCNAME_free;
-+ PKCS7_RECIP_INFO_it;
-+ EXTENDED_KEY_USAGE_it;
-+ EC_GFp_simple_method;
-+ EC_GROUP_precompute_mult;
-+ OCSP_request_onereq_get0;
-+ UI_method_set_writer;
-+ KRB5_AUTHENT_new;
-+ X509_CRL_INFO_it;
-+ DSO_set_name_converter;
-+ AES_set_decrypt_key;
-+ PKCS7_DIGEST_it;
-+ PKCS12_x5092certbag;
-+ EVP_DigestInit_ex;
-+ i2a_ACCESS_DESCRIPTION;
-+ OCSP_RESPONSE_it;
-+ PKCS7_ENC_CONTENT_it;
-+ OCSP_request_add0_id;
-+ EC_POINT_make_affine;
-+ DSO_get_filename;
-+ OCSP_CERTSTATUS_it;
-+ OCSP_request_add1_cert;
-+ UI_get0_output_string;
-+ UI_dup_verify_string;
-+ BN_mod_lshift;
-+ KRB5_AUTHDATA_it;
-+ asn1_set_choice_selector;
-+ OCSP_basic_add1_status;
-+ OCSP_RESPID_free;
-+ asn1_get_field_ptr;
-+ UI_add_input_string;
-+ OCSP_CRLID_it;
-+ i2d_KRB5_AUTHENTBODY;
-+ OCSP_REQUEST_get_ext_count;
-+ ENGINE_load_atalla;
-+ X509_NAME_it;
-+ USERNOTICE_it;
-+ OCSP_REQINFO_new;
-+ OCSP_BASICRESP_get_ext;
-+ CRYPTO_get_ex_data_implementation;
-+ CRYPTO_get_ex_data_impl;
-+ ASN1_item_pack;
-+ i2d_KRB5_ENCDATA;
-+ X509_PURPOSE_set;
-+ X509_REQ_INFO_it;
-+ UI_method_set_opener;
-+ ASN1_item_ex_free;
-+ ASN1_BOOLEAN_it;
-+ ENGINE_get_table_flags;
-+ UI_create_method;
-+ OCSP_ONEREQ_add1_ext_i2d;
-+ _shadow_DES_check_key;
-+ d2i_OCSP_REQINFO;
-+ UI_add_info_string;
-+ UI_get_result_minsize;
-+ ASN1_NULL_it;
-+ BN_mod_lshift1;
-+ d2i_OCSP_ONEREQ;
-+ OCSP_ONEREQ_new;
-+ KRB5_TICKET_it;
-+ EVP_aes_192_cbc;
-+ KRB5_TICKET_free;
-+ UI_new;
-+ OCSP_response_create;
-+ _ossl_old_des_xcbc_encrypt;
-+ PKCS7_it;
-+ OCSP_REQUEST_get_ext_by_critical;
-+ OCSP_REQUEST_get_ext_by_crit;
-+ ENGINE_set_flags;
-+ _ossl_old_des_ecb_encrypt;
-+ OCSP_response_get1_basic;
-+ EVP_Digest;
-+ OCSP_ONEREQ_delete_ext;
-+ ASN1_TBOOLEAN_it;
-+ ASN1_item_new;
-+ ASN1_TIME_to_generalizedtime;
-+ BIGNUM_it;
-+ AES_cbc_encrypt;
-+ ENGINE_get_load_privkey_function;
-+ ENGINE_get_load_privkey_fn;
-+ OCSP_RESPONSE_free;
-+ UI_method_set_reader;
-+ i2d_ASN1_T61STRING;
-+ EC_POINT_set_to_infinity;
-+ ERR_load_OCSP_strings;
-+ EC_POINT_point2oct;
-+ KRB5_APREQ_free;
-+ ASN1_OBJECT_it;
-+ OCSP_crlID_new;
-+ OCSP_crlID2_new;
-+ CONF_modules_load_file;
-+ CONF_imodule_set_usr_data;
-+ ENGINE_set_default_string;
-+ CONF_module_get_usr_data;
-+ ASN1_add_oid_module;
-+ CONF_modules_finish;
-+ OPENSSL_config;
-+ CONF_modules_unload;
-+ CONF_imodule_get_value;
-+ CONF_module_set_usr_data;
-+ CONF_parse_list;
-+ CONF_module_add;
-+ CONF_get1_default_config_file;
-+ CONF_imodule_get_flags;
-+ CONF_imodule_get_module;
-+ CONF_modules_load;
-+ CONF_imodule_get_name;
-+ ERR_peek_top_error;
-+ CONF_imodule_get_usr_data;
-+ CONF_imodule_set_flags;
-+ ENGINE_add_conf_module;
-+ ERR_peek_last_error_line;
-+ ERR_peek_last_error_line_data;
-+ ERR_peek_last_error;
-+ DES_read_2passwords;
-+ DES_read_password;
-+ UI_UTIL_read_pw;
-+ UI_UTIL_read_pw_string;
-+ ENGINE_load_aep;
-+ ENGINE_load_sureware;
-+ OPENSSL_add_all_algorithms_noconf;
-+ OPENSSL_add_all_algo_noconf;
-+ OPENSSL_add_all_algorithms_conf;
-+ OPENSSL_add_all_algo_conf;
-+ OPENSSL_load_builtin_modules;
-+ AES_ofb128_encrypt;
-+ AES_ctr128_encrypt;
-+ AES_cfb128_encrypt;
-+ ENGINE_load_4758cca;
-+ _ossl_096_des_random_seed;
-+ EVP_aes_256_ofb;
-+ EVP_aes_192_ofb;
-+ EVP_aes_128_cfb128;
-+ EVP_aes_256_cfb128;
-+ EVP_aes_128_ofb;
-+ EVP_aes_192_cfb128;
-+ CONF_modules_free;
-+ NCONF_default;
-+ OPENSSL_no_config;
-+ NCONF_WIN32;
-+ ASN1_UNIVERSALSTRING_new;
-+ EVP_des_ede_ecb;
-+ i2d_ASN1_UNIVERSALSTRING;
-+ ASN1_UNIVERSALSTRING_free;
-+ ASN1_UNIVERSALSTRING_it;
-+ d2i_ASN1_UNIVERSALSTRING;
-+ EVP_des_ede3_ecb;
-+ X509_REQ_print_ex;
-+ ENGINE_up_ref;
-+ BUF_MEM_grow_clean;
-+ CRYPTO_realloc_clean;
-+ BUF_strlcat;
-+ BIO_indent;
-+ BUF_strlcpy;
-+ OpenSSLDie;
-+ OPENSSL_cleanse;
-+ ENGINE_setup_bsd_cryptodev;
-+ ERR_release_err_state_table;
-+ EVP_aes_128_cfb8;
-+ FIPS_corrupt_rsa;
-+ FIPS_selftest_des;
-+ EVP_aes_128_cfb1;
-+ EVP_aes_192_cfb8;
-+ FIPS_mode_set;
-+ FIPS_selftest_dsa;
-+ EVP_aes_256_cfb8;
-+ FIPS_allow_md5;
-+ DES_ede3_cfb_encrypt;
-+ EVP_des_ede3_cfb8;
-+ FIPS_rand_seeded;
-+ AES_cfbr_encrypt_block;
-+ AES_cfb8_encrypt;
-+ FIPS_rand_seed;
-+ FIPS_corrupt_des;
-+ EVP_aes_192_cfb1;
-+ FIPS_selftest_aes;
-+ FIPS_set_prng_key;
-+ EVP_des_cfb8;
-+ FIPS_corrupt_dsa;
-+ FIPS_test_mode;
-+ FIPS_rand_method;
-+ EVP_aes_256_cfb1;
-+ ERR_load_FIPS_strings;
-+ FIPS_corrupt_aes;
-+ FIPS_selftest_sha1;
-+ FIPS_selftest_rsa;
-+ FIPS_corrupt_sha1;
-+ EVP_des_cfb1;
-+ FIPS_dsa_check;
-+ AES_cfb1_encrypt;
-+ EVP_des_ede3_cfb1;
-+ FIPS_rand_check;
-+ FIPS_md5_allowed;
-+ FIPS_mode;
-+ FIPS_selftest_failed;
-+ sk_is_sorted;
-+ X509_check_ca;
-+ HMAC_CTX_set_flags;
-+ d2i_PROXY_CERT_INFO_EXTENSION;
-+ PROXY_POLICY_it;
-+ i2d_PROXY_POLICY;
-+ i2d_PROXY_CERT_INFO_EXTENSION;
-+ d2i_PROXY_POLICY;
-+ PROXY_CERT_INFO_EXTENSION_new;
-+ PROXY_CERT_INFO_EXTENSION_free;
-+ PROXY_CERT_INFO_EXTENSION_it;
-+ PROXY_POLICY_free;
-+ PROXY_POLICY_new;
-+ BN_MONT_CTX_set_locked;
-+ FIPS_selftest_rng;
-+ EVP_sha384;
-+ EVP_sha512;
-+ EVP_sha224;
-+ EVP_sha256;
-+ FIPS_selftest_hmac;
-+ FIPS_corrupt_rng;
-+ BN_mod_exp_mont_consttime;
-+ RSA_X931_hash_id;
-+ RSA_padding_check_X931;
-+ RSA_verify_PKCS1_PSS;
-+ RSA_padding_add_X931;
-+ RSA_padding_add_PKCS1_PSS;
-+ PKCS1_MGF1;
-+ BN_X931_generate_Xpq;
-+ RSA_X931_generate_key;
-+ BN_X931_derive_prime;
-+ BN_X931_generate_prime;
-+ RSA_X931_derive;
-+ BIO_new_dgram;
-+ BN_get0_nist_prime_384;
-+ ERR_set_mark;
-+ X509_STORE_CTX_set0_crls;
-+ ENGINE_set_STORE;
-+ ENGINE_register_ECDSA;
-+ STORE_meth_set_list_start_fn;
-+ STORE_method_set_list_start_function;
-+ BN_BLINDING_invert_ex;
-+ NAME_CONSTRAINTS_free;
-+ STORE_ATTR_INFO_set_number;
-+ BN_BLINDING_get_thread_id;
-+ X509_STORE_CTX_set0_param;
-+ POLICY_MAPPING_it;
-+ STORE_parse_attrs_start;
-+ POLICY_CONSTRAINTS_free;
-+ EVP_PKEY_add1_attr_by_NID;
-+ BN_nist_mod_192;
-+ EC_GROUP_get_trinomial_basis;
-+ STORE_set_method;
-+ GENERAL_SUBTREE_free;
-+ NAME_CONSTRAINTS_it;
-+ ECDH_get_default_method;
-+ PKCS12_add_safe;
-+ EC_KEY_new_by_curve_name;
-+ STORE_meth_get_update_store_fn;
-+ STORE_method_get_update_store_function;
-+ ENGINE_register_ECDH;
-+ SHA512_Update;
-+ i2d_ECPrivateKey;
-+ BN_get0_nist_prime_192;
-+ STORE_modify_certificate;
-+ EC_POINT_set_affine_coordinates_GF2m;
-+ EC_POINT_set_affine_coords_GF2m;
-+ BN_GF2m_mod_exp_arr;
-+ STORE_ATTR_INFO_modify_number;
-+ X509_keyid_get0;
-+ ENGINE_load_gmp;
-+ pitem_new;
-+ BN_GF2m_mod_mul_arr;
-+ STORE_list_public_key_endp;
-+ o2i_ECPublicKey;
-+ EC_KEY_copy;
-+ BIO_dump_fp;
-+ X509_policy_node_get0_parent;
-+ EC_GROUP_check_discriminant;
-+ i2o_ECPublicKey;
-+ EC_KEY_precompute_mult;
-+ a2i_IPADDRESS;
-+ STORE_meth_set_initialise_fn;
-+ STORE_method_set_initialise_function;
-+ X509_STORE_CTX_set_depth;
-+ X509_VERIFY_PARAM_inherit;
-+ EC_POINT_point2bn;
-+ STORE_ATTR_INFO_set_dn;
-+ X509_policy_tree_get0_policies;
-+ EC_GROUP_new_curve_GF2m;
-+ STORE_destroy_method;
-+ ENGINE_unregister_STORE;
-+ EVP_PKEY_get1_EC_KEY;
-+ STORE_ATTR_INFO_get0_number;
-+ ENGINE_get_default_ECDH;
-+ EC_KEY_get_conv_form;
-+ ASN1_OCTET_STRING_NDEF_it;
-+ STORE_delete_public_key;
-+ STORE_get_public_key;
-+ STORE_modify_arbitrary;
-+ ENGINE_get_static_state;
-+ pqueue_iterator;
-+ ECDSA_SIG_new;
-+ OPENSSL_DIR_end;
-+ BN_GF2m_mod_sqr;
-+ EC_POINT_bn2point;
-+ X509_VERIFY_PARAM_set_depth;
-+ EC_KEY_set_asn1_flag;
-+ STORE_get_method;
-+ EC_KEY_get_key_method_data;
-+ ECDSA_sign_ex;
-+ STORE_parse_attrs_end;
-+ EC_GROUP_get_point_conversion_form;
-+ EC_GROUP_get_point_conv_form;
-+ STORE_method_set_store_function;
-+ STORE_ATTR_INFO_in;
-+ PEM_read_bio_ECPKParameters;
-+ EC_GROUP_get_pentanomial_basis;
-+ EVP_PKEY_add1_attr_by_txt;
-+ BN_BLINDING_set_flags;
-+ X509_VERIFY_PARAM_set1_policies;
-+ X509_VERIFY_PARAM_set1_name;
-+ X509_VERIFY_PARAM_set_purpose;
-+ STORE_get_number;
-+ ECDSA_sign_setup;
-+ BN_GF2m_mod_solve_quad_arr;
-+ EC_KEY_up_ref;
-+ POLICY_MAPPING_free;
-+ BN_GF2m_mod_div;
-+ X509_VERIFY_PARAM_set_flags;
-+ EC_KEY_free;
-+ STORE_meth_set_list_next_fn;
-+ STORE_method_set_list_next_function;
-+ PEM_write_bio_ECPrivateKey;
-+ d2i_EC_PUBKEY;
-+ STORE_meth_get_generate_fn;
-+ STORE_method_get_generate_function;
-+ STORE_meth_set_list_end_fn;
-+ STORE_method_set_list_end_function;
-+ pqueue_print;
-+ EC_GROUP_have_precompute_mult;
-+ EC_KEY_print_fp;
-+ BN_GF2m_mod_arr;
-+ PEM_write_bio_X509_CERT_PAIR;
-+ EVP_PKEY_cmp;
-+ X509_policy_level_node_count;
-+ STORE_new_engine;
-+ STORE_list_public_key_start;
-+ X509_VERIFY_PARAM_new;
-+ ECDH_get_ex_data;
-+ EVP_PKEY_get_attr;
-+ ECDSA_do_sign;
-+ ENGINE_unregister_ECDH;
-+ ECDH_OpenSSL;
-+ EC_KEY_set_conv_form;
-+ EC_POINT_dup;
-+ GENERAL_SUBTREE_new;
-+ STORE_list_crl_endp;
-+ EC_get_builtin_curves;
-+ X509_policy_node_get0_qualifiers;
-+ X509_pcy_node_get0_qualifiers;
-+ STORE_list_crl_end;
-+ EVP_PKEY_set1_EC_KEY;
-+ BN_GF2m_mod_sqrt_arr;
-+ i2d_ECPrivateKey_bio;
-+ ECPKParameters_print_fp;
-+ pqueue_find;
-+ ECDSA_SIG_free;
-+ PEM_write_bio_ECPKParameters;
-+ STORE_method_set_ctrl_function;
-+ STORE_list_public_key_end;
-+ EC_KEY_set_private_key;
-+ pqueue_peek;
-+ STORE_get_arbitrary;
-+ STORE_store_crl;
-+ X509_policy_node_get0_policy;
-+ PKCS12_add_safes;
-+ BN_BLINDING_convert_ex;
-+ X509_policy_tree_free;
-+ OPENSSL_ia32cap_loc;
-+ BN_GF2m_poly2arr;
-+ STORE_ctrl;
-+ STORE_ATTR_INFO_compare;
-+ BN_get0_nist_prime_224;
-+ i2d_ECParameters;
-+ i2d_ECPKParameters;
-+ BN_GENCB_call;
-+ d2i_ECPKParameters;
-+ STORE_meth_set_generate_fn;
-+ STORE_method_set_generate_function;
-+ ENGINE_set_ECDH;
-+ NAME_CONSTRAINTS_new;
-+ SHA256_Init;
-+ EC_KEY_get0_public_key;
-+ PEM_write_bio_EC_PUBKEY;
-+ STORE_ATTR_INFO_set_cstr;
-+ STORE_list_crl_next;
-+ STORE_ATTR_INFO_in_range;
-+ ECParameters_print;
-+ STORE_meth_set_delete_fn;
-+ STORE_method_set_delete_function;
-+ STORE_list_certificate_next;
-+ ASN1_generate_nconf;
-+ BUF_memdup;
-+ BN_GF2m_mod_mul;
-+ STORE_meth_get_list_next_fn;
-+ STORE_method_get_list_next_function;
-+ STORE_ATTR_INFO_get0_dn;
-+ STORE_list_private_key_next;
-+ EC_GROUP_set_seed;
-+ X509_VERIFY_PARAM_set_trust;
-+ STORE_ATTR_INFO_free;
-+ STORE_get_private_key;
-+ EVP_PKEY_get_attr_count;
-+ STORE_ATTR_INFO_new;
-+ EC_GROUP_get_curve_GF2m;
-+ STORE_meth_set_revoke_fn;
-+ STORE_method_set_revoke_function;
-+ STORE_store_number;
-+ BN_is_prime_ex;
-+ STORE_revoke_public_key;
-+ X509_STORE_CTX_get0_param;
-+ STORE_delete_arbitrary;
-+ PEM_read_X509_CERT_PAIR;
-+ X509_STORE_set_depth;
-+ ECDSA_get_ex_data;
-+ SHA224;
-+ BIO_dump_indent_fp;
-+ EC_KEY_set_group;
-+ BUF_strndup;
-+ STORE_list_certificate_start;
-+ BN_GF2m_mod;
-+ X509_REQ_check_private_key;
-+ EC_GROUP_get_seed_len;
-+ ERR_load_STORE_strings;
-+ PEM_read_bio_EC_PUBKEY;
-+ STORE_list_private_key_end;
-+ i2d_EC_PUBKEY;
-+ ECDSA_get_default_method;
-+ ASN1_put_eoc;
-+ X509_STORE_CTX_get_explicit_policy;
-+ X509_STORE_CTX_get_expl_policy;
-+ X509_VERIFY_PARAM_table_cleanup;
-+ STORE_modify_private_key;
-+ X509_VERIFY_PARAM_free;
-+ EC_METHOD_get_field_type;
-+ EC_GFp_nist_method;
-+ STORE_meth_set_modify_fn;
-+ STORE_method_set_modify_function;
-+ STORE_parse_attrs_next;
-+ ENGINE_load_padlock;
-+ EC_GROUP_set_curve_name;
-+ X509_CERT_PAIR_it;
-+ STORE_meth_get_revoke_fn;
-+ STORE_method_get_revoke_function;
-+ STORE_method_set_get_function;
-+ STORE_modify_number;
-+ STORE_method_get_store_function;
-+ STORE_store_private_key;
-+ BN_GF2m_mod_sqr_arr;
-+ RSA_setup_blinding;
-+ BIO_s_datagram;
-+ STORE_Memory;
-+ sk_find_ex;
-+ EC_GROUP_set_curve_GF2m;
-+ ENGINE_set_default_ECDSA;
-+ POLICY_CONSTRAINTS_new;
-+ BN_GF2m_mod_sqrt;
-+ ECDH_set_default_method;
-+ EC_KEY_generate_key;
-+ SHA384_Update;
-+ BN_GF2m_arr2poly;
-+ STORE_method_get_get_function;
-+ STORE_meth_set_cleanup_fn;
-+ STORE_method_set_cleanup_function;
-+ EC_GROUP_check;
-+ d2i_ECPrivateKey_bio;
-+ EC_KEY_insert_key_method_data;
-+ STORE_meth_get_lock_store_fn;
-+ STORE_method_get_lock_store_function;
-+ X509_VERIFY_PARAM_get_depth;
-+ SHA224_Final;
-+ STORE_meth_set_update_store_fn;
-+ STORE_method_set_update_store_function;
-+ SHA224_Update;
-+ d2i_ECPrivateKey;
-+ ASN1_item_ndef_i2d;
-+ STORE_delete_private_key;
-+ ERR_pop_to_mark;
-+ ENGINE_register_all_STORE;
-+ X509_policy_level_get0_node;
-+ i2d_PKCS7_NDEF;
-+ EC_GROUP_get_degree;
-+ ASN1_generate_v3;
-+ STORE_ATTR_INFO_modify_cstr;
-+ X509_policy_tree_level_count;
-+ BN_GF2m_add;
-+ EC_KEY_get0_group;
-+ STORE_generate_crl;
-+ STORE_store_public_key;
-+ X509_CERT_PAIR_free;
-+ STORE_revoke_private_key;
-+ BN_nist_mod_224;
-+ SHA512_Final;
-+ STORE_ATTR_INFO_modify_dn;
-+ STORE_meth_get_initialise_fn;
-+ STORE_method_get_initialise_function;
-+ STORE_delete_number;
-+ i2d_EC_PUBKEY_bio;
-+ BIO_dgram_non_fatal_error;
-+ EC_GROUP_get_asn1_flag;
-+ STORE_ATTR_INFO_in_ex;
-+ STORE_list_crl_start;
-+ ECDH_get_ex_new_index;
-+ STORE_meth_get_modify_fn;
-+ STORE_method_get_modify_function;
-+ v2i_ASN1_BIT_STRING;
-+ STORE_store_certificate;
-+ OBJ_bsearch_ex;
-+ X509_STORE_CTX_set_default;
-+ STORE_ATTR_INFO_set_sha1str;
-+ BN_GF2m_mod_inv;
-+ BN_GF2m_mod_exp;
-+ STORE_modify_public_key;
-+ STORE_meth_get_list_start_fn;
-+ STORE_method_get_list_start_function;
-+ EC_GROUP_get0_seed;
-+ STORE_store_arbitrary;
-+ STORE_meth_set_unlock_store_fn;
-+ STORE_method_set_unlock_store_function;
-+ BN_GF2m_mod_div_arr;
-+ ENGINE_set_ECDSA;
-+ STORE_create_method;
-+ ECPKParameters_print;
-+ EC_KEY_get0_private_key;
-+ PEM_write_EC_PUBKEY;
-+ X509_VERIFY_PARAM_set1;
-+ ECDH_set_method;
-+ v2i_GENERAL_NAME_ex;
-+ ECDH_set_ex_data;
-+ STORE_generate_key;
-+ BN_nist_mod_521;
-+ X509_policy_tree_get0_level;
-+ EC_GROUP_set_point_conversion_form;
-+ EC_GROUP_set_point_conv_form;
-+ PEM_read_EC_PUBKEY;
-+ i2d_ECDSA_SIG;
-+ ECDSA_OpenSSL;
-+ STORE_delete_crl;
-+ EC_KEY_get_enc_flags;
-+ ASN1_const_check_infinite_end;
-+ EVP_PKEY_delete_attr;
-+ ECDSA_set_default_method;
-+ EC_POINT_set_compressed_coordinates_GF2m;
-+ EC_POINT_set_compr_coords_GF2m;
-+ EC_GROUP_cmp;
-+ STORE_revoke_certificate;
-+ BN_get0_nist_prime_256;
-+ STORE_meth_get_delete_fn;
-+ STORE_method_get_delete_function;
-+ SHA224_Init;
-+ PEM_read_ECPrivateKey;
-+ SHA512_Init;
-+ STORE_parse_attrs_endp;
-+ BN_set_negative;
-+ ERR_load_ECDSA_strings;
-+ EC_GROUP_get_basis_type;
-+ STORE_list_public_key_next;
-+ i2v_ASN1_BIT_STRING;
-+ STORE_OBJECT_free;
-+ BN_nist_mod_384;
-+ i2d_X509_CERT_PAIR;
-+ PEM_write_ECPKParameters;
-+ ECDH_compute_key;
-+ STORE_ATTR_INFO_get0_sha1str;
-+ ENGINE_register_all_ECDH;
-+ pqueue_pop;
-+ STORE_ATTR_INFO_get0_cstr;
-+ POLICY_CONSTRAINTS_it;
-+ STORE_get_ex_new_index;
-+ EVP_PKEY_get_attr_by_OBJ;
-+ X509_VERIFY_PARAM_add0_policy;
-+ BN_GF2m_mod_solve_quad;
-+ SHA256;
-+ i2d_ECPrivateKey_fp;
-+ X509_policy_tree_get0_user_policies;
-+ X509_pcy_tree_get0_usr_policies;
-+ OPENSSL_DIR_read;
-+ ENGINE_register_all_ECDSA;
-+ X509_VERIFY_PARAM_lookup;
-+ EC_POINT_get_affine_coordinates_GF2m;
-+ EC_POINT_get_affine_coords_GF2m;
-+ EC_GROUP_dup;
-+ ENGINE_get_default_ECDSA;
-+ EC_KEY_new;
-+ SHA256_Transform;
-+ EC_KEY_set_enc_flags;
-+ ECDSA_verify;
-+ EC_POINT_point2hex;
-+ ENGINE_get_STORE;
-+ SHA512;
-+ STORE_get_certificate;
-+ ECDSA_do_sign_ex;
-+ ECDSA_do_verify;
-+ d2i_ECPrivateKey_fp;
-+ STORE_delete_certificate;
-+ SHA512_Transform;
-+ X509_STORE_set1_param;
-+ STORE_method_get_ctrl_function;
-+ STORE_free;
-+ PEM_write_ECPrivateKey;
-+ STORE_meth_get_unlock_store_fn;
-+ STORE_method_get_unlock_store_function;
-+ STORE_get_ex_data;
-+ EC_KEY_set_public_key;
-+ PEM_read_ECPKParameters;
-+ X509_CERT_PAIR_new;
-+ ENGINE_register_STORE;
-+ RSA_generate_key_ex;
-+ DSA_generate_parameters_ex;
-+ ECParameters_print_fp;
-+ X509V3_NAME_from_section;
-+ EVP_PKEY_add1_attr;
-+ STORE_modify_crl;
-+ STORE_list_private_key_start;
-+ POLICY_MAPPINGS_it;
-+ GENERAL_SUBTREE_it;
-+ EC_GROUP_get_curve_name;
-+ PEM_write_X509_CERT_PAIR;
-+ BIO_dump_indent_cb;
-+ d2i_X509_CERT_PAIR;
-+ STORE_list_private_key_endp;
-+ asn1_const_Finish;
-+ i2d_EC_PUBKEY_fp;
-+ BN_nist_mod_256;
-+ X509_VERIFY_PARAM_add0_table;
-+ pqueue_free;
-+ BN_BLINDING_create_param;
-+ ECDSA_size;
-+ d2i_EC_PUBKEY_bio;
-+ BN_get0_nist_prime_521;
-+ STORE_ATTR_INFO_modify_sha1str;
-+ BN_generate_prime_ex;
-+ EC_GROUP_new_by_curve_name;
-+ SHA256_Final;
-+ DH_generate_parameters_ex;
-+ PEM_read_bio_ECPrivateKey;
-+ STORE_meth_get_cleanup_fn;
-+ STORE_method_get_cleanup_function;
-+ ENGINE_get_ECDH;
-+ d2i_ECDSA_SIG;
-+ BN_is_prime_fasttest_ex;
-+ ECDSA_sign;
-+ X509_policy_check;
-+ EVP_PKEY_get_attr_by_NID;
-+ STORE_set_ex_data;
-+ ENGINE_get_ECDSA;
-+ EVP_ecdsa;
-+ BN_BLINDING_get_flags;
-+ PKCS12_add_cert;
-+ STORE_OBJECT_new;
-+ ERR_load_ECDH_strings;
-+ EC_KEY_dup;
-+ EVP_CIPHER_CTX_rand_key;
-+ ECDSA_set_method;
-+ a2i_IPADDRESS_NC;
-+ d2i_ECParameters;
-+ STORE_list_certificate_end;
-+ STORE_get_crl;
-+ X509_POLICY_NODE_print;
-+ SHA384_Init;
-+ EC_GF2m_simple_method;
-+ ECDSA_set_ex_data;
-+ SHA384_Final;
-+ PKCS7_set_digest;
-+ EC_KEY_print;
-+ STORE_meth_set_lock_store_fn;
-+ STORE_method_set_lock_store_function;
-+ ECDSA_get_ex_new_index;
-+ SHA384;
-+ POLICY_MAPPING_new;
-+ STORE_list_certificate_endp;
-+ X509_STORE_CTX_get0_policy_tree;
-+ EC_GROUP_set_asn1_flag;
-+ EC_KEY_check_key;
-+ d2i_EC_PUBKEY_fp;
-+ PKCS7_set0_type_other;
-+ PEM_read_bio_X509_CERT_PAIR;
-+ pqueue_next;
-+ STORE_meth_get_list_end_fn;
-+ STORE_method_get_list_end_function;
-+ EVP_PKEY_add1_attr_by_OBJ;
-+ X509_VERIFY_PARAM_set_time;
-+ pqueue_new;
-+ ENGINE_set_default_ECDH;
-+ STORE_new_method;
-+ PKCS12_add_key;
-+ DSO_merge;
-+ EC_POINT_hex2point;
-+ BIO_dump_cb;
-+ SHA256_Update;
-+ pqueue_insert;
-+ pitem_free;
-+ BN_GF2m_mod_inv_arr;
-+ ENGINE_unregister_ECDSA;
-+ BN_BLINDING_set_thread_id;
-+ get_rfc3526_prime_8192;
-+ X509_VERIFY_PARAM_clear_flags;
-+ get_rfc2409_prime_1024;
-+ DH_check_pub_key;
-+ get_rfc3526_prime_2048;
-+ get_rfc3526_prime_6144;
-+ get_rfc3526_prime_1536;
-+ get_rfc3526_prime_3072;
-+ get_rfc3526_prime_4096;
-+ get_rfc2409_prime_768;
-+ X509_VERIFY_PARAM_get_flags;
-+ EVP_CIPHER_CTX_new;
-+ EVP_CIPHER_CTX_free;
-+ Camellia_cbc_encrypt;
-+ Camellia_cfb128_encrypt;
-+ Camellia_cfb1_encrypt;
-+ Camellia_cfb8_encrypt;
-+ Camellia_ctr128_encrypt;
-+ Camellia_cfbr_encrypt_block;
-+ Camellia_decrypt;
-+ Camellia_ecb_encrypt;
-+ Camellia_encrypt;
-+ Camellia_ofb128_encrypt;
-+ Camellia_set_key;
-+ EVP_camellia_128_cbc;
-+ EVP_camellia_128_cfb128;
-+ EVP_camellia_128_cfb1;
-+ EVP_camellia_128_cfb8;
-+ EVP_camellia_128_ecb;
-+ EVP_camellia_128_ofb;
-+ EVP_camellia_192_cbc;
-+ EVP_camellia_192_cfb128;
-+ EVP_camellia_192_cfb1;
-+ EVP_camellia_192_cfb8;
-+ EVP_camellia_192_ecb;
-+ EVP_camellia_192_ofb;
-+ EVP_camellia_256_cbc;
-+ EVP_camellia_256_cfb128;
-+ EVP_camellia_256_cfb1;
-+ EVP_camellia_256_cfb8;
-+ EVP_camellia_256_ecb;
-+ EVP_camellia_256_ofb;
-+ a2i_ipadd;
-+ ASIdentifiers_free;
-+ i2d_ASIdOrRange;
-+ EVP_CIPHER_block_size;
-+ v3_asid_is_canonical;
-+ IPAddressChoice_free;
-+ EVP_CIPHER_CTX_set_app_data;
-+ BIO_set_callback_arg;
-+ v3_addr_add_prefix;
-+ IPAddressOrRange_it;
-+ BIO_set_flags;
-+ ASIdentifiers_it;
-+ v3_addr_get_range;
-+ BIO_method_type;
-+ v3_addr_inherits;
-+ IPAddressChoice_it;
-+ AES_ige_encrypt;
-+ v3_addr_add_range;
-+ EVP_CIPHER_CTX_nid;
-+ d2i_ASRange;
-+ v3_addr_add_inherit;
-+ v3_asid_add_id_or_range;
-+ v3_addr_validate_resource_set;
-+ EVP_CIPHER_iv_length;
-+ EVP_MD_type;
-+ v3_asid_canonize;
-+ IPAddressRange_free;
-+ v3_asid_add_inherit;
-+ EVP_CIPHER_CTX_key_length;
-+ IPAddressRange_new;
-+ ASIdOrRange_new;
-+ EVP_MD_size;
-+ EVP_MD_CTX_test_flags;
-+ BIO_clear_flags;
-+ i2d_ASRange;
-+ IPAddressRange_it;
-+ IPAddressChoice_new;
-+ ASIdentifierChoice_new;
-+ ASRange_free;
-+ EVP_MD_pkey_type;
-+ EVP_MD_CTX_clear_flags;
-+ IPAddressFamily_free;
-+ i2d_IPAddressFamily;
-+ IPAddressOrRange_new;
-+ EVP_CIPHER_flags;
-+ v3_asid_validate_resource_set;
-+ d2i_IPAddressRange;
-+ AES_bi_ige_encrypt;
-+ BIO_get_callback;
-+ IPAddressOrRange_free;
-+ v3_addr_subset;
-+ d2i_IPAddressFamily;
-+ v3_asid_subset;
-+ BIO_test_flags;
-+ i2d_ASIdentifierChoice;
-+ ASRange_it;
-+ d2i_ASIdentifiers;
-+ ASRange_new;
-+ d2i_IPAddressChoice;
-+ v3_addr_get_afi;
-+ EVP_CIPHER_key_length;
-+ EVP_Cipher;
-+ i2d_IPAddressOrRange;
-+ ASIdOrRange_it;
-+ EVP_CIPHER_nid;
-+ i2d_IPAddressChoice;
-+ EVP_CIPHER_CTX_block_size;
-+ ASIdentifiers_new;
-+ v3_addr_validate_path;
-+ IPAddressFamily_new;
-+ EVP_MD_CTX_set_flags;
-+ v3_addr_is_canonical;
-+ i2d_IPAddressRange;
-+ IPAddressFamily_it;
-+ v3_asid_inherits;
-+ EVP_CIPHER_CTX_cipher;
-+ EVP_CIPHER_CTX_get_app_data;
-+ EVP_MD_block_size;
-+ EVP_CIPHER_CTX_flags;
-+ v3_asid_validate_path;
-+ d2i_IPAddressOrRange;
-+ v3_addr_canonize;
-+ ASIdentifierChoice_it;
-+ EVP_MD_CTX_md;
-+ d2i_ASIdentifierChoice;
-+ BIO_method_name;
-+ EVP_CIPHER_CTX_iv_length;
-+ ASIdOrRange_free;
-+ ASIdentifierChoice_free;
-+ BIO_get_callback_arg;
-+ BIO_set_callback;
-+ d2i_ASIdOrRange;
-+ i2d_ASIdentifiers;
-+ SEED_decrypt;
-+ SEED_encrypt;
-+ SEED_cbc_encrypt;
-+ EVP_seed_ofb;
-+ SEED_cfb128_encrypt;
-+ SEED_ofb128_encrypt;
-+ EVP_seed_cbc;
-+ SEED_ecb_encrypt;
-+ EVP_seed_ecb;
-+ SEED_set_key;
-+ EVP_seed_cfb128;
-+ X509_EXTENSIONS_it;
-+ X509_get1_ocsp;
-+ OCSP_REQ_CTX_free;
-+ i2d_X509_EXTENSIONS;
-+ OCSP_sendreq_nbio;
-+ OCSP_sendreq_new;
-+ d2i_X509_EXTENSIONS;
-+ X509_ALGORS_it;
-+ X509_ALGOR_get0;
-+ X509_ALGOR_set0;
-+ AES_unwrap_key;
-+ AES_wrap_key;
-+ X509at_get0_data_by_OBJ;
-+ ASN1_TYPE_set1;
-+ ASN1_STRING_set0;
-+ i2d_X509_ALGORS;
-+ BIO_f_zlib;
-+ COMP_zlib_cleanup;
-+ d2i_X509_ALGORS;
-+ CMS_ReceiptRequest_free;
-+ PEM_write_CMS;
-+ CMS_add0_CertificateChoices;
-+ CMS_unsigned_add1_attr_by_OBJ;
-+ ERR_load_CMS_strings;
-+ CMS_sign_receipt;
-+ i2d_CMS_ContentInfo;
-+ CMS_signed_delete_attr;
-+ d2i_CMS_bio;
-+ CMS_unsigned_get_attr_by_NID;
-+ CMS_verify;
-+ SMIME_read_CMS;
-+ CMS_decrypt_set1_key;
-+ CMS_SignerInfo_get0_algs;
-+ CMS_add1_cert;
-+ CMS_set_detached;
-+ CMS_encrypt;
-+ CMS_EnvelopedData_create;
-+ CMS_uncompress;
-+ CMS_add0_crl;
-+ CMS_SignerInfo_verify_content;
-+ CMS_unsigned_get0_data_by_OBJ;
-+ PEM_write_bio_CMS;
-+ CMS_unsigned_get_attr;
-+ CMS_RecipientInfo_ktri_cert_cmp;
-+ CMS_RecipientInfo_ktri_get0_algs;
-+ CMS_RecipInfo_ktri_get0_algs;
-+ CMS_ContentInfo_free;
-+ CMS_final;
-+ CMS_add_simple_smimecap;
-+ CMS_SignerInfo_verify;
-+ CMS_data;
-+ CMS_ContentInfo_it;
-+ d2i_CMS_ReceiptRequest;
-+ CMS_compress;
-+ CMS_digest_create;
-+ CMS_SignerInfo_cert_cmp;
-+ CMS_SignerInfo_sign;
-+ CMS_data_create;
-+ i2d_CMS_bio;
-+ CMS_EncryptedData_set1_key;
-+ CMS_decrypt;
-+ int_smime_write_ASN1;
-+ CMS_unsigned_delete_attr;
-+ CMS_unsigned_get_attr_count;
-+ CMS_add_smimecap;
-+ PEM_read_CMS;
-+ CMS_signed_get_attr_by_OBJ;
-+ d2i_CMS_ContentInfo;
-+ CMS_add_standard_smimecap;
-+ CMS_ContentInfo_new;
-+ CMS_RecipientInfo_type;
-+ CMS_get0_type;
-+ CMS_is_detached;
-+ CMS_sign;
-+ CMS_signed_add1_attr;
-+ CMS_unsigned_get_attr_by_OBJ;
-+ SMIME_write_CMS;
-+ CMS_EncryptedData_decrypt;
-+ CMS_get0_RecipientInfos;
-+ CMS_add0_RevocationInfoChoice;
-+ CMS_decrypt_set1_pkey;
-+ CMS_SignerInfo_set1_signer_cert;
-+ CMS_get0_signers;
-+ CMS_ReceiptRequest_get0_values;
-+ CMS_signed_get0_data_by_OBJ;
-+ CMS_get0_SignerInfos;
-+ CMS_add0_cert;
-+ CMS_EncryptedData_encrypt;
-+ CMS_digest_verify;
-+ CMS_set1_signers_certs;
-+ CMS_signed_get_attr;
-+ CMS_RecipientInfo_set0_key;
-+ CMS_SignedData_init;
-+ CMS_RecipientInfo_kekri_get0_id;
-+ CMS_verify_receipt;
-+ CMS_ReceiptRequest_it;
-+ PEM_read_bio_CMS;
-+ CMS_get1_crls;
-+ CMS_add0_recipient_key;
-+ SMIME_read_ASN1;
-+ CMS_ReceiptRequest_new;
-+ CMS_get0_content;
-+ CMS_get1_ReceiptRequest;
-+ CMS_signed_add1_attr_by_OBJ;
-+ CMS_RecipientInfo_kekri_id_cmp;
-+ CMS_add1_ReceiptRequest;
-+ CMS_SignerInfo_get0_signer_id;
-+ CMS_unsigned_add1_attr_by_NID;
-+ CMS_unsigned_add1_attr;
-+ CMS_signed_get_attr_by_NID;
-+ CMS_get1_certs;
-+ CMS_signed_add1_attr_by_NID;
-+ CMS_unsigned_add1_attr_by_txt;
-+ CMS_dataFinal;
-+ CMS_RecipientInfo_ktri_get0_signer_id;
-+ CMS_RecipInfo_ktri_get0_sigr_id;
-+ i2d_CMS_ReceiptRequest;
-+ CMS_add1_recipient_cert;
-+ CMS_dataInit;
-+ CMS_signed_add1_attr_by_txt;
-+ CMS_RecipientInfo_decrypt;
-+ CMS_signed_get_attr_count;
-+ CMS_get0_eContentType;
-+ CMS_set1_eContentType;
-+ CMS_ReceiptRequest_create0;
-+ CMS_add1_signer;
-+ CMS_RecipientInfo_set0_pkey;
-+ ENGINE_set_load_ssl_client_cert_function;
-+ ENGINE_set_ld_ssl_clnt_cert_fn;
-+ ENGINE_get_ssl_client_cert_function;
-+ ENGINE_get_ssl_client_cert_fn;
-+ ENGINE_load_ssl_client_cert;
-+ ENGINE_load_capi;
-+ OPENSSL_isservice;
-+ FIPS_dsa_sig_decode;
-+ EVP_CIPHER_CTX_clear_flags;
-+ FIPS_rand_status;
-+ FIPS_rand_set_key;
-+ CRYPTO_set_mem_info_functions;
-+ RSA_X931_generate_key_ex;
-+ int_ERR_set_state_func;
-+ int_EVP_MD_set_engine_callbacks;
-+ int_CRYPTO_set_do_dynlock_callback;
-+ FIPS_rng_stick;
-+ EVP_CIPHER_CTX_set_flags;
-+ BN_X931_generate_prime_ex;
-+ FIPS_selftest_check;
-+ FIPS_rand_set_dt;
-+ CRYPTO_dbg_pop_info;
-+ FIPS_dsa_free;
-+ RSA_X931_derive_ex;
-+ FIPS_rsa_new;
-+ FIPS_rand_bytes;
-+ fips_cipher_test;
-+ EVP_CIPHER_CTX_test_flags;
-+ CRYPTO_malloc_debug_init;
-+ CRYPTO_dbg_push_info;
-+ FIPS_corrupt_rsa_keygen;
-+ FIPS_dh_new;
-+ FIPS_corrupt_dsa_keygen;
-+ FIPS_dh_free;
-+ fips_pkey_signature_test;
-+ EVP_add_alg_module;
-+ int_RAND_init_engine_callbacks;
-+ int_EVP_CIPHER_set_engine_callbacks;
-+ int_EVP_MD_init_engine_callbacks;
-+ FIPS_rand_test_mode;
-+ FIPS_rand_reset;
-+ FIPS_dsa_new;
-+ int_RAND_set_callbacks;
-+ BN_X931_derive_prime_ex;
-+ int_ERR_lib_init;
-+ int_EVP_CIPHER_init_engine_callbacks;
-+ FIPS_rsa_free;
-+ FIPS_dsa_sig_encode;
-+ CRYPTO_dbg_remove_all_info;
-+ OPENSSL_init;
-+ CRYPTO_strdup;
-+ JPAKE_STEP3A_process;
-+ JPAKE_STEP1_release;
-+ JPAKE_get_shared_key;
-+ JPAKE_STEP3B_init;
-+ JPAKE_STEP1_generate;
-+ JPAKE_STEP1_init;
-+ JPAKE_STEP3B_process;
-+ JPAKE_STEP2_generate;
-+ JPAKE_CTX_new;
-+ JPAKE_CTX_free;
-+ JPAKE_STEP3B_release;
-+ JPAKE_STEP3A_release;
-+ JPAKE_STEP2_process;
-+ JPAKE_STEP3B_generate;
-+ JPAKE_STEP1_process;
-+ JPAKE_STEP3A_generate;
-+ JPAKE_STEP2_release;
-+ JPAKE_STEP3A_init;
-+ ERR_load_JPAKE_strings;
-+ JPAKE_STEP2_init;
-+ pqueue_size;
-+ i2d_TS_ACCURACY;
-+ i2d_TS_MSG_IMPRINT_fp;
-+ i2d_TS_MSG_IMPRINT;
-+ EVP_PKEY_print_public;
-+ EVP_PKEY_CTX_new;
-+ i2d_TS_TST_INFO;
-+ EVP_PKEY_asn1_find;
-+ DSO_METHOD_beos;
-+ TS_CONF_load_cert;
-+ TS_REQ_get_ext;
-+ EVP_PKEY_sign_init;
-+ ASN1_item_print;
-+ TS_TST_INFO_set_nonce;
-+ TS_RESP_dup;
-+ ENGINE_register_pkey_meths;
-+ EVP_PKEY_asn1_add0;
-+ PKCS7_add0_attrib_signing_time;
-+ i2d_TS_TST_INFO_fp;
-+ BIO_asn1_get_prefix;
-+ TS_TST_INFO_set_time;
-+ EVP_PKEY_meth_set_decrypt;
-+ EVP_PKEY_set_type_str;
-+ EVP_PKEY_CTX_get_keygen_info;
-+ TS_REQ_set_policy_id;
-+ d2i_TS_RESP_fp;
-+ ENGINE_get_pkey_asn1_meth_engine;
-+ ENGINE_get_pkey_asn1_meth_eng;
-+ WHIRLPOOL_Init;
-+ TS_RESP_set_status_info;
-+ EVP_PKEY_keygen;
-+ EVP_DigestSignInit;
-+ TS_ACCURACY_set_millis;
-+ TS_REQ_dup;
-+ GENERAL_NAME_dup;
-+ ASN1_SEQUENCE_ANY_it;
-+ WHIRLPOOL;
-+ X509_STORE_get1_crls;
-+ ENGINE_get_pkey_asn1_meth;
-+ EVP_PKEY_asn1_new;
-+ BIO_new_NDEF;
-+ ENGINE_get_pkey_meth;
-+ TS_MSG_IMPRINT_set_algo;
-+ i2d_TS_TST_INFO_bio;
-+ TS_TST_INFO_set_ordering;
-+ TS_TST_INFO_get_ext_by_OBJ;
-+ CRYPTO_THREADID_set_pointer;
-+ TS_CONF_get_tsa_section;
-+ SMIME_write_ASN1;
-+ TS_RESP_CTX_set_signer_key;
-+ EVP_PKEY_encrypt_old;
-+ EVP_PKEY_encrypt_init;
-+ CRYPTO_THREADID_cpy;
-+ ASN1_PCTX_get_cert_flags;
-+ i2d_ESS_SIGNING_CERT;
-+ TS_CONF_load_key;
-+ i2d_ASN1_SEQUENCE_ANY;
-+ d2i_TS_MSG_IMPRINT_bio;
-+ EVP_PKEY_asn1_set_public;
-+ b2i_PublicKey_bio;
-+ BIO_asn1_set_prefix;
-+ EVP_PKEY_new_mac_key;
-+ BIO_new_CMS;
-+ CRYPTO_THREADID_cmp;
-+ TS_REQ_ext_free;
-+ EVP_PKEY_asn1_set_free;
-+ EVP_PKEY_get0_asn1;
-+ d2i_NETSCAPE_X509;
-+ EVP_PKEY_verify_recover_init;
-+ EVP_PKEY_CTX_set_data;
-+ EVP_PKEY_keygen_init;
-+ TS_RESP_CTX_set_status_info;
-+ TS_MSG_IMPRINT_get_algo;
-+ TS_REQ_print_bio;
-+ EVP_PKEY_CTX_ctrl_str;
-+ EVP_PKEY_get_default_digest_nid;
-+ PEM_write_bio_PKCS7_stream;
-+ TS_MSG_IMPRINT_print_bio;
-+ BN_asc2bn;
-+ TS_REQ_get_policy_id;
-+ ENGINE_set_default_pkey_asn1_meths;
-+ ENGINE_set_def_pkey_asn1_meths;
-+ d2i_TS_ACCURACY;
-+ DSO_global_lookup;
-+ TS_CONF_set_tsa_name;
-+ i2d_ASN1_SET_ANY;
-+ ENGINE_load_gost;
-+ WHIRLPOOL_BitUpdate;
-+ ASN1_PCTX_get_flags;
-+ TS_TST_INFO_get_ext_by_NID;
-+ TS_RESP_new;
-+ ESS_CERT_ID_dup;
-+ TS_STATUS_INFO_dup;
-+ TS_REQ_delete_ext;
-+ EVP_DigestVerifyFinal;
-+ EVP_PKEY_print_params;
-+ i2d_CMS_bio_stream;
-+ TS_REQ_get_msg_imprint;
-+ OBJ_find_sigid_by_algs;
-+ TS_TST_INFO_get_serial;
-+ TS_REQ_get_nonce;
-+ X509_PUBKEY_set0_param;
-+ EVP_PKEY_CTX_set0_keygen_info;
-+ DIST_POINT_set_dpname;
-+ i2d_ISSUING_DIST_POINT;
-+ ASN1_SET_ANY_it;
-+ EVP_PKEY_CTX_get_data;
-+ TS_STATUS_INFO_print_bio;
-+ EVP_PKEY_derive_init;
-+ d2i_TS_TST_INFO;
-+ EVP_PKEY_asn1_add_alias;
-+ d2i_TS_RESP_bio;
-+ OTHERNAME_cmp;
-+ GENERAL_NAME_set0_value;
-+ PKCS7_RECIP_INFO_get0_alg;
-+ TS_RESP_CTX_new;
-+ TS_RESP_set_tst_info;
-+ PKCS7_final;
-+ EVP_PKEY_base_id;
-+ TS_RESP_CTX_set_signer_cert;
-+ TS_REQ_set_msg_imprint;
-+ EVP_PKEY_CTX_ctrl;
-+ TS_CONF_set_digests;
-+ d2i_TS_MSG_IMPRINT;
-+ EVP_PKEY_meth_set_ctrl;
-+ TS_REQ_get_ext_by_NID;
-+ PKCS5_pbe_set0_algor;
-+ BN_BLINDING_thread_id;
-+ TS_ACCURACY_new;
-+ X509_CRL_METHOD_free;
-+ ASN1_PCTX_get_nm_flags;
-+ EVP_PKEY_meth_set_sign;
-+ CRYPTO_THREADID_current;
-+ EVP_PKEY_decrypt_init;
-+ NETSCAPE_X509_free;
-+ i2b_PVK_bio;
-+ EVP_PKEY_print_private;
-+ GENERAL_NAME_get0_value;
-+ b2i_PVK_bio;
-+ ASN1_UTCTIME_adj;
-+ TS_TST_INFO_new;
-+ EVP_MD_do_all_sorted;
-+ TS_CONF_set_default_engine;
-+ TS_ACCURACY_set_seconds;
-+ TS_TST_INFO_get_time;
-+ PKCS8_pkey_get0;
-+ EVP_PKEY_asn1_get0;
-+ OBJ_add_sigid;
-+ PKCS7_SIGNER_INFO_sign;
-+ EVP_PKEY_paramgen_init;
-+ EVP_PKEY_sign;
-+ OBJ_sigid_free;
-+ EVP_PKEY_meth_set_init;
-+ d2i_ESS_ISSUER_SERIAL;
-+ ISSUING_DIST_POINT_new;
-+ ASN1_TIME_adj;
-+ TS_OBJ_print_bio;
-+ EVP_PKEY_meth_set_verify_recover;
-+ EVP_PKEY_meth_set_vrfy_recover;
-+ TS_RESP_get_status_info;
-+ CMS_stream;
-+ EVP_PKEY_CTX_set_cb;
-+ PKCS7_to_TS_TST_INFO;
-+ ASN1_PCTX_get_oid_flags;
-+ TS_TST_INFO_add_ext;
-+ EVP_PKEY_meth_set_derive;
-+ i2d_TS_RESP_fp;
-+ i2d_TS_MSG_IMPRINT_bio;
-+ TS_RESP_CTX_set_accuracy;
-+ TS_REQ_set_nonce;
-+ ESS_CERT_ID_new;
-+ ENGINE_pkey_asn1_find_str;
-+ TS_REQ_get_ext_count;
-+ BUF_reverse;
-+ TS_TST_INFO_print_bio;
-+ d2i_ISSUING_DIST_POINT;
-+ ENGINE_get_pkey_meths;
-+ i2b_PrivateKey_bio;
-+ i2d_TS_RESP;
-+ b2i_PublicKey;
-+ TS_VERIFY_CTX_cleanup;
-+ TS_STATUS_INFO_free;
-+ TS_RESP_verify_token;
-+ OBJ_bsearch_ex_;
-+ ASN1_bn_print;
-+ EVP_PKEY_asn1_get_count;
-+ ENGINE_register_pkey_asn1_meths;
-+ ASN1_PCTX_set_nm_flags;
-+ EVP_DigestVerifyInit;
-+ ENGINE_set_default_pkey_meths;
-+ TS_TST_INFO_get_policy_id;
-+ TS_REQ_get_cert_req;
-+ X509_CRL_set_meth_data;
-+ PKCS8_pkey_set0;
-+ ASN1_STRING_copy;
-+ d2i_TS_TST_INFO_fp;
-+ X509_CRL_match;
-+ EVP_PKEY_asn1_set_private;
-+ TS_TST_INFO_get_ext_d2i;
-+ TS_RESP_CTX_add_policy;
-+ d2i_TS_RESP;
-+ TS_CONF_load_certs;
-+ TS_TST_INFO_get_msg_imprint;
-+ ERR_load_TS_strings;
-+ TS_TST_INFO_get_version;
-+ EVP_PKEY_CTX_dup;
-+ EVP_PKEY_meth_set_verify;
-+ i2b_PublicKey_bio;
-+ TS_CONF_set_certs;
-+ EVP_PKEY_asn1_get0_info;
-+ TS_VERIFY_CTX_free;
-+ TS_REQ_get_ext_by_critical;
-+ TS_RESP_CTX_set_serial_cb;
-+ X509_CRL_get_meth_data;
-+ TS_RESP_CTX_set_time_cb;
-+ TS_MSG_IMPRINT_get_msg;
-+ TS_TST_INFO_ext_free;
-+ TS_REQ_get_version;
-+ TS_REQ_add_ext;
-+ EVP_PKEY_CTX_set_app_data;
-+ OBJ_bsearch_;
-+ EVP_PKEY_meth_set_verifyctx;
-+ i2d_PKCS7_bio_stream;
-+ CRYPTO_THREADID_set_numeric;
-+ PKCS7_sign_add_signer;
-+ d2i_TS_TST_INFO_bio;
-+ TS_TST_INFO_get_ordering;
-+ TS_RESP_print_bio;
-+ TS_TST_INFO_get_exts;
-+ HMAC_CTX_copy;
-+ PKCS5_pbe2_set_iv;
-+ ENGINE_get_pkey_asn1_meths;
-+ b2i_PrivateKey;
-+ EVP_PKEY_CTX_get_app_data;
-+ TS_REQ_set_cert_req;
-+ CRYPTO_THREADID_set_callback;
-+ TS_CONF_set_serial;
-+ TS_TST_INFO_free;
-+ d2i_TS_REQ_fp;
-+ TS_RESP_verify_response;
-+ i2d_ESS_ISSUER_SERIAL;
-+ TS_ACCURACY_get_seconds;
-+ EVP_CIPHER_do_all;
-+ b2i_PrivateKey_bio;
-+ OCSP_CERTID_dup;
-+ X509_PUBKEY_get0_param;
-+ TS_MSG_IMPRINT_dup;
-+ PKCS7_print_ctx;
-+ i2d_TS_REQ_bio;
-+ EVP_whirlpool;
-+ EVP_PKEY_asn1_set_param;
-+ EVP_PKEY_meth_set_encrypt;
-+ ASN1_PCTX_set_flags;
-+ i2d_ESS_CERT_ID;
-+ TS_VERIFY_CTX_new;
-+ TS_RESP_CTX_set_extension_cb;
-+ ENGINE_register_all_pkey_meths;
-+ TS_RESP_CTX_set_status_info_cond;
-+ TS_RESP_CTX_set_stat_info_cond;
-+ EVP_PKEY_verify;
-+ WHIRLPOOL_Final;
-+ X509_CRL_METHOD_new;
-+ EVP_DigestSignFinal;
-+ TS_RESP_CTX_set_def_policy;
-+ NETSCAPE_X509_it;
-+ TS_RESP_create_response;
-+ PKCS7_SIGNER_INFO_get0_algs;
-+ TS_TST_INFO_get_nonce;
-+ EVP_PKEY_decrypt_old;
-+ TS_TST_INFO_set_policy_id;
-+ TS_CONF_set_ess_cert_id_chain;
-+ EVP_PKEY_CTX_get0_pkey;
-+ d2i_TS_REQ;
-+ EVP_PKEY_asn1_find_str;
-+ BIO_f_asn1;
-+ ESS_SIGNING_CERT_new;
-+ EVP_PBE_find;
-+ X509_CRL_get0_by_cert;
-+ EVP_PKEY_derive;
-+ i2d_TS_REQ;
-+ TS_TST_INFO_delete_ext;
-+ ESS_ISSUER_SERIAL_free;
-+ ASN1_PCTX_set_str_flags;
-+ ENGINE_get_pkey_asn1_meth_str;
-+ TS_CONF_set_signer_key;
-+ TS_ACCURACY_get_millis;
-+ TS_RESP_get_token;
-+ TS_ACCURACY_dup;
-+ ENGINE_register_all_pkey_asn1_meths;
-+ ENGINE_reg_all_pkey_asn1_meths;
-+ X509_CRL_set_default_method;
-+ CRYPTO_THREADID_hash;
-+ CMS_ContentInfo_print_ctx;
-+ TS_RESP_free;
-+ ISSUING_DIST_POINT_free;
-+ ESS_ISSUER_SERIAL_new;
-+ CMS_add1_crl;
-+ PKCS7_add1_attrib_digest;
-+ TS_RESP_CTX_add_md;
-+ TS_TST_INFO_dup;
-+ ENGINE_set_pkey_asn1_meths;
-+ PEM_write_bio_Parameters;
-+ TS_TST_INFO_get_accuracy;
-+ X509_CRL_get0_by_serial;
-+ TS_TST_INFO_set_version;
-+ TS_RESP_CTX_get_tst_info;
-+ TS_RESP_verify_signature;
-+ CRYPTO_THREADID_get_callback;
-+ TS_TST_INFO_get_tsa;
-+ TS_STATUS_INFO_new;
-+ EVP_PKEY_CTX_get_cb;
-+ TS_REQ_get_ext_d2i;
-+ GENERAL_NAME_set0_othername;
-+ TS_TST_INFO_get_ext_count;
-+ TS_RESP_CTX_get_request;
-+ i2d_NETSCAPE_X509;
-+ ENGINE_get_pkey_meth_engine;
-+ EVP_PKEY_meth_set_signctx;
-+ EVP_PKEY_asn1_copy;
-+ ASN1_TYPE_cmp;
-+ EVP_CIPHER_do_all_sorted;
-+ EVP_PKEY_CTX_free;
-+ ISSUING_DIST_POINT_it;
-+ d2i_TS_MSG_IMPRINT_fp;
-+ X509_STORE_get1_certs;
-+ EVP_PKEY_CTX_get_operation;
-+ d2i_ESS_SIGNING_CERT;
-+ TS_CONF_set_ordering;
-+ EVP_PBE_alg_add_type;
-+ TS_REQ_set_version;
-+ EVP_PKEY_get0;
-+ BIO_asn1_set_suffix;
-+ i2d_TS_STATUS_INFO;
-+ EVP_MD_do_all;
-+ TS_TST_INFO_set_accuracy;
-+ PKCS7_add_attrib_content_type;
-+ ERR_remove_thread_state;
-+ EVP_PKEY_meth_add0;
-+ TS_TST_INFO_set_tsa;
-+ EVP_PKEY_meth_new;
-+ WHIRLPOOL_Update;
-+ TS_CONF_set_accuracy;
-+ ASN1_PCTX_set_oid_flags;
-+ ESS_SIGNING_CERT_dup;
-+ d2i_TS_REQ_bio;
-+ X509_time_adj_ex;
-+ TS_RESP_CTX_add_flags;
-+ d2i_TS_STATUS_INFO;
-+ TS_MSG_IMPRINT_set_msg;
-+ BIO_asn1_get_suffix;
-+ TS_REQ_free;
-+ EVP_PKEY_meth_free;
-+ TS_REQ_get_exts;
-+ TS_RESP_CTX_set_clock_precision_digits;
-+ TS_RESP_CTX_set_clk_prec_digits;
-+ TS_RESP_CTX_add_failure_info;
-+ i2d_TS_RESP_bio;
-+ EVP_PKEY_CTX_get0_peerkey;
-+ PEM_write_bio_CMS_stream;
-+ TS_REQ_new;
-+ TS_MSG_IMPRINT_new;
-+ EVP_PKEY_meth_find;
-+ EVP_PKEY_id;
-+ TS_TST_INFO_set_serial;
-+ a2i_GENERAL_NAME;
-+ TS_CONF_set_crypto_device;
-+ EVP_PKEY_verify_init;
-+ TS_CONF_set_policies;
-+ ASN1_PCTX_new;
-+ ESS_CERT_ID_free;
-+ ENGINE_unregister_pkey_meths;
-+ TS_MSG_IMPRINT_free;
-+ TS_VERIFY_CTX_init;
-+ PKCS7_stream;
-+ TS_RESP_CTX_set_certs;
-+ TS_CONF_set_def_policy;
-+ ASN1_GENERALIZEDTIME_adj;
-+ NETSCAPE_X509_new;
-+ TS_ACCURACY_free;
-+ TS_RESP_get_tst_info;
-+ EVP_PKEY_derive_set_peer;
-+ PEM_read_bio_Parameters;
-+ TS_CONF_set_clock_precision_digits;
-+ TS_CONF_set_clk_prec_digits;
-+ ESS_ISSUER_SERIAL_dup;
-+ TS_ACCURACY_get_micros;
-+ ASN1_PCTX_get_str_flags;
-+ NAME_CONSTRAINTS_check;
-+ ASN1_BIT_STRING_check;
-+ X509_check_akid;
-+ ENGINE_unregister_pkey_asn1_meths;
-+ ENGINE_unreg_pkey_asn1_meths;
-+ ASN1_PCTX_free;
-+ PEM_write_bio_ASN1_stream;
-+ i2d_ASN1_bio_stream;
-+ TS_X509_ALGOR_print_bio;
-+ EVP_PKEY_meth_set_cleanup;
-+ EVP_PKEY_asn1_free;
-+ ESS_SIGNING_CERT_free;
-+ TS_TST_INFO_set_msg_imprint;
-+ GENERAL_NAME_cmp;
-+ d2i_ASN1_SET_ANY;
-+ ENGINE_set_pkey_meths;
-+ i2d_TS_REQ_fp;
-+ d2i_ASN1_SEQUENCE_ANY;
-+ GENERAL_NAME_get0_otherName;
-+ d2i_ESS_CERT_ID;
-+ OBJ_find_sigid_algs;
-+ EVP_PKEY_meth_set_keygen;
-+ PKCS5_PBKDF2_HMAC;
-+ EVP_PKEY_paramgen;
-+ EVP_PKEY_meth_set_paramgen;
-+ BIO_new_PKCS7;
-+ EVP_PKEY_verify_recover;
-+ TS_ext_print_bio;
-+ TS_ASN1_INTEGER_print_bio;
-+ check_defer;
-+ DSO_pathbyaddr;
-+ EVP_PKEY_set_type;
-+ TS_ACCURACY_set_micros;
-+ TS_REQ_to_TS_VERIFY_CTX;
-+ EVP_PKEY_meth_set_copy;
-+ ASN1_PCTX_set_cert_flags;
-+ TS_TST_INFO_get_ext;
-+ EVP_PKEY_asn1_set_ctrl;
-+ TS_TST_INFO_get_ext_by_critical;
-+ EVP_PKEY_CTX_new_id;
-+ TS_REQ_get_ext_by_OBJ;
-+ TS_CONF_set_signer_cert;
-+ X509_NAME_hash_old;
-+ ASN1_TIME_set_string;
-+ EVP_MD_flags;
-+ TS_RESP_CTX_free;
-+ DSAparams_dup;
-+ DHparams_dup;
-+ OCSP_REQ_CTX_add1_header;
-+ OCSP_REQ_CTX_set1_req;
-+ X509_STORE_set_verify_cb;
-+ X509_STORE_CTX_get0_current_crl;
-+ X509_STORE_CTX_get0_parent_ctx;
-+ X509_STORE_CTX_get0_current_issuer;
-+ X509_STORE_CTX_get0_cur_issuer;
-+ X509_issuer_name_hash_old;
-+ X509_subject_name_hash_old;
-+ EVP_CIPHER_CTX_copy;
-+ UI_method_get_prompt_constructor;
-+ UI_method_get_prompt_constructr;
-+ UI_method_set_prompt_constructor;
-+ UI_method_set_prompt_constructr;
-+ EVP_read_pw_string_min;
-+ CRYPTO_cts128_encrypt;
-+ CRYPTO_cts128_decrypt_block;
-+ CRYPTO_cfb128_1_encrypt;
-+ CRYPTO_cbc128_encrypt;
-+ CRYPTO_ctr128_encrypt;
-+ CRYPTO_ofb128_encrypt;
-+ CRYPTO_cts128_decrypt;
-+ CRYPTO_cts128_encrypt_block;
-+ CRYPTO_cbc128_decrypt;
-+ CRYPTO_cfb128_encrypt;
-+ CRYPTO_cfb128_8_encrypt;
-+ SSL_renegotiate_abbreviated;
-+ TLSv1_1_method;
-+ TLSv1_1_client_method;
-+ TLSv1_1_server_method;
-+ SSL_CTX_set_srp_client_pwd_callback;
-+ SSL_CTX_set_srp_client_pwd_cb;
-+ SSL_get_srp_g;
-+ SSL_CTX_set_srp_username_callback;
-+ SSL_CTX_set_srp_un_cb;
-+ SSL_get_srp_userinfo;
-+ SSL_set_srp_server_param;
-+ SSL_set_srp_server_param_pw;
-+ SSL_get_srp_N;
-+ SSL_get_srp_username;
-+ SSL_CTX_set_srp_password;
-+ SSL_CTX_set_srp_strength;
-+ SSL_CTX_set_srp_verify_param_callback;
-+ SSL_CTX_set_srp_vfy_param_cb;
-+ SSL_CTX_set_srp_cb_arg;
-+ SSL_CTX_set_srp_username;
-+ SSL_CTX_SRP_CTX_init;
-+ SSL_SRP_CTX_init;
-+ SRP_Calc_A_param;
-+ SRP_generate_server_master_secret;
-+ SRP_gen_server_master_secret;
-+ SSL_CTX_SRP_CTX_free;
-+ SRP_generate_client_master_secret;
-+ SRP_gen_client_master_secret;
-+ SSL_srp_server_param_with_username;
-+ SSL_srp_server_param_with_un;
-+ SSL_SRP_CTX_free;
-+ SSL_set_debug;
-+ SSL_SESSION_get0_peer;
-+ TLSv1_2_client_method;
-+ SSL_SESSION_set1_id_context;
-+ TLSv1_2_server_method;
-+ SSL_cache_hit;
-+ SSL_get0_kssl_ctx;
-+ SSL_set0_kssl_ctx;
-+ SSL_set_state;
-+ SSL_CIPHER_get_id;
-+ TLSv1_2_method;
-+ kssl_ctx_get0_client_princ;
-+ SSL_export_keying_material;
-+ SSL_set_tlsext_use_srtp;
-+ SSL_CTX_set_next_protos_advertised_cb;
-+ SSL_CTX_set_next_protos_adv_cb;
-+ SSL_get0_next_proto_negotiated;
-+ SSL_get_selected_srtp_profile;
-+ SSL_CTX_set_tlsext_use_srtp;
-+ SSL_select_next_proto;
-+ SSL_get_srtp_profiles;
-+ SSL_CTX_set_next_proto_select_cb;
-+ SSL_CTX_set_next_proto_sel_cb;
-+ SSL_SESSION_get_compress_id;
-+
-+ SRP_VBASE_get_by_user;
-+ SRP_Calc_server_key;
-+ SRP_create_verifier;
-+ SRP_create_verifier_BN;
-+ SRP_Calc_u;
-+ SRP_VBASE_free;
-+ SRP_Calc_client_key;
-+ SRP_get_default_gN;
-+ SRP_Calc_x;
-+ SRP_Calc_B;
-+ SRP_VBASE_new;
-+ SRP_check_known_gN_param;
-+ SRP_Calc_A;
-+ SRP_Verify_A_mod_N;
-+ SRP_VBASE_init;
-+ SRP_Verify_B_mod_N;
-+ EC_KEY_set_public_key_affine_coordinates;
-+ EC_KEY_set_pub_key_aff_coords;
-+ EVP_aes_192_ctr;
-+ EVP_PKEY_meth_get0_info;
-+ EVP_PKEY_meth_copy;
-+ ERR_add_error_vdata;
-+ EVP_aes_128_ctr;
-+ EVP_aes_256_ctr;
-+ EC_GFp_nistp224_method;
-+ EC_KEY_get_flags;
-+ RSA_padding_add_PKCS1_PSS_mgf1;
-+ EVP_aes_128_xts;
-+ EVP_aes_256_xts;
-+ EVP_aes_128_gcm;
-+ EC_KEY_clear_flags;
-+ EC_KEY_set_flags;
-+ EVP_aes_256_ccm;
-+ RSA_verify_PKCS1_PSS_mgf1;
-+ EVP_aes_128_ccm;
-+ EVP_aes_192_gcm;
-+ X509_ALGOR_set_md;
-+ RAND_init_fips;
-+ EVP_aes_256_gcm;
-+ EVP_aes_192_ccm;
-+ CMAC_CTX_copy;
-+ CMAC_CTX_free;
-+ CMAC_CTX_get0_cipher_ctx;
-+ CMAC_CTX_cleanup;
-+ CMAC_Init;
-+ CMAC_Update;
-+ CMAC_resume;
-+ CMAC_CTX_new;
-+ CMAC_Final;
-+ CRYPTO_ctr128_encrypt_ctr32;
-+ CRYPTO_gcm128_release;
-+ CRYPTO_ccm128_decrypt_ccm64;
-+ CRYPTO_ccm128_encrypt;
-+ CRYPTO_gcm128_encrypt;
-+ CRYPTO_xts128_encrypt;
-+ EVP_rc4_hmac_md5;
-+ CRYPTO_nistcts128_decrypt_block;
-+ CRYPTO_gcm128_setiv;
-+ CRYPTO_nistcts128_encrypt;
-+ EVP_aes_128_cbc_hmac_sha1;
-+ CRYPTO_gcm128_tag;
-+ CRYPTO_ccm128_encrypt_ccm64;
-+ ENGINE_load_rdrand;
-+ CRYPTO_ccm128_setiv;
-+ CRYPTO_nistcts128_encrypt_block;
-+ CRYPTO_gcm128_aad;
-+ CRYPTO_ccm128_init;
-+ CRYPTO_nistcts128_decrypt;
-+ CRYPTO_gcm128_new;
-+ CRYPTO_ccm128_tag;
-+ CRYPTO_ccm128_decrypt;
-+ CRYPTO_ccm128_aad;
-+ CRYPTO_gcm128_init;
-+ CRYPTO_gcm128_decrypt;
-+ ENGINE_load_rsax;
-+ CRYPTO_gcm128_decrypt_ctr32;
-+ CRYPTO_gcm128_encrypt_ctr32;
-+ CRYPTO_gcm128_finish;
-+ EVP_aes_256_cbc_hmac_sha1;
-+ PKCS5_pbkdf2_set;
-+ CMS_add0_recipient_password;
-+ CMS_decrypt_set1_password;
-+ CMS_RecipientInfo_set0_password;
-+ RAND_set_fips_drbg_type;
-+ X509_REQ_sign_ctx;
-+ RSA_PSS_PARAMS_new;
-+ X509_CRL_sign_ctx;
-+ X509_signature_dump;
-+ d2i_RSA_PSS_PARAMS;
-+ RSA_PSS_PARAMS_it;
-+ RSA_PSS_PARAMS_free;
-+ X509_sign_ctx;
-+ i2d_RSA_PSS_PARAMS;
-+ ASN1_item_sign_ctx;
-+ EC_GFp_nistp521_method;
-+ EC_GFp_nistp256_method;
-+ OPENSSL_stderr;
-+ OPENSSL_cpuid_setup;
-+ OPENSSL_showfatal;
-+ BIO_new_dgram_sctp;
-+ BIO_dgram_sctp_msg_waiting;
-+ BIO_dgram_sctp_wait_for_dry;
-+ BIO_s_datagram_sctp;
-+ BIO_dgram_is_sctp;
-+ BIO_dgram_sctp_notification_cb;
-+ CRYPTO_memcmp;
-+ SSL_CTX_set_alpn_protos;
-+ SSL_set_alpn_protos;
-+ SSL_CTX_set_alpn_select_cb;
-+ SSL_get0_alpn_selected;
-+ SSL_CTX_set_custom_cli_ext;
-+ SSL_CTX_set_custom_srv_ext;
-+ SSL_CTX_set_srv_supp_data;
-+ SSL_CTX_set_cli_supp_data;
-+ SSL_set_cert_cb;
-+ SSL_CTX_use_serverinfo;
-+ SSL_CTX_use_serverinfo_file;
-+ SSL_CTX_set_cert_cb;
-+ SSL_CTX_get0_param;
-+ SSL_get0_param;
-+ SSL_certs_clear;
-+ DTLSv1_2_method;
-+ DTLSv1_2_server_method;
-+ DTLSv1_2_client_method;
-+ DTLS_method;
-+ DTLS_server_method;
-+ DTLS_client_method;
-+ SSL_CTX_get_ssl_method;
-+ SSL_CTX_get0_certificate;
-+ SSL_CTX_get0_privatekey;
-+ SSL_COMP_set0_compression_methods;
-+ SSL_COMP_free_compression_methods;
-+ SSL_CIPHER_find;
-+ SSL_is_server;
-+ SSL_CONF_CTX_new;
-+ SSL_CONF_CTX_finish;
-+ SSL_CONF_CTX_free;
-+ SSL_CONF_CTX_set_flags;
-+ SSL_CONF_CTX_clear_flags;
-+ SSL_CONF_CTX_set1_prefix;
-+ SSL_CONF_CTX_set_ssl;
-+ SSL_CONF_CTX_set_ssl_ctx;
-+ SSL_CONF_cmd;
-+ SSL_CONF_cmd_argv;
-+ SSL_CONF_cmd_value_type;
-+ SSL_trace;
-+ SSL_CIPHER_standard_name;
-+ SSL_get_tlsa_record_byname;
-+ ASN1_TIME_diff;
-+ BIO_hex_string;
-+ CMS_RecipientInfo_get0_pkey_ctx;
-+ CMS_RecipientInfo_encrypt;
-+ CMS_SignerInfo_get0_pkey_ctx;
-+ CMS_SignerInfo_get0_md_ctx;
-+ CMS_SignerInfo_get0_signature;
-+ CMS_RecipientInfo_kari_get0_alg;
-+ CMS_RecipientInfo_kari_get0_reks;
-+ CMS_RecipientInfo_kari_get0_orig_id;
-+ CMS_RecipientInfo_kari_orig_id_cmp;
-+ CMS_RecipientEncryptedKey_get0_id;
-+ CMS_RecipientEncryptedKey_cert_cmp;
-+ CMS_RecipientInfo_kari_set0_pkey;
-+ CMS_RecipientInfo_kari_get0_ctx;
-+ CMS_RecipientInfo_kari_decrypt;
-+ CMS_SharedInfo_encode;
-+ DH_compute_key_padded;
-+ d2i_DHxparams;
-+ i2d_DHxparams;
-+ DH_get_1024_160;
-+ DH_get_2048_224;
-+ DH_get_2048_256;
-+ DH_KDF_X9_42;
-+ ECDH_KDF_X9_62;
-+ ECDSA_METHOD_new;
-+ ECDSA_METHOD_free;
-+ ECDSA_METHOD_set_app_data;
-+ ECDSA_METHOD_get_app_data;
-+ ECDSA_METHOD_set_sign;
-+ ECDSA_METHOD_set_sign_setup;
-+ ECDSA_METHOD_set_verify;
-+ ECDSA_METHOD_set_flags;
-+ ECDSA_METHOD_set_name;
-+ EVP_des_ede3_wrap;
-+ EVP_aes_128_wrap;
-+ EVP_aes_192_wrap;
-+ EVP_aes_256_wrap;
-+ EVP_aes_128_cbc_hmac_sha256;
-+ EVP_aes_256_cbc_hmac_sha256;
-+ CRYPTO_128_wrap;
-+ CRYPTO_128_unwrap;
-+ OCSP_REQ_CTX_nbio;
-+ OCSP_REQ_CTX_new;
-+ OCSP_set_max_response_length;
-+ OCSP_REQ_CTX_i2d;
-+ OCSP_REQ_CTX_nbio_d2i;
-+ OCSP_REQ_CTX_get0_mem_bio;
-+ OCSP_REQ_CTX_http;
-+ RSA_padding_add_PKCS1_OAEP_mgf1;
-+ RSA_padding_check_PKCS1_OAEP_mgf1;
-+ RSA_OAEP_PARAMS_free;
-+ RSA_OAEP_PARAMS_it;
-+ RSA_OAEP_PARAMS_new;
-+ SSL_get_sigalgs;
-+ SSL_get_shared_sigalgs;
-+ SSL_check_chain;
-+ X509_chain_up_ref;
-+ X509_http_nbio;
-+ X509_CRL_http_nbio;
-+ X509_REVOKED_dup;
-+ i2d_re_X509_tbs;
-+ X509_get0_signature;
-+ X509_get_signature_nid;
-+ X509_CRL_diff;
-+ X509_chain_check_suiteb;
-+ X509_CRL_check_suiteb;
-+ X509_check_host;
-+ X509_check_email;
-+ X509_check_ip;
-+ X509_check_ip_asc;
-+ X509_STORE_set_lookup_crls_cb;
-+ X509_STORE_CTX_get0_store;
-+ X509_VERIFY_PARAM_set1_host;
-+ X509_VERIFY_PARAM_add1_host;
-+ X509_VERIFY_PARAM_set_hostflags;
-+ X509_VERIFY_PARAM_get0_peername;
-+ X509_VERIFY_PARAM_set1_email;
-+ X509_VERIFY_PARAM_set1_ip;
-+ X509_VERIFY_PARAM_set1_ip_asc;
-+ X509_VERIFY_PARAM_get0_name;
-+ X509_VERIFY_PARAM_get_count;
-+ X509_VERIFY_PARAM_get0;
-+ X509V3_EXT_free;
-+ EC_GROUP_get_mont_data;
-+ EC_curve_nid2nist;
-+ EC_curve_nist2nid;
-+ PEM_write_bio_DHxparams;
-+ PEM_write_DHxparams;
-+ SSL_CTX_add_client_custom_ext;
-+ SSL_CTX_add_server_custom_ext;
-+ SSL_extension_supported;
-+ BUF_strnlen;
-+ sk_deep_copy;
-+ SSL_test_functions;
-+
-+ local:
-+ *;
-+};
-+
-+OPENSSL_1.0.2g {
-+ global:
-+ SRP_VBASE_get1_by_user;
-+ SRP_user_pwd_free;
-+} OPENSSL_1.0.2d;
-+
-Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld 2014-02-24 21:02:30.000000000 +0100
-@@ -0,0 +1,10 @@
-+OPENSSL_1.0.2 {
-+ global:
-+ bind_engine;
-+ v_check;
-+ OPENSSL_init;
-+ OPENSSL_finish;
-+ local:
-+ *;
-+};
-+
-Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld 2014-02-24 21:02:30.000000000 +0100
-@@ -0,0 +1,10 @@
-+OPENSSL_1.0.2 {
-+ global:
-+ bind_engine;
-+ v_check;
-+ OPENSSL_init;
-+ OPENSSL_finish;
-+ local:
-+ *;
-+};
-+
Modified: openssl/branches/1.1.0/debian/po/POTFILES.in
===================================================================
--- openssl/branches/1.1.0/debian/po/POTFILES.in 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/po/POTFILES.in 2016-05-28 19:34:28 UTC (rev 798)
@@ -1 +1 @@
-[type: gettext/rfc822deb] libssl1.0.2.templates
+[type: gettext/rfc822deb] libssl1.1.templates
Modified: openssl/branches/1.1.0/debian/rules
===================================================================
--- openssl/branches/1.1.0/debian/rules 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/rules 2016-05-28 19:34:28 UTC (rev 798)
@@ -26,7 +26,7 @@
export CROSS_COMPILE ?= $(DEB_HOST_GNU_TYPE)-
endif
-CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib/$(DEB_HOST_MULTIARCH) no-idea no-mdc2 no-rc5 no-zlib enable-tlsext no-ssl2 no-ssl3 enable-unit-test no-ssl3-method enable-rfc3779 enable-cms
+CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib/$(DEB_HOST_MULTIARCH) no-idea no-mdc2 no-rc5 no-zlib no-ssl3 enable-unit-test no-ssl3-method enable-rfc3779 enable-cms
OPT_alpha = ev4 ev5
ARCHOPTS = OPT_$(DEB_HOST_ARCH)
OPTS = $($(ARCHOPTS))
@@ -48,6 +48,7 @@
dh_testdir
# perl util/ssldir.pl /usr/lib/ssl
# chmod +x debian/libtool
+ tar xf debian/d2i-tests.tar
./Configure no-shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
make depend
make -f Makefile all
@@ -82,7 +83,7 @@
dh_testroot
-rm -f build-stamp
-./Configure $(CONFARGS) debian-$(DEB_HOST_ARCH)
- [ ! -f Makefile ] || make -f Makefile clean clean-shared
+ [ ! -f Makefile ] || make -f Makefile clean
#-make -f Makefile dclean
# perl util/ssldir.pl /usr/local/ssl
-rm -f test/.rnd test/testkey.pem test/testreq.pem test/certCA.srl
@@ -100,6 +101,9 @@
rm -f test/asn1test test/wp_test test/srptest test/jpaketest
rm -f certs/demo/*.0
rm -rf crypto/aes/aes-armv4.S crypto/bn/armv4-gf2m.S crypto/modes/ghash-armv4.S crypto/sha/*.S
+ rm -f configdata.pm crypto/include/internal/bn_conf.h crypto/include/internal/dso_conf.h include/openssl/opensslconf.h
+ rm -f crypto.map ssl.map engines/afalg/afalg.so test/req-check.err test/req-fff.p test/sid-fff.p
+ rm -f test/d2i-tests/*
find . -type l -exec rm '{}' \;
dh_clean
@@ -108,7 +112,7 @@
dh_testroot
dh_clean
dh_installdirs
- make -f Makefile install INSTALL_PREFIX=`pwd`/debian/tmp
+ make -f Makefile install DESTDIR=`pwd`/debian/tmp
binary-indep: build install
dh_testdir
@@ -137,18 +141,18 @@
mkdir -p debian/tmp/etc/ssl
mv debian/tmp/usr/lib/ssl/{certs,openssl.cnf,private} debian/tmp/etc/ssl/
ln -s /etc/ssl/{certs,openssl.cnf,private} debian/tmp/usr/lib/ssl/
- cp -pf debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcrypto.so.* debian/libcrypto1.0.2-udeb/usr/lib/
- cp -pf debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libssl.so.* debian/libssl1.0.2-udeb/usr/lib/
+ cp -pf debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcrypto.so.* debian/libcrypto1.1-udeb/usr/lib/
+ cp -pf debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libssl.so.* debian/libssl1.1-udeb/usr/lib/
cp -auv lib*.so* debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/
for opt in $(OPTS); do set -xe; mkdir -p debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/$$opt; cp -auv $$opt/lib*.so* debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/$$opt/; done
mkdir -p debian/tmp/usr/include/$(DEB_HOST_MULTIARCH)/openssl
mv debian/tmp/usr/include/openssl/opensslconf.h debian/tmp/usr/include/$(DEB_HOST_MULTIARCH)/openssl/
- install debian/copyright debian/libssl1.0.2/usr/share/doc/libssl1.0.2/
- install debian/changelog debian/libssl1.0.2/usr/share/doc/libssl1.0.2/changelog.Debian
+ install debian/copyright debian/libssl1.1/usr/share/doc/libssl1.1/
+ install debian/changelog debian/libssl1.1/usr/share/doc/libssl1.1/changelog.Debian
install debian/copyright debian/libssl-dev/usr/share/doc/libssl-dev/
install debian/changelog debian/libssl-dev/usr/share/doc/libssl-dev/changelog.Debian
- dh_installdocs -a CHANGES.SSLeay README NEWS debian/README.optimization
+ dh_installdocs -a debian/README.optimization
dh_installexamples -a
dh_installchangelogs -a CHANGES
dh_installman -popenssl
@@ -157,13 +161,13 @@
dh_compress -a
chmod 700 debian/openssl/etc/ssl/private
dh_fixperms -a -X etc/ssl/private
- dh_strip -plibssl1.0.2 --dbg-package=libssl1.0.2-dbg
- dh_strip -a -Nlibssl1.0.2
+ dh_strip -plibssl1.1 --dbg-package=libssl1.1-dbg
+ dh_strip -a -Nlibssl1.1
dh_perl -a -d
- dpkg-gensymbols -Pdebian/libssl1.0.2/ -plibssl1.0.2 -c4
- dh_makeshlibs -a -V "libssl1.0.2" --add-udeb="libcrypto1.0.2-udeb" -Xengines
- sed -i '/^udeb: libssl/s/libcrypto1.0.2-udeb/libssl1.0.2-udeb/' debian/libssl1.0.2/DEBIAN/shlibs
- dh_shlibdeps -a -L libssl1.0.2 -l debian/libssl1.0.2/usr/lib/$(DEB_HOST_MULTIARCH)
+ dpkg-gensymbols -Pdebian/libssl1.1/ -plibssl1.1 -c4
+ dh_makeshlibs -a -V "libssl1.1" --add-udeb="libcrypto1.1-udeb" -Xengines
+ sed -i '/^udeb: libssl/s/libcrypto1.1-udeb/libssl1.1-udeb/' debian/libssl1.1/DEBIAN/shlibs
+ dh_shlibdeps -a -L libssl1.1 -l debian/libssl1.1/usr/lib/$(DEB_HOST_MULTIARCH)
dh_gencontrol -a
dh_installdeb -a
dh_md5sums -a
Modified: openssl/branches/1.1.0/debian/source/include-binaries
===================================================================
--- openssl/branches/1.1.0/debian/source/include-binaries 2016-05-28 13:14:59 UTC (rev 797)
+++ openssl/branches/1.1.0/debian/source/include-binaries 2016-05-28 19:34:28 UTC (rev 798)
@@ -1 +1,2 @@
debian/upstream-signing-key.pgp
+debian/d2i-tests.tar
More information about the Pkg-openssl-changes
mailing list