Upgrade to version 1.1.1h

Signed-off-by: Sahana Prasad <sahana@redhat.com>

.cvsignore

@@ -1 +0,0 @@
-openssl-1.0.0-usa.tar.bz2

.gitignore

@@ -0,0 +1,51 @@
+.build*.log
+clog
+000*.patch
+*.src.rpm
+openssl-1.0.0a-usa.tar.bz2
+/openssl-1.0.0b-usa.tar.bz2
+/openssl-1.0.0c-usa.tar.bz2
+/openssl-1.0.0d-usa.tar.bz2
+/openssl-1.0.0e-usa.tar.bz2
+/openssl-1.0.0f-usa.tar.bz2
+/openssl-1.0.0g-usa.tar.xz
+/openssl-1.0.1-beta2-usa.tar.xz
+/openssl-1.0.1-beta3-usa.tar.xz
+/openssl-1.0.1-usa.tar.xz
+/openssl-1.0.1a-usa.tar.xz
+/openssl-1.0.1b-usa.tar.xz
+/openssl-1.0.1c-usa.tar.xz
+/openssl-1.0.1e-usa.tar.xz
+/openssl-1.0.1e-hobbled.tar.xz
+/openssl-1.0.1g-hobbled.tar.xz
+/openssl-1.0.1h-hobbled.tar.xz
+/openssl-1.0.1i-hobbled.tar.xz
+/openssl-1.0.1j-hobbled.tar.xz
+/openssl-1.0.1k-hobbled.tar.xz
+/openssl-1.0.2a-hobbled.tar.xz
+/openssl-1.0.2c-hobbled.tar.xz
+/openssl-1.0.2d-hobbled.tar.xz
+/openssl-1.0.2e-hobbled.tar.xz
+/openssl-1.0.2f-hobbled.tar.xz
+/openssl-1.0.2g-hobbled.tar.xz
+/openssl-1.0.2h-hobbled.tar.xz
+/openssl-1.0.2i-hobbled.tar.xz
+/openssl-1.0.2j-hobbled.tar.xz
+/openssl-1.1.0b-hobbled.tar.xz
+/openssl-1.1.0c-hobbled.tar.xz
+/openssl-1.1.0d-hobbled.tar.xz
+/openssl-1.1.0e-hobbled.tar.xz
+/openssl-1.1.0f-hobbled.tar.xz
+/openssl-1.1.0g-hobbled.tar.xz
+/openssl-1.1.0h-hobbled.tar.xz
+/openssl-1.1.1-pre8-hobbled.tar.xz
+/openssl-1.1.1-pre9-hobbled.tar.xz
+/openssl-1.1.1-hobbled.tar.xz
+/openssl-1.1.1a-hobbled.tar.xz
+/openssl-1.1.1b-hobbled.tar.xz
+/openssl-1.1.1c-hobbled.tar.xz
+/openssl-1.1.1d-hobbled.tar.xz
+/openssl-1.1.1e-hobbled.tar.xz
+/openssl-1.1.1f-hobbled.tar.xz
+/openssl-1.1.1g-hobbled.tar.xz
+/openssl-1.1.1h-hobbled.tar.xz

Makefile

@@ -1,21 +0,0 @@
-# Makefile for source rpm: openssl
-# $Id: Makefile,v 1.2 2007/10/15 19:12:21 notting Exp $
-NAME := openssl
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON := $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attempt a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

Makefile.certificate

@@ -1,5 +1,11 @@
 UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8)
-SERIAL=0
+DAYS=365
+KEYLEN=2048
+TYPE=rsa:$(KEYLEN)
+EXTRA_FLAGS=
+ifdef SERIAL
+	EXTRA_FLAGS+=-set_serial $(SERIAL)
+endif
 
 .PHONY: usage
 .SUFFIXES: .key .csr .crt .pem
@@ -20,7 +26,9 @@ usage:
 	@echo "To create a CSR for use with Apache, run \"make certreq\"."
 	@echo "To create a test certificate for use with Apache, run \"make testcert\"."
 	@echo
-	@echo "To create a test certificate with serial number other than zero, add SERIAL=num"
+	@echo "To create a test certificate with serial number other than random, add SERIAL=num"
+	@echo "You can also specify key length with KEYLEN=n and expiration in days with DAYS=n"
+	@echo "Any additional options can be passed to openssl req via EXTRA_FLAGS"
 	@echo
 	@echo Examples:
 	@echo "  make server.key"
@@ -31,14 +39,14 @@ usage:
 	@echo "  make certreq"
 	@echo "  make testcert"
 	@echo "  make server.crt SERIAL=1"
-	@echo "  make stunnel.pem SERIAL=2"
-	@echo "  make testcert SERIAL=3"
+	@echo "  make stunnel.pem EXTRA_FLAGS=-sha384"
+	@echo "  make testcert DAYS=600"
 
 %.pem:
 	umask 77 ; \
 	PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
 	PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
-	/usr/bin/openssl req $(UTF8) -newkey rsa:2048 -keyout $$PEM1 -nodes -x509 -days 365 -out $$PEM2 -set_serial $(SERIAL) ; \
+	/usr/bin/openssl req $(UTF8) -newkey $(TYPE) -keyout $$PEM1 -nodes -x509 -days $(DAYS) -out $$PEM2 $(EXTRA_FLAGS) ; \
 	cat $$PEM1 >  $@ ; \
 	echo ""    >> $@ ; \
 	cat $$PEM2 >> $@ ; \
@@ -46,7 +54,7 @@ usage:
 
 %.key:
 	umask 77 ; \
-	/usr/bin/openssl genrsa -aes128 2048 > $@
+	/usr/bin/openssl genrsa -aes128 $(KEYLEN) > $@
 
 %.csr: %.key
 	umask 77 ; \
@@ -54,7 +62,7 @@ usage:
 
 %.crt: %.key
 	umask 77 ; \
-	/usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days 365 -out $@ -set_serial $(SERIAL)
+	/usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days $(DAYS) -out $@ $(EXTRA_FLAGS)
 
 TLSROOT=/etc/pki/tls
 KEY=$(TLSROOT)/private/localhost.key
@@ -71,4 +79,4 @@ $(CSR): $(KEY)
 
 $(CRT): $(KEY)
 	umask 77 ; \
-	/usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days 365 -out $(CRT) -set_serial $(SERIAL)
+	/usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days $(DAYS) -out $(CRT) $(EXTRA_FLAGS)

README.FIPS

@@ -6,17 +6,17 @@ Red Hat Enterprise Linux - OPENSSL Module.
 
 The module files
 ================
-/lib[64]/libcrypto.so.0.9.8e
-/lib[64]/libssl.so.0.9.8e
-/lib[64]/.libcrypto.so.0.9.8e.hmac
-/lib[64]/.libssl.so.0.9.8e.hmac
+/usr/lib[64]/libcrypto.so.1.1.0
+/usr/lib[64]/libssl.so.1.1.0
+/usr/lib[64]/.libcrypto.so.1.1.0.hmac
+/usr/lib[64]/.libssl.so.1.1.0.hmac
 
 Dependencies
 ============
 
 The approved mode of operation requires kernel with /dev/urandom RNG running
 with properties as defined in the security policy of the module. This is
-provided by kernel packages with validated Red Hat Enterprise Linux - IPSec
+provided by kernel packages with validated Red Hat Enterprise Linux Kernel
 Crytographic Module.
 
 Installation
@@ -26,11 +26,8 @@ The RPM package of the module can be installed by standard tools recommended
 for installation of RPM packages on the Red Hat Enterprise Linux system (yum,
 rpm, RHN remote management tool).
 
-For proper operation of the in-module integrity verification the prelink has to
-be disabled. This can be done with setting PRELINKING=no in the
-/etc/sysconfig/prelink configuration file. If the libraries were already
-prelinked the prelink should be undone on all the system files with the
-'prelink -u -a' command.
+The RPM package dracut-fips must be installed for the approved mode of
+operation.
 
 Usage and API
 =============
@@ -40,9 +37,9 @@ line contains option fips=1 the module will initialize in the FIPS approved
 mode of operation automatically. To allow for the automatic initialization the
 application using the module has to call one of the following API calls:
 
-- void OPENSSL_init(void) - this will do only a basic initialization of the
-library and does initialization of the FIPS approved mode without setting up
-EVP API with supported algorithms.
+- void OPENSSL_init_library(void) - this will do only a basic initialization
+of the library and does initialization of the FIPS approved mode without setting
+up EVP API with supported algorithms.
 
 - void OPENSSL_add_all_algorithms(void) - this API function calls
 OPENSSL_init() implicitly and also adds all approved algorithms to the EVP API

ec_curve.c

@@ -0,0 +1,582 @@
+/*
+ * Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <string.h>
+#include "ec_local.h"
+#include <openssl/err.h>
+#include <openssl/obj_mac.h>
+#include <openssl/opensslconf.h>
+#include "internal/nelem.h"
+
+typedef struct {
+    int field_type,             /* either NID_X9_62_prime_field or
+                                 * NID_X9_62_characteristic_two_field */
+     seed_len, param_len;
+    unsigned int cofactor;      /* promoted to BN_ULONG */
+} EC_CURVE_DATA;
+
+/* the nist prime curves */
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 28 * 6];
+} _EC_NIST_PRIME_224 = {
+    {
+        NID_X9_62_prime_field, 20, 28, 1
+    },
+    {
+        /* seed */
+        0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45, 0xB5, 0x9F,
+        0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE,
+        /* b */
+        0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
+        0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
+        0x23, 0x55, 0xFF, 0xB4,
+        /* x */
+        0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
+        0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
+        0x11, 0x5C, 0x1D, 0x21,
+        /* y */
+        0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
+        0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
+        0x85, 0x00, 0x7e, 0x34,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
+        0x5C, 0x5C, 0x2A, 0x3D
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 48 * 6];
+} _EC_NIST_PRIME_384 = {
+    {
+        NID_X9_62_prime_field, 20, 48, 1
+    },
+    {
+        /* seed */
+        0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00, 0x89, 0x6A,
+        0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E, 0x05, 0x6B,
+        0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12,
+        0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D,
+        0x8A, 0x2E, 0xD1, 0x9D, 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF,
+        /* x */
+        0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E,
+        0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98,
+        0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D,
+        0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7,
+        /* y */
+        0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, 0x98, 0xbf,
+        0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
+        0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce,
+        0x1d, 0x7e, 0x81, 0x9d, 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2,
+        0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 66 * 6];
+} _EC_NIST_PRIME_521 = {
+    {
+        NID_X9_62_prime_field, 20, 66, 1
+    },
+    {
+        /* seed */
+        0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC, 0x67, 0x17,
+        0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA,
+        /* p */
+        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F, 0x92, 0x9A,
+        0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3,
+        0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19,
+        0x39, 0x51, 0xEC, 0x7E, 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1,
+        0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45,
+        0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00,
+        /* x */
+        0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E,
+        0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F,
+        0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B,
+        0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF,
+        0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E,
+        0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66,
+        /* y */
+        0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a,
+        0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
+        0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee,
+        0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
+        0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe,
+        0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50,
+        /* order */
+        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86,
+        0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09,
+        0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F,
+        0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 32 * 6];
+} _EC_X9_62_PRIME_256V1 = {
+    {
+        NID_X9_62_prime_field, 20, 32, 1
+    },
+    {
+        /* seed */
+        0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66, 0x78, 0xE1,
+        0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55,
+        0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6,
+        0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B,
+        /* x */
+        0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5,
+        0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0,
+        0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96,
+        /* y */
+        0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a,
+        0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
+        0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
+        0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 32 * 6];
+} _EC_SECG_PRIME_256K1 = {
+    {
+        NID_X9_62_prime_field, 0, 32, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
+        /* x */
+        0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, 0x55, 0xA0, 0x62, 0x95,
+        0xCE, 0x87, 0x0B, 0x07, 0x02, 0x9B, 0xFC, 0xDB, 0x2D, 0xCE, 0x28, 0xD9,
+        0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8, 0x17, 0x98,
+        /* y */
+        0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc,
+        0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19,
+        0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
+        0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
+    }
+};
+
+typedef struct _ec_list_element_st {
+    int nid;
+    const EC_CURVE_DATA *data;
+    const EC_METHOD *(*meth) (void);
+    const char *comment;
+} ec_list_element;
+
+static const ec_list_element curve_list[] = {
+    /* prime field curves */
+    /* secg curves */
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+    {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
+     "NIST/SECG curve over a 224 bit prime field"},
+#else
+    {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
+     "NIST/SECG curve over a 224 bit prime field"},
+#endif
+    {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
+     "SECG curve over a 256 bit prime field"},
+    /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
+    {NID_secp384r1, &_EC_NIST_PRIME_384.h, 0,
+     "NIST/SECG curve over a 384 bit prime field"},
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+    {NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method,
+     "NIST/SECG curve over a 521 bit prime field"},
+#else
+    {NID_secp521r1, &_EC_NIST_PRIME_521.h, 0,
+     "NIST/SECG curve over a 521 bit prime field"},
+#endif
+    /* X9.62 curves */
+    {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,
+#if defined(ECP_NISTZ256_ASM)
+     EC_GFp_nistz256_method,
+#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
+     EC_GFp_nistp256_method,
+#else
+     0,
+#endif
+     "X9.62/SECG curve over a 256 bit prime field"},
+};
+
+#define curve_list_length OSSL_NELEM(curve_list)
+
+static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
+{
+    EC_GROUP *group = NULL;
+    EC_POINT *P = NULL;
+    BN_CTX *ctx = NULL;
+    BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order =
+        NULL;
+    int ok = 0;
+    int seed_len, param_len;
+    const EC_METHOD *meth;
+    const EC_CURVE_DATA *data;
+    const unsigned char *params;
+
+    /* If no curve data curve method must handle everything */
+    if (curve.data == NULL)
+        return EC_GROUP_new(curve.meth != NULL ? curve.meth() : NULL);
+
+    if ((ctx = BN_CTX_new()) == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    data = curve.data;
+    seed_len = data->seed_len;
+    param_len = data->param_len;
+    params = (const unsigned char *)(data + 1); /* skip header */
+    params += seed_len;         /* skip seed */
+
+    if ((p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) == NULL
+        || (a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) == NULL
+        || (b = BN_bin2bn(params + 2 * param_len, param_len, NULL)) == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
+        goto err;
+    }
+
+    if (curve.meth != 0) {
+        meth = curve.meth();
+        if (((group = EC_GROUP_new(meth)) == NULL) ||
+            (!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
+            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+            goto err;
+        }
+    } else if (data->field_type == NID_X9_62_prime_field) {
+        if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) {
+            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+#ifndef OPENSSL_NO_EC2M
+    else {                      /* field_type ==
+                                 * NID_X9_62_characteristic_two_field */
+
+        if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) {
+            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+#endif
+
+    EC_GROUP_set_curve_name(group, curve.nid);
+
+    if ((P = EC_POINT_new(group)) == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    if ((x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) == NULL
+        || (y = BN_bin2bn(params + 4 * param_len, param_len, NULL)) == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
+        goto err;
+    }
+    if (!EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+        goto err;
+    }
+    if ((order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) == NULL
+        || !BN_set_word(x, (BN_ULONG)data->cofactor)) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
+        goto err;
+    }
+    if (!EC_GROUP_set_generator(group, P, order, x)) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+        goto err;
+    }
+    if (seed_len) {
+        if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) {
+            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+    ok = 1;
+ err:
+    if (!ok) {
+        EC_GROUP_free(group);
+        group = NULL;
+    }
+    EC_POINT_free(P);
+    BN_CTX_free(ctx);
+    BN_free(p);
+    BN_free(a);
+    BN_free(b);
+    BN_free(order);
+    BN_free(x);
+    BN_free(y);
+    return group;
+}
+
+EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
+{
+    size_t i;
+    EC_GROUP *ret = NULL;
+
+    if (nid <= 0)
+        return NULL;
+
+    for (i = 0; i < curve_list_length; i++)
+        if (curve_list[i].nid == nid) {
+            ret = ec_group_new_from_data(curve_list[i]);
+            break;
+        }
+
+    if (ret == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP);
+        return NULL;
+    }
+
+    return ret;
+}
+
+size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
+{
+    size_t i, min;
+
+    if (r == NULL || nitems == 0)
+        return curve_list_length;
+
+    min = nitems < curve_list_length ? nitems : curve_list_length;
+
+    for (i = 0; i < min; i++) {
+        r[i].nid = curve_list[i].nid;
+        r[i].comment = curve_list[i].comment;
+    }
+
+    return curve_list_length;
+}
+
+/* Functions to translate between common NIST curve names and NIDs */
+
+typedef struct {
+    const char *name;           /* NIST Name of curve */
+    int nid;                    /* Curve NID */
+} EC_NIST_NAME;
+
+static EC_NIST_NAME nist_curves[] = {
+    {"B-163", NID_sect163r2},
+    {"B-233", NID_sect233r1},
+    {"B-283", NID_sect283r1},
+    {"B-409", NID_sect409r1},
+    {"B-571", NID_sect571r1},
+    {"K-163", NID_sect163k1},
+    {"K-233", NID_sect233k1},
+    {"K-283", NID_sect283k1},
+    {"K-409", NID_sect409k1},
+    {"K-571", NID_sect571k1},
+    {"P-192", NID_X9_62_prime192v1},
+    {"P-224", NID_secp224r1},
+    {"P-256", NID_X9_62_prime256v1},
+    {"P-384", NID_secp384r1},
+    {"P-521", NID_secp521r1}
+};
+
+const char *EC_curve_nid2nist(int nid)
+{
+    size_t i;
+    for (i = 0; i < OSSL_NELEM(nist_curves); i++) {
+        if (nist_curves[i].nid == nid)
+            return nist_curves[i].name;
+    }
+    return NULL;
+}
+
+int EC_curve_nist2nid(const char *name)
+{
+    size_t i;
+    for (i = 0; i < OSSL_NELEM(nist_curves); i++) {
+        if (strcmp(nist_curves[i].name, name) == 0)
+            return nist_curves[i].nid;
+    }
+    return NID_undef;
+}
+
+#define NUM_BN_FIELDS 6
+/*
+ * Validates EC domain parameter data for known named curves.
+ * This can be used when a curve is loaded explicitly (without a curve
+ * name) or to validate that domain parameters have not been modified.
+ *
+ * Returns: The nid associated with the found named curve, or NID_undef
+ *          if not found. If there was an error it returns -1.
+ */
+int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx)
+{
+    int ret = -1, nid, len, field_type, param_len;
+    size_t i, seed_len;
+    const unsigned char *seed, *params_seed, *params;
+    unsigned char *param_bytes = NULL;
+    const EC_CURVE_DATA *data;
+    const EC_POINT *generator = NULL;
+    const EC_METHOD *meth;
+    const BIGNUM *cofactor = NULL;
+    /* An array of BIGNUMs for (p, a, b, x, y, order) */
+    BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL};
+
+    meth = EC_GROUP_method_of(group);
+    if (meth == NULL)
+        return -1;
+    /* Use the optional named curve nid as a search field */
+    nid = EC_GROUP_get_curve_name(group);
+    field_type = EC_METHOD_get_field_type(meth);
+    seed_len = EC_GROUP_get_seed_len(group);
+    seed = EC_GROUP_get0_seed(group);
+    cofactor = EC_GROUP_get0_cofactor(group);
+
+    BN_CTX_start(ctx);
+
+    /*
+     * The built-in curves contains data fields (p, a, b, x, y, order) that are
+     * all zero-padded to be the same size. The size of the padding is
+     * determined by either the number of bytes in the field modulus (p) or the
+     * EC group order, whichever is larger.
+     */
+    param_len = BN_num_bytes(group->order);
+    len = BN_num_bytes(group->field);
+    if (len > param_len)
+        param_len = len;
+
+    /* Allocate space to store the padded data for (p, a, b, x, y, order)  */
+    param_bytes = OPENSSL_malloc(param_len * NUM_BN_FIELDS);
+    if (param_bytes == NULL)
+        goto end;
+
+    /* Create the bignums */
+    for (i = 0; i < NUM_BN_FIELDS; ++i) {
+        if ((bn[i] = BN_CTX_get(ctx)) == NULL)
+            goto end;
+    }
+    /*
+     * Fill in the bn array with the same values as the internal curves
+     * i.e. the values are p, a, b, x, y, order.
+     */
+    /* Get p, a & b */
+    if (!(EC_GROUP_get_curve(group, bn[0], bn[1], bn[2], ctx)
+        && ((generator = EC_GROUP_get0_generator(group)) != NULL)
+        /* Get x & y */
+        && EC_POINT_get_affine_coordinates(group, generator, bn[3], bn[4], ctx)
+        /* Get order */
+        && EC_GROUP_get_order(group, bn[5], ctx)))
+        goto end;
+
+   /*
+     * Convert the bignum array to bytes that are joined together to form
+     * a single buffer that contains data for all fields.
+     * (p, a, b, x, y, order) are all zero padded to be the same size.
+     */
+    for (i = 0; i < NUM_BN_FIELDS; ++i) {
+        if (BN_bn2binpad(bn[i], &param_bytes[i*param_len], param_len) <= 0)
+            goto end;
+    }
+
+    for (i = 0; i < curve_list_length; i++) {
+        const ec_list_element curve = curve_list[i];
+
+        data = curve.data;
+        /* Get the raw order byte data */
+        params_seed = (const unsigned char *)(data + 1); /* skip header */
+        params = params_seed + data->seed_len;
+
+        /* Look for unique fields in the fixed curve data */
+        if (data->field_type == field_type
+            && param_len == data->param_len
+            && (nid <= 0 || nid == curve.nid)
+            /* check the optional cofactor (ignore if its zero) */
+            && (BN_is_zero(cofactor)
+                || BN_is_word(cofactor, (const BN_ULONG)curve.data->cofactor))
+            /* Check the optional seed (ignore if its not set) */
+            && (data->seed_len == 0 || seed_len == 0
+                || ((size_t)data->seed_len == seed_len
+                     && memcmp(params_seed, seed, seed_len) == 0))
+            /* Check that the groups params match the built-in curve params */
+            && memcmp(param_bytes, params, param_len * NUM_BN_FIELDS)
+                             == 0) {
+            ret = curve.nid;
+            goto end;
+        }
+    }
+    /* Gets here if the group was not found */
+    ret = NID_undef;
+end:
+    OPENSSL_free(param_bytes);
+    BN_CTX_end(ctx);
+    return ret;
+}

fixpatch

@@ -0,0 +1,15 @@
+#!/bin/sh
+# Fixes patch from upstream tracker view
+gawk '
+BEGIN {
+   dir=""
+}
+/^Index: openssl\// {
+   dir = $2
+}
+/^(---|\+\+\+)/ {
+   $2 = dir
+}
+{
+   print
+}'

hobble-openssl

@@ -5,40 +5,36 @@ set -e
 
 # Clean out patent-or-otherwise-encumbered code.
 # MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway
-# IDEA:  5,214,703 25/05/2010
-# RC5:   5,724,428 03/03/2015
-# EC:    ????????? ??/??/2015
+# IDEA:  5,214,703 07/01/2012 - expired, we do not remove it anymore
+# RC5:   5,724,428 01/11/2015 - expired, we do not remove it anymore
+# EC:    ????????? ??/??/2020
+# SRP:   ????????? ??/??/2017 - expired, we do not remove it anymore
 
 # Remove assembler portions of IDEA, MDC2, and RC5.
-(find crypto/{idea,rc5}/asm -type f | xargs -r rm -fv)
+# (find crypto/rc5/asm -type f | xargs -r rm -fv)
 
-# IDEA, MDC2, RC5, EC.
-for a in idea rc5 ec ecdh ecdsa; do
-  for c in `find crypto/$a -name "*.c" -a \! -name "*test*" -type f` ; do
+for c in `find crypto/bn -name "*gf2m.c"`; do
 	echo Destroying $c
 	> $c
-  done
 done
 
-for c in `find crypto/evp -name "*_rc5.c" -o -name "*_idea.c" -o -name "*_ecdsa.c"`; do
+for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c"`; do
+	echo Destroying $c
+	> $c
+done
+
+for c in `find test -name "ectest.c"`; do
 	echo Destroying $c
 	> $c
 done
 
 for h in `find crypto ssl apps test -name "*.h"` ; do
-	echo Removing IDEA, RC5, and EC references from $h
+	echo Removing EC2M references from $h
 	cat $h | \
 	awk    'BEGIN {ech=1;} \
-		/^#[ \t]*ifndef.*NO_IDEA/ {ech--; next;} \
-		/^#[ \t]*ifndef.*NO_RC5/ {ech--; next;} \
-		/^#[ \t]*ifndef.*NO_EC/ {ech--; next;} \
-		/^#[ \t]*ifndef.*NO_ECDH/ {ech--; next;} \
-		/^#[ \t]*ifndef.*NO_ECDSA/ {ech--; next;} \
+		/^#[ \t]*ifndef.*NO_EC2M/ {ech--; next;} \
                 /^#[ \t]*if/ {if(ech < 1) ech--;} \
 		{if(ech>0) {;print $0};} \
 		/^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \
 	mv $h.hobbled $h
 done
-
-# Make the makefiles happy.
-touch crypto/rc5/asm/rc5-586.pl

openssl-0.9.6-x509.patch

@@ -1,29 +0,0 @@
-Do not treat duplicate certs as an error.
-
---- openssl-0.9.6/crypto/x509/by_file.c	Wed Sep 27 15:09:05 2000
-+++ openssl-0.9.6/crypto/x509/by_file.c	Wed Sep 27 14:21:20 2000
-@@ -163,8 +163,12 @@
- 					}
- 				}
- 			i=X509_STORE_add_cert(ctx->store_ctx,x);
--			if (!i) goto err;
--			count++;
-+			/* ignore any problems with current certificate 
-+			    and continue with the next one */
-+			if (i)
-+			    count++;
-+			else
-+			    ERR_clear_error();
- 			X509_free(x);
- 			x=NULL;
- 			}
-@@ -179,7 +183,8 @@
- 			goto err;
- 			}
- 		i=X509_STORE_add_cert(ctx->store_ctx,x);
--		if (!i) goto err;
-+		if (!i)
-+		  ERR_clear_error();
- 		ret=i;
- 		}
- 	else

openssl-0.9.8a-no-rpath.patch

@@ -1,11 +0,0 @@
---- openssl-0.9.8a/Makefile.shared.no-rpath	2005-06-23 22:47:54.000000000 +0200
-+++ openssl-0.9.8a/Makefile.shared	2005-11-16 22:35:37.000000000 +0100
-@@ -153,7 +153,7 @@
- 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- 	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
- 
--DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
-+DO_GNU_APP=LDFLAGS="$(CFLAGS)"
- 
- #This is rather special.  It's a special target with which one can link
- #applications without bothering with any features that have anything to

openssl-0.9.8b-test-use-localhost.patch

@@ -1,24 +0,0 @@
-diff -up openssl-0.9.8b/ssl/ssltest.c.use-localhost openssl-0.9.8b/ssl/ssltest.c
---- openssl-0.9.8b/ssl/ssltest.c.use-localhost	2006-02-24 18:58:35.000000000 +0100
-+++ openssl-0.9.8b/ssl/ssltest.c	2007-08-03 14:06:16.000000000 +0200
-@@ -839,19 +839,8 @@ bad:
- #ifndef OPENSSL_NO_KRB5
- 	if (c_ssl  &&  c_ssl->kssl_ctx)
-                 {
--                char	localhost[MAXHOSTNAMELEN+2];
--
--		if (gethostname(localhost, sizeof localhost-1) == 0)
--                        {
--			localhost[sizeof localhost-1]='\0';
--			if(strlen(localhost) == sizeof localhost-1)
--				{
--				BIO_printf(bio_err,"localhost name too long\n");
--				goto end;
--				}
- 			kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
--                                localhost);
--			}
-+                                "localhost");
- 		}
- #endif    /* OPENSSL_NO_KRB5  */
- 

openssl-0.9.8g-ia64.patch

@@ -1,19 +0,0 @@
-diff -up openssl-0.9.8g/crypto/bn/bn_lcl.h.ia64 openssl-0.9.8g/crypto/bn/bn_lcl.h
---- openssl-0.9.8g/crypto/bn/bn_lcl.h.ia64	2008-08-10 22:23:55.000000000 +0200
-+++ openssl-0.9.8g/crypto/bn/bn_lcl.h	2008-08-10 22:23:55.000000000 +0200
-@@ -279,6 +279,15 @@ extern "C" {
- #   define BN_UMULT_HIGH(a,b)		__umulh((a),(b))
- #   define BN_UMULT_LOHI(low,high,a,b)	((low)=_umul128((a),(b),&(high)))
- #  endif
-+# elif defined(__ia64) && defined(SIXTY_FOUR_BIT_LONG)
-+#  if defined(__GNUC__)
-+#   define BN_UMULT_HIGH(a,b) ({      \
-+      register BN_ULONG ret;          \
-+      asm ("xmpy.hu %0 = %1, %2"      \
-+           : "=f"(ret)                \
-+           : "f"(a), "f"(b));         \
-+      ret;                    })
-+#  endif      /* compiler */
- # endif		/* cpu */
- #endif		/* OPENSSL_NO_ASM */
- 

openssl-0.9.8j-bad-mime.patch

@@ -1,14 +0,0 @@
-diff -up openssl-0.9.8j/crypto/asn1/asn_mime.c.bad-mime openssl-0.9.8j/crypto/asn1/asn_mime.c
---- openssl-0.9.8j/crypto/asn1/asn_mime.c.bad-mime	2008-08-05 17:56:11.000000000 +0200
-+++ openssl-0.9.8j/crypto/asn1/asn_mime.c	2009-01-14 22:08:34.000000000 +0100
-@@ -792,6 +792,10 @@ static int mime_hdr_addparam(MIME_HEADER
- static int mime_hdr_cmp(const MIME_HEADER * const *a,
- 			const MIME_HEADER * const *b)
- {
-+	if ((*a)->name == NULL || (*b)->name == NULL)
-+		return (*a)->name - (*b)->name < 0 ? -1 :
-+			(*a)->name - (*b)->name > 0 ? 1 : 0;
-+
- 	return(strcmp((*a)->name, (*b)->name));
- }
- 

openssl-0.9.8j-env-nozlib.patch

@@ -1,13 +0,0 @@
-Do not implicitly load the zlib support if OPENSSL_NO_DEFAULT_ZLIB is set.
-diff -up openssl-0.9.8j/ssl/ssl_ciph.c.env-nozlib openssl-0.9.8j/ssl/ssl_ciph.c
---- openssl-0.9.8j/ssl/ssl_ciph.c.env-nozlib	2009-01-05 15:43:07.000000000 +0100
-+++ openssl-0.9.8j/ssl/ssl_ciph.c	2009-01-14 17:47:46.000000000 +0100
-@@ -287,7 +287,7 @@ static void load_builtin_compressions(vo
- 
- 			MemCheck_off();
- 			ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
--			if (ssl_comp_methods != NULL)
-+			if (ssl_comp_methods != NULL && getenv("OPENSSL_NO_DEFAULT_ZLIB") == NULL)
- 				{
- 				comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
- 				if (comp != NULL)

openssl-0.9.8j-version-add-engines.patch

@@ -1,48 +0,0 @@
-diff -up openssl-0.9.8j/apps/version.c.version-add-engines openssl-0.9.8j/apps/version.c
---- openssl-0.9.8j/apps/version.c.version-add-engines	2008-10-20 14:53:33.000000000 +0200
-+++ openssl-0.9.8j/apps/version.c	2009-01-13 23:22:03.000000000 +0100
-@@ -131,6 +131,7 @@
- #ifndef OPENSSL_NO_BF
- # include <openssl/blowfish.h>
- #endif
-+#include <openssl/engine.h>
- 
- #undef PROG
- #define PROG	version_main
-@@ -140,7 +141,7 @@ int MAIN(int, char **);
- int MAIN(int argc, char **argv)
- 	{
- 	int i,ret=0;
--	int cflags=0,version=0,date=0,options=0,platform=0,dir=0;
-+	int cflags=0,version=0,date=0,options=0,platform=0,dir=0,engines=0;
- 
- 	apps_startup();
- 
-@@ -164,7 +165,7 @@ int MAIN(int argc, char **argv)
- 		else if (strcmp(argv[i],"-d") == 0)
- 			dir=1;
- 		else if (strcmp(argv[i],"-a") == 0)
--			date=version=cflags=options=platform=dir=1;
-+			date=version=cflags=options=platform=dir=engines=1;
- 		else
- 			{
- 			BIO_printf(bio_err,"usage:version -[avbofpd]\n");
-@@ -211,6 +212,18 @@ int MAIN(int argc, char **argv)
- 		}
- 	if (cflags)  printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
- 	if (dir)  printf("%s\n",SSLeay_version(SSLEAY_DIR));
-+	if (engines)
-+		{
-+		ENGINE *e;
-+		printf("engines:  ");
-+		e = ENGINE_get_first();
-+		while (e)
-+			{
-+			printf("%s ", ENGINE_get_id(e));
-+			e = ENGINE_get_next(e);
-+			}
-+		printf("\n");
-+		}
- end:
- 	apps_shutdown();
- 	OPENSSL_EXIT(ret);

openssl-1.0.0-beta3-fipscheck.patch

@@ -1,400 +0,0 @@
-diff -up openssl-1.0.0-beta3/crypto/fips/fips.c.fipscheck openssl-1.0.0-beta3/crypto/fips/fips.c
---- openssl-1.0.0-beta3/crypto/fips/fips.c.fipscheck	2009-08-10 20:11:59.000000000 +0200
-+++ openssl-1.0.0-beta3/crypto/fips/fips.c	2009-08-10 20:11:59.000000000 +0200
-@@ -47,6 +47,7 @@
-  *
-  */
- 
-+#define _GNU_SOURCE
- 
- #include <openssl/rand.h>
- #include <openssl/fips_rand.h>
-@@ -56,6 +57,9 @@
- #include <openssl/rsa.h>
- #include <string.h>
- #include <limits.h>
-+#include <dlfcn.h>
-+#include <stdio.h>
-+#include <stdlib.h>
- #include "fips_locl.h"
- 
- #ifdef OPENSSL_FIPS
-@@ -165,6 +169,204 @@ int FIPS_selftest()
- 	&& FIPS_selftest_dsa();
-     }
- 
-+/* we implement what libfipscheck does ourselves */
-+
-+static int
-+get_library_path(const char *libname, const char *symbolname, char *path, size_t pathlen)
-+{
-+	Dl_info info;
-+	void *dl, *sym;
-+	int rv = -1;
-+
-+        dl = dlopen(libname, RTLD_LAZY);
-+        if (dl == NULL) {
-+	        return -1;
-+        }       
-+
-+	sym = dlsym(dl, symbolname);
-+
-+	if (sym != NULL && dladdr(sym, &info)) {
-+		strncpy(path, info.dli_fname, pathlen-1);
-+		path[pathlen-1] = '\0';
-+		rv = 0;
-+	}
-+
-+	dlclose(dl);	
-+	
-+	return rv;
-+}
-+
-+static const char conv[] = "0123456789abcdef";
-+
-+static char *
-+bin2hex(void *buf, size_t len)
-+{
-+	char *hex, *p;
-+	unsigned char *src = buf;
-+	
-+	hex = malloc(len * 2 + 1);
-+	if (hex == NULL)
-+		return NULL;
-+
-+	p = hex;
-+
-+	while (len > 0) {
-+		unsigned c;
-+
-+		c = *src;
-+		src++;
-+
-+		*p = conv[c >> 4];
-+		++p;
-+		*p = conv[c & 0x0f];
-+		++p;
-+		--len;
-+	}
-+	*p = '\0';
-+	return hex;
-+}
-+
-+#define HMAC_PREFIX "." 
-+#define HMAC_SUFFIX ".hmac" 
-+#define READ_BUFFER_LENGTH 16384
-+
-+static char *
-+make_hmac_path(const char *origpath)
-+{
-+	char *path, *p;
-+	const char *fn;
-+
-+	path = malloc(sizeof(HMAC_PREFIX) + sizeof(HMAC_SUFFIX) + strlen(origpath));
-+	if(path == NULL) {
-+		return NULL;
-+	}
-+
-+	fn = strrchr(origpath, '/');
-+	if (fn == NULL) {
-+		fn = origpath;
-+	} else {
-+		++fn;
-+	}
-+
-+	strncpy(path, origpath, fn-origpath);
-+	p = path + (fn - origpath);
-+	p = stpcpy(p, HMAC_PREFIX);
-+	p = stpcpy(p, fn);
-+	p = stpcpy(p, HMAC_SUFFIX);
-+
-+	return path;
-+}
-+
-+static const char hmackey[] = "orboDeJITITejsirpADONivirpUkvarP";
-+
-+static int
-+compute_file_hmac(const char *path, void **buf, size_t *hmaclen)
-+{
-+	FILE *f = NULL;
-+	int rv = -1;
-+	unsigned char rbuf[READ_BUFFER_LENGTH];
-+	size_t len;
-+	unsigned int hlen;
-+	HMAC_CTX c;
-+
-+	HMAC_CTX_init(&c);
-+
-+	f = fopen(path, "r");
-+
-+	if (f == NULL) {
-+		goto end;
-+	}
-+
-+	HMAC_Init(&c, hmackey, sizeof(hmackey)-1, EVP_sha256());
-+
-+	while ((len=fread(rbuf, 1, sizeof(rbuf), f)) != 0) {
-+		HMAC_Update(&c, rbuf, len);
-+	}
-+
-+	len = sizeof(rbuf);
-+	/* reuse rbuf for hmac */
-+	HMAC_Final(&c, rbuf, &hlen);
-+
-+	*buf = malloc(hlen);
-+	if (*buf == NULL) {
-+		goto end;
-+	}
-+
-+	*hmaclen = hlen;
-+
-+	memcpy(*buf, rbuf, hlen);
-+
-+	rv = 0;
-+end:
-+	HMAC_CTX_cleanup(&c);
-+
-+	if (f)
-+		fclose(f);
-+
-+	return rv;
-+}
-+
-+static int
-+FIPSCHECK_verify(const char *libname, const char *symbolname)
-+{
-+	char path[PATH_MAX+1];
-+	int rv;
-+	FILE *hf;
-+	char *hmacpath, *p;
-+	char *hmac = NULL;
-+	size_t n;
-+	
-+	rv = get_library_path(libname, symbolname, path, sizeof(path));
-+
-+	if (rv < 0)
-+		return 0;
-+
-+	hmacpath = make_hmac_path(path);
-+
-+	hf = fopen(hmacpath, "r");
-+	if (hf == NULL) {
-+		free(hmacpath);
-+		return 0;
-+	}
-+
-+	if (getline(&hmac, &n, hf) > 0) {
-+		void *buf;
-+		size_t hmaclen;
-+		char *hex;
-+
-+		if ((p=strchr(hmac, '\n')) != NULL)
-+			*p = '\0';
-+
-+		if (compute_file_hmac(path, &buf, &hmaclen) < 0) {
-+			rv = -4;
-+			goto end;
-+		}
-+
-+		if ((hex=bin2hex(buf, hmaclen)) == NULL) {
-+			free(buf);
-+			rv = -5;
-+			goto end;
-+		}
-+
-+		if (strcmp(hex, hmac) != 0) {
-+			rv = -1;
-+		}
-+		free(buf);
-+		free(hex);
-+	}
-+
-+end:
-+	free(hmac);
-+	free(hmacpath);
-+	fclose(hf);
-+
-+	if (rv < 0)
-+		return 0;
-+
-+	/* check successful */
-+	return 1;	
-+}
-+
- int FIPS_mode_set(int onoff)
-     {
-     int fips_set_owning_thread();
-@@ -201,6 +403,22 @@ int FIPS_mode_set(int onoff)
- 	    }
- #endif
- 
-+	if(!FIPSCHECK_verify("libcrypto.so." SHLIB_VERSION_NUMBER,"FIPS_mode_set"))
-+	    {
-+	    FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
-+	    fips_selftest_fail = 1;
-+	    ret = 0;
-+	    goto end;
-+	    }
-+
-+	if(!FIPSCHECK_verify("libssl.so." SHLIB_VERSION_NUMBER,"SSL_CTX_new"))
-+	    {
-+	    FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
-+	    fips_selftest_fail = 1;
-+	    ret = 0;
-+	    goto end;
-+	    }
-+
- 	/* Perform RNG KAT before seeding */
- 	if (!FIPS_selftest_rng())
- 	    {
-diff -up openssl-1.0.0-beta3/crypto/fips/fips_standalone_sha1.c.fipscheck openssl-1.0.0-beta3/crypto/fips/fips_standalone_sha1.c
---- openssl-1.0.0-beta3/crypto/fips/fips_standalone_sha1.c.fipscheck	2009-08-10 20:11:59.000000000 +0200
-+++ openssl-1.0.0-beta3/crypto/fips/fips_standalone_sha1.c	2009-08-10 20:11:59.000000000 +0200
-@@ -62,7 +62,7 @@ void OPENSSL_cleanse(void *p,size_t len)
- 
- #ifdef OPENSSL_FIPS
- 
--static void hmac_init(SHA_CTX *md_ctx,SHA_CTX *o_ctx,
-+static void hmac_init(SHA256_CTX *md_ctx,SHA256_CTX *o_ctx,
- 		      const char *key)
-     {
-     size_t len=strlen(key);
-@@ -72,10 +72,10 @@ static void hmac_init(SHA_CTX *md_ctx,SH
- 
-     if (len > SHA_CBLOCK)
- 	{
--	SHA1_Init(md_ctx);
--	SHA1_Update(md_ctx,key,len);
--	SHA1_Final(keymd,md_ctx);
--	len=20;
-+	SHA256_Init(md_ctx);
-+	SHA256_Update(md_ctx,key,len);
-+	SHA256_Final(keymd,md_ctx);
-+	len=SHA256_DIGEST_LENGTH;
- 	}
-     else
- 	memcpy(keymd,key,len);
-@@ -83,22 +83,22 @@ static void hmac_init(SHA_CTX *md_ctx,SH
- 
-     for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
- 	pad[i]=0x36^keymd[i];
--    SHA1_Init(md_ctx);
--    SHA1_Update(md_ctx,pad,SHA_CBLOCK);
-+    SHA256_Init(md_ctx);
-+    SHA256_Update(md_ctx,pad,SHA256_CBLOCK);
- 
-     for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
- 	pad[i]=0x5c^keymd[i];
--    SHA1_Init(o_ctx);
--    SHA1_Update(o_ctx,pad,SHA_CBLOCK);
-+    SHA256_Init(o_ctx);
-+    SHA256_Update(o_ctx,pad,SHA256_CBLOCK);
-     }
- 
--static void hmac_final(unsigned char *md,SHA_CTX *md_ctx,SHA_CTX *o_ctx)
-+static void hmac_final(unsigned char *md,SHA256_CTX *md_ctx,SHA256_CTX *o_ctx)
-     {
--    unsigned char buf[20];
-+    unsigned char buf[SHA256_DIGEST_LENGTH];
- 
--    SHA1_Final(buf,md_ctx);
--    SHA1_Update(o_ctx,buf,sizeof buf);
--    SHA1_Final(md,o_ctx);
-+    SHA256_Final(buf,md_ctx);
-+    SHA256_Update(o_ctx,buf,sizeof buf);
-+    SHA256_Final(md,o_ctx);
-     }
- 
- #endif
-@@ -106,7 +106,7 @@ static void hmac_final(unsigned char *md
- int main(int argc,char **argv)
-     {
- #ifdef OPENSSL_FIPS
--    static char key[]="etaonrishdlcupfm";
-+    static char key[]="orboDeJITITejsirpADONivirpUkvarP";
-     int n,binary=0;
- 
-     if(argc < 2)
-@@ -125,8 +125,8 @@ int main(int argc,char **argv)
-     for(; n < argc ; ++n)
- 	{
- 	FILE *f=fopen(argv[n],"rb");
--	SHA_CTX md_ctx,o_ctx;
--	unsigned char md[20];
-+	SHA256_CTX md_ctx,o_ctx;
-+	unsigned char md[SHA256_DIGEST_LENGTH];
- 	int i;
- 
- 	if(!f)
-@@ -151,18 +151,18 @@ int main(int argc,char **argv)
- 		else
- 		    break;
- 		}
--	    SHA1_Update(&md_ctx,buf,l);
-+	    SHA256_Update(&md_ctx,buf,l);
- 	    }
- 	hmac_final(md,&md_ctx,&o_ctx);
- 
- 	if (binary)
- 	    {
--	    fwrite(md,20,1,stdout);
-+	    fwrite(md,SHA256_DIGEST_LENGTH,1,stdout);
- 	    break;	/* ... for single(!) file */
- 	    }
- 
--	printf("HMAC-SHA1(%s)= ",argv[n]);
--	for(i=0 ; i < 20 ; ++i)
-+/*	printf("HMAC-SHA1(%s)= ",argv[n]); */
-+	for(i=0 ; i < SHA256_DIGEST_LENGTH ; ++i)
- 	    printf("%02x",md[i]);
- 	printf("\n");
- 	}
-diff -up openssl-1.0.0-beta3/crypto/fips/Makefile.fipscheck openssl-1.0.0-beta3/crypto/fips/Makefile
---- openssl-1.0.0-beta3/crypto/fips/Makefile.fipscheck	2009-08-10 20:11:59.000000000 +0200
-+++ openssl-1.0.0-beta3/crypto/fips/Makefile	2009-08-10 20:27:45.000000000 +0200
-@@ -16,6 +16,9 @@ GENERAL=Makefile
- TEST=fips_test_suite.c fips_randtest.c
- APPS=
- 
-+PROGRAM= fips_standalone_sha1
-+EXE= $(PROGRAM)$(EXE_EXT)
-+
- LIB=$(TOP)/libcrypto.a
- LIBSRC=fips_aes_selftest.c fips_des_selftest.c fips_hmac_selftest.c fips_rand_selftest.c \
-     fips_rsa_selftest.c fips_sha1_selftest.c fips.c fips_dsa_selftest.c  fips_rand.c \
-@@ -25,6 +28,8 @@ LIBOBJ=fips_aes_selftest.o fips_des_self
-     fips_rsa_selftest.o fips_sha1_selftest.o fips.o fips_dsa_selftest.o  fips_rand.o \
-     fips_rsa_x931g.o
- 
-+LIBCRYPTO=-L.. -lcrypto
-+
- SRC= $(LIBSRC) fips_standalone_sha1.c
- 
- EXHEADER= fips.h fips_rand.h
-@@ -35,13 +40,15 @@ ALL=    $(GENERAL) $(SRC) $(HEADER)
- top:
- 	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
- 
--all:	lib
-+all:	lib exe
- 
- lib:	$(LIBOBJ)
- 	$(AR) $(LIB) $(LIBOBJ)
- 	$(RANLIB) $(LIB) || echo Never mind.
- 	@touch lib
- 
-+exe:	$(EXE)
-+
- files:
- 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
- 
-@@ -77,5 +84,9 @@ dclean:
- clean:
- 	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
- 
-+$(EXE): $(PROGRAM).o
-+	FIPS_SHA_ASM=""; for i in $(SHA1_ASM_OBJ) sha256.o ; do FIPS_SHA_ASM="$$FIPS_SHA_ASM ../sha/$$i" ; done; \
-+	$(CC) -o $@ $(CFLAGS) $(PROGRAM).o $$FIPS_SHA_ASM
-+
- # DO NOT DELETE THIS LINE -- make depend depends on it.
- 

openssl-1.0.0-beta3-fipsmode.patch

@@ -1,265 +0,0 @@
-diff -up openssl-1.0.0-beta3/crypto/engine/eng_all.c.fipsmode openssl-1.0.0-beta3/crypto/engine/eng_all.c
---- openssl-1.0.0-beta3/crypto/engine/eng_all.c.fipsmode	2009-07-01 16:55:58.000000000 +0200
-+++ openssl-1.0.0-beta3/crypto/engine/eng_all.c	2009-08-11 17:37:16.000000000 +0200
-@@ -58,9 +58,23 @@
- 
- #include "cryptlib.h"
- #include "eng_int.h"
-+#ifdef OPENSSL_FIPS
-+#include <openssl/fips.h>
-+#endif
- 
- void ENGINE_load_builtin_engines(void)
- 	{
-+#ifdef OPENSSL_FIPS
-+	OPENSSL_init_library();
-+	if (FIPS_mode()) {
-+		/* We allow loading dynamic engine as a third party
-+		   engine might be FIPS validated.
-+		   User is disallowed to load non-validated engines
-+		   by security policy. */
-+		ENGINE_load_dynamic();
-+		return;
-+	}
-+#endif
- #if 0
- 	/* There's no longer any need for an "openssl" ENGINE unless, one day,
- 	 * it is the *only* way for standard builtin implementations to be be
-diff -up openssl-1.0.0-beta3/crypto/evp/c_allc.c.fipsmode openssl-1.0.0-beta3/crypto/evp/c_allc.c
---- openssl-1.0.0-beta3/crypto/evp/c_allc.c.fipsmode	2007-04-24 01:48:28.000000000 +0200
-+++ openssl-1.0.0-beta3/crypto/evp/c_allc.c	2009-08-11 17:42:34.000000000 +0200
-@@ -65,6 +65,11 @@
- void OpenSSL_add_all_ciphers(void)
- 	{
- 
-+#ifdef OPENSSL_FIPS
-+	OPENSSL_init_library();
-+	if(!FIPS_mode()) 
-+		{
-+#endif
- #ifndef OPENSSL_NO_DES
- 	EVP_add_cipher(EVP_des_cfb());
- 	EVP_add_cipher(EVP_des_cfb1());
-@@ -219,4 +224,61 @@ void OpenSSL_add_all_ciphers(void)
- 	EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256");
- 	EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256");
- #endif
-+#ifdef OPENSSL_FIPS
-+		}
-+	else
-+		{
-+#ifndef OPENSSL_NO_DES
-+	EVP_add_cipher(EVP_des_ede_cfb());
-+	EVP_add_cipher(EVP_des_ede3_cfb());
-+
-+	EVP_add_cipher(EVP_des_ede_ofb());
-+	EVP_add_cipher(EVP_des_ede3_ofb());
-+
-+	EVP_add_cipher(EVP_des_ede_cbc());
-+	EVP_add_cipher(EVP_des_ede3_cbc());
-+	EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");
-+	EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");
-+
-+	EVP_add_cipher(EVP_des_ede());
-+	EVP_add_cipher(EVP_des_ede3());
-+#endif
-+
-+#ifndef OPENSSL_NO_AES
-+	EVP_add_cipher(EVP_aes_128_ecb());
-+	EVP_add_cipher(EVP_aes_128_cbc());
-+	EVP_add_cipher(EVP_aes_128_cfb());
-+	EVP_add_cipher(EVP_aes_128_cfb1());
-+	EVP_add_cipher(EVP_aes_128_cfb8());
-+	EVP_add_cipher(EVP_aes_128_ofb());
-+#if 0
-+	EVP_add_cipher(EVP_aes_128_ctr());
-+#endif
-+	EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");
-+	EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");
-+	EVP_add_cipher(EVP_aes_192_ecb());
-+	EVP_add_cipher(EVP_aes_192_cbc());
-+	EVP_add_cipher(EVP_aes_192_cfb());
-+	EVP_add_cipher(EVP_aes_192_cfb1());
-+	EVP_add_cipher(EVP_aes_192_cfb8());
-+	EVP_add_cipher(EVP_aes_192_ofb());
-+#if 0
-+	EVP_add_cipher(EVP_aes_192_ctr());
-+#endif
-+	EVP_add_cipher_alias(SN_aes_192_cbc,"AES192");
-+	EVP_add_cipher_alias(SN_aes_192_cbc,"aes192");
-+	EVP_add_cipher(EVP_aes_256_ecb());
-+	EVP_add_cipher(EVP_aes_256_cbc());
-+	EVP_add_cipher(EVP_aes_256_cfb());
-+	EVP_add_cipher(EVP_aes_256_cfb1());
-+	EVP_add_cipher(EVP_aes_256_cfb8());
-+	EVP_add_cipher(EVP_aes_256_ofb());
-+#if 0
-+	EVP_add_cipher(EVP_aes_256_ctr());
-+#endif
-+	EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
-+	EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
-+#endif
-+		}
-+#endif
- 	}
-diff -up openssl-1.0.0-beta3/crypto/evp/c_alld.c.fipsmode openssl-1.0.0-beta3/crypto/evp/c_alld.c
---- openssl-1.0.0-beta3/crypto/evp/c_alld.c.fipsmode	2009-07-08 10:50:53.000000000 +0200
-+++ openssl-1.0.0-beta3/crypto/evp/c_alld.c	2009-08-11 17:54:08.000000000 +0200
-@@ -64,6 +64,11 @@
- 
- void OpenSSL_add_all_digests(void)
- 	{
-+#ifdef OPENSSL_FIPS
-+	OPENSSL_init_library();
-+	if (!FIPS_mode())
-+		{
-+#endif
- #ifndef OPENSSL_NO_MD4
- 	EVP_add_digest(EVP_md4());
- #endif
-@@ -110,5 +115,33 @@ void OpenSSL_add_all_digests(void)
- #endif
- #ifndef OPENSSL_NO_WHIRLPOOL
- 	EVP_add_digest(EVP_whirlpool());
-+#endif
-+#ifdef OPENSSL_FIPS
-+		}
-+	else
-+		{
-+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-+	EVP_add_digest(EVP_sha1());
-+	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
-+	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
-+#ifndef OPENSSL_NO_DSA
-+	EVP_add_digest(EVP_dss1());
-+	EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
-+	EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
-+	EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
-+#endif
-+#ifndef OPENSSL_NO_ECDSA
-+	EVP_add_digest(EVP_ecdsa());
-+#endif
-+#endif
-+#ifndef OPENSSL_NO_SHA256
-+	EVP_add_digest(EVP_sha224());
-+	EVP_add_digest(EVP_sha256());
-+#endif
-+#ifndef OPENSSL_NO_SHA512
-+	EVP_add_digest(EVP_sha384());
-+	EVP_add_digest(EVP_sha512());
-+#endif
-+		}
- #endif
- 	}
-diff -up openssl-1.0.0-beta3/crypto/o_init.c.fipsmode openssl-1.0.0-beta3/crypto/o_init.c
---- openssl-1.0.0-beta3/crypto/o_init.c.fipsmode	2009-08-11 17:28:25.000000000 +0200
-+++ openssl-1.0.0-beta3/crypto/o_init.c	2009-08-11 17:39:06.000000000 +0200
-@@ -59,6 +59,43 @@
- #include <e_os.h>
- #include <openssl/err.h>
- 
-+#ifdef OPENSSL_FIPS
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include <errno.h>
-+#include <stdlib.h>
-+#include <openssl/fips.h>
-+
-+#define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled"
-+
-+static void init_fips_mode(void)
-+	{
-+	char buf[2] = "0";
-+	int fd;
-+	
-+	if (getenv("OPENSSL_FORCE_FIPS_MODE") != NULL)
-+		{
-+		buf[0] = '1';
-+		}
-+	else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0)
-+		{
-+		while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR);
-+		close(fd);
-+		}
-+	/* Failure reading the fips mode switch file means just not
-+	 * switching into FIPS mode. We would break too many things
-+	 * otherwise. 
-+	 */
-+	
-+	if (buf[0] == '1')
-+		{
-+		FIPS_mode_set(1);
-+		}
-+	}
-+#endif
-+
- /* Perform any essential OpenSSL initialization operations.
-  * Currently only sets FIPS callbacks
-  */
-@@ -72,6 +109,7 @@ void OPENSSL_init_library(void)
- #ifdef CRYPTO_MDEBUG
- 		CRYPTO_malloc_debug_init();
- #endif
-+		init_fips_mode();
- 		done = 1;
- 		}
- #endif
-diff -up openssl-1.0.0-beta3/ssl/ssl_algs.c.fipsmode openssl-1.0.0-beta3/ssl/ssl_algs.c
---- openssl-1.0.0-beta3/ssl/ssl_algs.c.fipsmode	2009-07-08 10:50:53.000000000 +0200
-+++ openssl-1.0.0-beta3/ssl/ssl_algs.c	2009-08-11 18:01:13.000000000 +0200
-@@ -64,6 +64,12 @@
- int SSL_library_init(void)
- 	{
- 
-+#ifdef OPENSSL_FIPS
-+	OPENSSL_init_library();
-+	if (!FIPS_mode())
-+		{
-+#endif
-+
- #ifndef OPENSSL_NO_DES
- 	EVP_add_cipher(EVP_des_cbc());
- 	EVP_add_cipher(EVP_des_ede3_cbc());
-@@ -115,6 +121,40 @@ int SSL_library_init(void)
- 	EVP_add_digest(EVP_sha());
- 	EVP_add_digest(EVP_dss());
- #endif
-+#ifdef OPENSSL_FIPS
-+		}
-+	else
-+		{
-+#ifndef OPENSSL_NO_DES
-+	EVP_add_cipher(EVP_des_ede3_cbc());
-+#endif
-+#ifndef OPENSSL_NO_AES
-+	EVP_add_cipher(EVP_aes_128_cbc());
-+	EVP_add_cipher(EVP_aes_192_cbc());
-+	EVP_add_cipher(EVP_aes_256_cbc());
-+#endif
-+#ifndef OPENSSL_NO_MD5
-+	/* needed even in the FIPS mode for TLS MAC */
-+	EVP_add_digest(EVP_md5());
-+	EVP_add_digest_alias(SN_md5,"ssl2-md5");
-+	EVP_add_digest_alias(SN_md5,"ssl3-md5");
-+#endif
-+#ifndef OPENSSL_NO_SHA
-+	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
-+	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
-+	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
-+#endif
-+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
-+	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
-+	EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
-+	EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
-+	EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
-+#endif
-+#ifndef OPENSSL_NO_ECDSA
-+	EVP_add_digest(EVP_ecdsa());
-+#endif
-+		}
-+#endif
- #ifndef OPENSSL_NO_COMP
- 	/* This will initialise the built-in compression algorithms.
- 	   The value returned is a STACK_OF(SSL_COMP), but that can

openssl-1.0.0-beta3-fipsrng.patch

@@ -1,79 +0,0 @@
-diff -up openssl-1.0.0-beta3/crypto/fips/fips.c.fipsrng openssl-1.0.0-beta3/crypto/fips/fips.c
---- openssl-1.0.0-beta3/crypto/fips/fips.c.fipsrng	2009-08-11 18:12:14.000000000 +0200
-+++ openssl-1.0.0-beta3/crypto/fips/fips.c	2009-08-11 18:14:36.000000000 +0200
-@@ -427,22 +427,22 @@ int FIPS_mode_set(int onoff)
- 	    goto end;
- 	    }
- 
-+	/* now switch the RNG into FIPS mode */
-+	fips_set_rand_check(FIPS_rand_method());
-+	RAND_set_rand_method(FIPS_rand_method());
-+
- 	/* automagically seed PRNG if not already seeded */
- 	if(!FIPS_rand_status())
- 	    {
--	    if(RAND_bytes(buf,sizeof buf) <= 0)
-+	    RAND_poll();
-+	    if (!FIPS_rand_status())
- 		{
- 		fips_selftest_fail = 1;
- 		ret = 0;
- 		goto end;
- 		}
--	    FIPS_rand_set_key(buf,32);
--	    FIPS_rand_seed(buf+32,16);
- 	    }
- 
--	/* now switch into FIPS mode */
--	fips_set_rand_check(FIPS_rand_method());
--	RAND_set_rand_method(FIPS_rand_method());
- 	if(FIPS_selftest())
- 	    fips_set_mode(1);
- 	else
-diff -up openssl-1.0.0-beta3/crypto/fips/fips_rand.c.fipsrng openssl-1.0.0-beta3/crypto/fips/fips_rand.c
---- openssl-1.0.0-beta3/crypto/fips/fips_rand.c.fipsrng	2009-08-11 18:12:14.000000000 +0200
-+++ openssl-1.0.0-beta3/crypto/fips/fips_rand.c	2009-08-11 18:16:48.000000000 +0200
-@@ -155,7 +155,18 @@ static int fips_set_prng_seed(FIPS_PRNG_
- 	{
- 	int i;
- 	if (!ctx->keyed)
--		return 0;
-+		{
-+		FIPS_RAND_SIZE_T keylen = 16;
-+
-+		if (seedlen - keylen < AES_BLOCK_LENGTH)
-+			return 0;
-+		if (seedlen - keylen - 8 >= AES_BLOCK_LENGTH)
-+			keylen += 8;
-+		if (seedlen - keylen - 8 >= AES_BLOCK_LENGTH)
-+			keylen += 8;
-+		seedlen -= keylen;
-+		fips_set_prng_key(ctx, seed+seedlen, keylen);
-+		}
- 	/* In test mode seed is just supplied data */
- 	if (ctx->test_mode)
- 		{
-@@ -276,6 +287,7 @@ static int fips_rand(FIPS_PRNG_CTX *ctx,
- 	unsigned char R[AES_BLOCK_LENGTH], I[AES_BLOCK_LENGTH];
- 	unsigned char tmp[AES_BLOCK_LENGTH];
- 	int i;
-+	FIPS_selftest_check();
- 	if (ctx->error)
- 		{
- 		RANDerr(RAND_F_FIPS_RAND,RAND_R_PRNG_ERROR);
-diff -up openssl-1.0.0-beta3/crypto/rand/rand_lcl.h.fipsrng openssl-1.0.0-beta3/crypto/rand/rand_lcl.h
---- openssl-1.0.0-beta3/crypto/rand/rand_lcl.h.fipsrng	2009-08-11 18:12:13.000000000 +0200
-+++ openssl-1.0.0-beta3/crypto/rand/rand_lcl.h	2009-08-11 18:18:13.000000000 +0200
-@@ -112,8 +112,11 @@
- #ifndef HEADER_RAND_LCL_H
- #define HEADER_RAND_LCL_H
- 
-+#ifndef OPENSSL_FIPS
- #define ENTROPY_NEEDED 32  /* require 256 bits = 32 bytes of randomness */
--
-+#else
-+#define ENTROPY_NEEDED 48  /* we need 48 bytes of randomness for FIPS rng */
-+#endif
- 
- #if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
- #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)

openssl-1.0.0-beta3-soversion.patch

@@ -1,44 +0,0 @@
-diff -up openssl-1.0.0-beta3/Configure.soversion openssl-1.0.0-beta3/Configure
---- openssl-1.0.0-beta3/Configure.soversion	2009-08-04 23:06:52.000000000 +0200
-+++ openssl-1.0.0-beta3/Configure	2009-08-04 23:06:52.000000000 +0200
-@@ -1514,7 +1514,7 @@ while (<IN>)
- 	elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
- 		{
- 		my $sotmp = $1;
--		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
-+		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_SONAMEVER) .s$sotmp/;
- 		}
- 	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
- 		{
-diff -up openssl-1.0.0-beta3/Makefile.org.soversion openssl-1.0.0-beta3/Makefile.org
---- openssl-1.0.0-beta3/Makefile.org.soversion	2009-08-04 23:06:52.000000000 +0200
-+++ openssl-1.0.0-beta3/Makefile.org	2009-08-04 23:11:01.000000000 +0200
-@@ -10,6 +10,7 @@ SHLIB_VERSION_HISTORY=
- SHLIB_MAJOR=
- SHLIB_MINOR=
- SHLIB_EXT=
-+SHLIB_SONAMEVER=10
- PLATFORM=dist
- OPTIONS=
- CONFIGURE_ARGS=
-@@ -289,10 +290,9 @@ clean-shared:
- link-shared:
- 	@ set -e; for i in $(SHLIBDIRS); do \
- 		$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
--			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
-+			LIBNAME=$$i LIBVERSION=$(SHLIB_SONAMEVER) \
- 			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
- 			symlink.$(SHLIB_TARGET); \
--		libs="$$libs -l$$i"; \
- 	done
- 
- build-shared: do_$(SHLIB_TARGET) link-shared
-@@ -303,7 +303,7 @@ do_$(SHLIB_TARGET):
- 			libs="$(LIBKRB5) $$libs"; \
- 		fi; \
- 		$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
--			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
-+			LIBNAME=$$i LIBVERSION=$(SHLIB_SONAMEVER) \
- 			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
- 			LIBDEPS="$$libs $(EX_LIBS)" \
- 			link_a.$(SHLIB_TARGET); \

openssl-1.0.0-beta4-algo-doc.patch

@@ -1,113 +0,0 @@
-diff -up openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod.algo-doc openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod
---- openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod.algo-doc	2009-10-16 17:29:34.000000000 +0200
-+++ openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod	2009-11-12 14:13:21.000000000 +0100
-@@ -6,7 +6,8 @@ EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_
- EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
- EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size,
- EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
--EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2,
-+EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_sha224,
-+EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1, EVP_mdc2,
- EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
- EVP digest routines
- 
-@@ -51,6 +52,10 @@ EVP digest routines
-  const EVP_MD *EVP_md5(void);
-  const EVP_MD *EVP_sha(void);
-  const EVP_MD *EVP_sha1(void);
-+ const EVP_MD *EVP_sha224(void);
-+ const EVP_MD *EVP_sha256(void);
-+ const EVP_MD *EVP_sha384(void);
-+ const EVP_MD *EVP_sha512(void);
-  const EVP_MD *EVP_dss(void);
-  const EVP_MD *EVP_dss1(void);
-  const EVP_MD *EVP_mdc2(void);
-@@ -70,7 +75,7 @@ EVP_MD_CTX_create() allocates, initializ
- 
- EVP_DigestInit_ex() sets up digest context B<ctx> to use a digest
- B<type> from ENGINE B<impl>. B<ctx> must be initialized before calling this
--function. B<type> will typically be supplied by a functionsuch as EVP_sha1().
-+function. B<type> will typically be supplied by a function such as EVP_sha1().
- If B<impl> is NULL then the default implementation of digest B<type> is used.
- 
- EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
-@@ -127,9 +132,11 @@ with this digest. For example EVP_sha1()
- return B<NID_sha1WithRSAEncryption>. This "link" between digests and signature
- algorithms may not be retained in future versions of OpenSSL.
- 
--EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_mdc2() and EVP_ripemd160()
--return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 digest
--algorithms respectively. The associated signature algorithm is RSA in each case.
-+EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
-+EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160()
-+return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384,
-+SHA512, MDC2 and RIPEMD160 digest algorithms respectively. The associated
-+signature algorithm is RSA in each case.
- 
- EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
- algorithms but using DSS (DSA) for the signature algorithm. Note: there is 
-@@ -158,7 +165,8 @@ EVP_MD_size(), EVP_MD_block_size(), EVP_
- EVP_MD_CTX_block_size()	and EVP_MD_block_size() return the digest or block
- size in bytes.
- 
--EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
-+EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
-+EVP_sha224(), EVP_sha256(), EVP_sha384(), EVP_sha512(), EVP_dss(),
- EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
- corresponding EVP_MD structures.
- 
-diff -up openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod.algo-doc openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod
---- openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod.algo-doc	2005-04-15 18:01:35.000000000 +0200
-+++ openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod	2009-11-12 14:11:03.000000000 +0100
-@@ -91,6 +91,32 @@ EVP_CIPHER_CTX_set_padding - EVP cipher 
-  int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-  int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
- 
-+ const EVP_CIPHER *EVP_des_ede3(void);
-+ const EVP_CIPHER *EVP_des_ede3_ecb(void);
-+ const EVP_CIPHER *EVP_des_ede3_cfb64(void);
-+ const EVP_CIPHER *EVP_des_ede3_cfb1(void);
-+ const EVP_CIPHER *EVP_des_ede3_cfb8(void);
-+ const EVP_CIPHER *EVP_des_ede3_ofb(void);
-+ const EVP_CIPHER *EVP_des_ede3_cbc(void);
-+ const EVP_CIPHER *EVP_aes_128_ecb(void);
-+ const EVP_CIPHER *EVP_aes_128_cbc(void);
-+ const EVP_CIPHER *EVP_aes_128_cfb1(void);
-+ const EVP_CIPHER *EVP_aes_128_cfb8(void);
-+ const EVP_CIPHER *EVP_aes_128_cfb128(void);
-+ const EVP_CIPHER *EVP_aes_128_ofb(void);
-+ const EVP_CIPHER *EVP_aes_192_ecb(void);
-+ const EVP_CIPHER *EVP_aes_192_cbc(void);
-+ const EVP_CIPHER *EVP_aes_192_cfb1(void);
-+ const EVP_CIPHER *EVP_aes_192_cfb8(void);
-+ const EVP_CIPHER *EVP_aes_192_cfb128(void);
-+ const EVP_CIPHER *EVP_aes_192_ofb(void);
-+ const EVP_CIPHER *EVP_aes_256_ecb(void);
-+ const EVP_CIPHER *EVP_aes_256_cbc(void);
-+ const EVP_CIPHER *EVP_aes_256_cfb1(void);
-+ const EVP_CIPHER *EVP_aes_256_cfb8(void);
-+ const EVP_CIPHER *EVP_aes_256_cfb128(void);
-+ const EVP_CIPHER *EVP_aes_256_ofb(void);
-+
- =head1 DESCRIPTION
- 
- The EVP cipher routines are a high level interface to certain
-@@ -297,6 +323,18 @@ Three key triple DES in CBC, ECB, CFB an
- 
- DESX algorithm in CBC mode.
- 
-+=item EVP_aes_128_cbc(void), EVP_aes_128_ecb(), EVP_aes_128_ofb(void), EVP_aes_128_cfb1(void), EVP_aes_128_cfb8(void), EVP_aes_128_cfb128(void)
-+
-+AES with 128 bit key length in CBC, ECB, OFB and CFB modes respectively.
-+
-+=item EVP_aes_192_cbc(void), EVP_aes_192_ecb(), EVP_aes_192_ofb(void), EVP_aes_192_cfb1(void), EVP_aes_192_cfb8(void), EVP_aes_192_cfb128(void)
-+
-+AES with 192 bit key length in CBC, ECB, OFB and CFB modes respectively.
-+
-+=item EVP_aes_256_cbc(void), EVP_aes_256_ecb(), EVP_aes_256_ofb(void), EVP_aes_256_cfb1(void), EVP_aes_256_cfb8(void), EVP_aes_256_cfb128(void)
-+
-+AES with 256 bit key length in CBC, ECB, OFB and CFB modes respectively.
-+
- =item EVP_rc4(void)
- 
- RC4 stream cipher. This is a variable key length cipher with default key length 128 bits.

openssl-1.0.0-beta4-ca-dir.patch

@@ -1,36 +0,0 @@
-diff -up openssl-1.0.0-beta4/apps/CA.pl.in.ca-dir openssl-1.0.0-beta4/apps/CA.pl.in
---- openssl-1.0.0-beta4/apps/CA.pl.in.ca-dir	2006-04-28 02:30:49.000000000 +0200
-+++ openssl-1.0.0-beta4/apps/CA.pl.in	2009-11-12 12:33:13.000000000 +0100
-@@ -53,7 +53,7 @@ $VERIFY="$openssl verify";
- $X509="$openssl x509";
- $PKCS12="$openssl pkcs12";
- 
--$CATOP="./demoCA";
-+$CATOP="/etc/pki/CA";
- $CAKEY="cakey.pem";
- $CAREQ="careq.pem";
- $CACERT="cacert.pem";
-diff -up openssl-1.0.0-beta4/apps/CA.sh.ca-dir openssl-1.0.0-beta4/apps/CA.sh
---- openssl-1.0.0-beta4/apps/CA.sh.ca-dir	2009-10-15 19:27:47.000000000 +0200
-+++ openssl-1.0.0-beta4/apps/CA.sh	2009-11-12 12:35:14.000000000 +0100
-@@ -68,7 +68,7 @@ VERIFY="$OPENSSL verify"
- X509="$OPENSSL x509"
- PKCS12="openssl pkcs12"
- 
--if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
-+if [ -z "$CATOP" ] ; then CATOP=/etc/pki/CA ; fi
- CAKEY=./cakey.pem
- CAREQ=./careq.pem
- CACERT=./cacert.pem
-diff -up openssl-1.0.0-beta4/apps/openssl.cnf.ca-dir openssl-1.0.0-beta4/apps/openssl.cnf
---- openssl-1.0.0-beta4/apps/openssl.cnf.ca-dir	2009-11-12 12:33:13.000000000 +0100
-+++ openssl-1.0.0-beta4/apps/openssl.cnf	2009-11-12 12:33:13.000000000 +0100
-@@ -39,7 +39,7 @@ default_ca	= CA_default		# The default c
- ####################################################################
- [ CA_default ]
- 
--dir		= ./demoCA		# Where everything is kept
-+dir		= /etc/pki/CA		# Where everything is kept
- certs		= $dir/certs		# Where the issued certs are kept
- crl_dir		= $dir/crl		# Where the issued crl are kept
- database	= $dir/index.txt	# database index file.

openssl-1.0.0-beta4-default-paths.patch

@@ -1,77 +0,0 @@
-diff -up openssl-1.0.0-beta4/apps/s_client.c.default-paths openssl-1.0.0-beta4/apps/s_client.c
---- openssl-1.0.0-beta4/apps/s_client.c.default-paths	2009-08-12 15:21:26.000000000 +0200
-+++ openssl-1.0.0-beta4/apps/s_client.c	2009-11-12 12:26:32.000000000 +0100
-@@ -889,12 +889,13 @@ bad:
- 	if (!set_cert_key_stuff(ctx,cert,key))
- 		goto end;
- 
--	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
--		(!SSL_CTX_set_default_verify_paths(ctx)))
-+	if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath))
-+		{
-+		ERR_print_errors(bio_err);
-+		}
-+	if (!SSL_CTX_set_default_verify_paths(ctx))
- 		{
--		/* BIO_printf(bio_err,"error setting default verify locations\n"); */
- 		ERR_print_errors(bio_err);
--		/* goto end; */
- 		}
- 
- #ifndef OPENSSL_NO_TLSEXT
-diff -up openssl-1.0.0-beta4/apps/s_server.c.default-paths openssl-1.0.0-beta4/apps/s_server.c
---- openssl-1.0.0-beta4/apps/s_server.c.default-paths	2009-10-28 18:49:37.000000000 +0100
-+++ openssl-1.0.0-beta4/apps/s_server.c	2009-11-12 12:31:23.000000000 +0100
-@@ -1408,12 +1408,13 @@ bad:
- 		}
- #endif
- 
--	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
--		(!SSL_CTX_set_default_verify_paths(ctx)))
-+	if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath))
-+		{
-+		ERR_print_errors(bio_err);
-+		}
-+	if (!SSL_CTX_set_default_verify_paths(ctx))
- 		{
--		/* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
- 		ERR_print_errors(bio_err);
--		/* goto end; */
- 		}
- 	if (vpm)
- 		SSL_CTX_set1_param(ctx, vpm);
-@@ -1465,8 +1466,11 @@ bad:
- 		else
- 			SSL_CTX_sess_set_cache_size(ctx2,128);
- 
--		if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) ||
--			(!SSL_CTX_set_default_verify_paths(ctx2)))
-+		if (!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath))
-+			{
-+			ERR_print_errors(bio_err);
-+			}
-+		if (!SSL_CTX_set_default_verify_paths(ctx2))
- 			{
- 			ERR_print_errors(bio_err);
- 			}
-diff -up openssl-1.0.0-beta4/apps/s_time.c.default-paths openssl-1.0.0-beta4/apps/s_time.c
---- openssl-1.0.0-beta4/apps/s_time.c.default-paths	2006-04-17 14:22:13.000000000 +0200
-+++ openssl-1.0.0-beta4/apps/s_time.c	2009-11-12 12:26:32.000000000 +0100
-@@ -373,12 +373,13 @@ int MAIN(int argc, char **argv)
- 
- 	SSL_load_error_strings();
- 
--	if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
--		(!SSL_CTX_set_default_verify_paths(tm_ctx)))
-+	if (!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath))
-+		{
-+		ERR_print_errors(bio_err);
-+		}
-+	if (!SSL_CTX_set_default_verify_paths(tm_ctx))
- 		{
--		/* BIO_printf(bio_err,"error setting default verify locations\n"); */
- 		ERR_print_errors(bio_err);
--		/* goto end; */
- 		}
- 
- 	if (tm_cipher == NULL)

openssl-1.0.0-beta4-dtls1-abi.patch

@@ -1,25 +0,0 @@
-Adding struct member is ABI breaker however as the structure is always allocated by
-the library calls we just move it to the end and it should be reasonably safe.
-diff -up openssl-1.0.0-beta4/ssl/dtls1.h.dtls1-abi openssl-1.0.0-beta4/ssl/dtls1.h
---- openssl-1.0.0-beta4/ssl/dtls1.h.dtls1-abi	2009-11-12 14:34:37.000000000 +0100
-+++ openssl-1.0.0-beta4/ssl/dtls1.h	2009-11-12 14:47:57.000000000 +0100
-@@ -216,9 +216,6 @@ typedef struct dtls1_state_st
- 	 */
- 	record_pqueue buffered_app_data;
- 
--	/* Is set when listening for new connections with dtls1_listen() */
--	unsigned int listen;
--
- 	unsigned int mtu; /* max DTLS packet size */
- 
- 	struct hm_header_st w_msg_hdr;
-@@ -242,6 +239,9 @@ typedef struct dtls1_state_st
- 	unsigned int retransmitting;
- 	unsigned int change_cipher_spec_ok;
- 
-+	/* Is set when listening for new connections with dtls1_listen() */
-+	unsigned int listen;
-+
- 	} DTLS1_STATE;
- 
- typedef struct dtls1_record_data_st

openssl-1.0.0-beta4-redhat.patch

@@ -1,59 +0,0 @@
-diff -up openssl-1.0.0-beta4/Configure.redhat openssl-1.0.0-beta4/Configure
---- openssl-1.0.0-beta4/Configure.redhat	2009-11-09 15:11:13.000000000 +0100
-+++ openssl-1.0.0-beta4/Configure	2009-11-12 12:15:27.000000000 +0100
-@@ -336,32 +336,32 @@ my %table=(
- ####
- # *-generic* is endian-neutral target, but ./config is free to
- # throw in -D[BL]_ENDIAN, whichever appropriate...
--"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
--"linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-generic32","gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
-+"linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
- # It's believed that majority of ARM toolchains predefine appropriate -march.
- # If you compiler does not, do complement config command line with one!
--"linux-armv4",	"gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-armv4",	"gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
- #### IA-32 targets...
- "linux-ia32-icc",	"icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
--"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
- "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
- ####
--"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
--"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
--"linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-generic64","gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
-+"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
-+"linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
- "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
--"linux-x86_64",	"gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
--"linux-s390x",	"gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-+"linux-x86_64",	"gcc:-m64 -DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
-+"linux-s390x",	"gcc:-m64 -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
- #### SPARC Linux setups
- # Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
- # assisted with debugging of following two configs.
--"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-sparcv8","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
- # it's a real mess with -mcpu=ultrasparc option under Linux, but
- # -Wa,-Av8plus should do the trick no matter what.
--"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-sparcv9","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
- # GCC 3.1 is a requirement
--"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-+"linux64-sparcv9","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
- #### Alpha Linux with GNU C and Compaq C setups
- # Special notes:
- # - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
-@@ -375,8 +375,8 @@ my %table=(
- #
- #					<appro@fy.chalmers.se>
- #
--"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
--"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-alpha-gcc","gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
-+"linux-alpha+bwx-gcc","gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
- "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
- "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
- 

openssl-1.0.0-beta5-cipher-change.patch

@@ -1,21 +0,0 @@
-diff -up openssl-1.0.0-beta5/ssl/ssl.h.cipher-change openssl-1.0.0-beta5/ssl/ssl.h
---- openssl-1.0.0-beta5/ssl/ssl.h.cipher-change	2010-01-20 18:12:07.000000000 +0100
-+++ openssl-1.0.0-beta5/ssl/ssl.h	2010-01-20 18:13:04.000000000 +0100
-@@ -513,7 +513,7 @@ typedef struct ssl_session_st
- #define SSL_OP_NETSCAPE_CHALLENGE_BUG			0x00000002L
- /* Allow initial connection to servers that don't support RI */
- #define SSL_OP_LEGACY_SERVER_CONNECT			0x00000004L
--#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L
-+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L /* can break some security expectations */
- #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x00000010L
- #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER		0x00000020L
- #define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x00000040L /* no effect since 0.9.7h and 0.9.8b */
-@@ -530,7 +530,7 @@ typedef struct ssl_session_st
- 
- /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
-  *             This used to be 0x000FFFFFL before 0.9.7. */
--#define SSL_OP_ALL					0x80000FFFL
-+#define SSL_OP_ALL					0x80000FF7L
- 
- /* DTLS options */
- #define SSL_OP_NO_QUERY_MTU                 0x00001000L

openssl-1.0.0-beta5-enginesdir.patch

@@ -1,52 +0,0 @@
-diff -up openssl-1.0.0-beta5/Configure.enginesdir openssl-1.0.0-beta5/Configure
---- openssl-1.0.0-beta5/Configure.enginesdir	2010-01-20 18:07:05.000000000 +0100
-+++ openssl-1.0.0-beta5/Configure	2010-01-20 18:10:48.000000000 +0100
-@@ -622,6 +622,7 @@ my $idx_multilib = $idx++;
- my $prefix="";
- my $libdir="";
- my $openssldir="";
-+my $enginesdir="";
- my $exe_ext="";
- my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
- my $cross_compile_prefix="";
-@@ -833,6 +834,10 @@ PROCESS_ARGS:
- 				{
- 				$openssldir=$1;
- 				}
-+			elsif (/^--enginesdir=(.*)$/)
-+				{
-+				$enginesdir=$1;
-+				}
- 			elsif (/^--install.prefix=(.*)$/)
- 				{
- 				$install_prefix=$1;
-@@ -1053,7 +1058,7 @@ chop $prefix if $prefix =~ /.\/$/;
- 
- $openssldir=$prefix . "/ssl" if $openssldir eq "";
- $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
--
-+$enginesdir="$prefix/lib/engines" if $enginesdir eq "";
- 
- print "IsMK1MF=$IsMK1MF\n";
- 
-@@ -1673,7 +1678,7 @@ while (<IN>)
- 		}
- 	elsif	(/^#define\s+ENGINESDIR/)
- 		{
--		my $foo = "$prefix/$libdir/engines";
-+		my $foo = "$enginesdir";
- 		$foo =~ s/\\/\\\\/g;
- 		print OUT "#define ENGINESDIR \"$foo\"\n";
- 		}
-diff -up openssl-1.0.0-beta5/engines/Makefile.enginesdir openssl-1.0.0-beta5/engines/Makefile
---- openssl-1.0.0-beta5/engines/Makefile.enginesdir	2010-01-16 21:06:09.000000000 +0100
-+++ openssl-1.0.0-beta5/engines/Makefile	2010-01-20 18:07:05.000000000 +0100
-@@ -124,7 +124,7 @@ install:
- 				sfx=".so"; \
- 				cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
- 			  fi; \
--			  chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
-+			  chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
- 			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
- 		done; \
- 	fi

openssl-1.0.0-beta5-ipv6-apps.patch

@@ -1,499 +0,0 @@
-diff -up openssl-1.0.0-beta5/apps/s_apps.h.ipv6-apps openssl-1.0.0-beta5/apps/s_apps.h
---- openssl-1.0.0-beta5/apps/s_apps.h.ipv6-apps	2010-02-03 09:43:49.000000000 +0100
-+++ openssl-1.0.0-beta5/apps/s_apps.h	2010-02-03 09:43:49.000000000 +0100
-@@ -148,7 +148,7 @@ typedef fd_mask fd_set;
- #define PORT_STR        "4433"
- #define PROTOCOL        "tcp"
- 
--int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
-+int do_server(char *port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
- #ifdef HEADER_X509_H
- int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
- #endif
-@@ -156,10 +156,9 @@ int MS_CALLBACK verify_callback(int ok, 
- int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
- int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
- #endif
--int init_client(int *sock, char *server, int port, int type);
-+int init_client(int *sock, char *server, char *port, int type);
- int should_retry(int i);
--int extract_port(char *str, short *port_ptr);
--int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
-+int extract_host_port(char *str,char **host_ptr,char **port_ptr);
- 
- long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
- 				   int argi, long argl, long ret);
-diff -up openssl-1.0.0-beta5/apps/s_client.c.ipv6-apps openssl-1.0.0-beta5/apps/s_client.c
---- openssl-1.0.0-beta5/apps/s_client.c.ipv6-apps	2010-02-03 09:43:49.000000000 +0100
-+++ openssl-1.0.0-beta5/apps/s_client.c	2010-02-03 09:43:49.000000000 +0100
-@@ -389,7 +389,7 @@ int MAIN(int argc, char **argv)
- 	int cbuf_len,cbuf_off;
- 	int sbuf_len,sbuf_off;
- 	fd_set readfds,writefds;
--	short port=PORT;
-+	char *port_str = PORT_STR;
- 	int full_log=1;
- 	char *host=SSL_HOST_NAME;
- 	char *cert_file=NULL,*key_file=NULL;
-@@ -488,13 +488,12 @@ int MAIN(int argc, char **argv)
- 		else if	(strcmp(*argv,"-port") == 0)
- 			{
- 			if (--argc < 1) goto bad;
--			port=atoi(*(++argv));
--			if (port == 0) goto bad;
-+			port_str= *(++argv);
- 			}
- 		else if (strcmp(*argv,"-connect") == 0)
- 			{
- 			if (--argc < 1) goto bad;
--			if (!extract_host_port(*(++argv),&host,NULL,&port))
-+			if (!extract_host_port(*(++argv),&host,&port_str))
- 				goto bad;
- 			}
- 		else if	(strcmp(*argv,"-verify") == 0)
-@@ -967,7 +966,7 @@ bad:
- 
- re_start:
- 
--	if (init_client(&s,host,port,socket_type) == 0)
-+	if (init_client(&s,host,port_str,socket_type) == 0)
- 		{
- 		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
- 		SHUTDOWN(s);
-diff -up openssl-1.0.0-beta5/apps/s_server.c.ipv6-apps openssl-1.0.0-beta5/apps/s_server.c
---- openssl-1.0.0-beta5/apps/s_server.c.ipv6-apps	2010-02-03 09:43:49.000000000 +0100
-+++ openssl-1.0.0-beta5/apps/s_server.c	2010-02-03 09:43:49.000000000 +0100
-@@ -838,7 +838,7 @@ int MAIN(int argc, char *argv[])
- 	{
- 	X509_VERIFY_PARAM *vpm = NULL;
- 	int badarg = 0;
--	short port=PORT;
-+	char *port_str = PORT_STR;
- 	char *CApath=NULL,*CAfile=NULL;
- 	unsigned char *context = NULL;
- 	char *dhfile = NULL;
-@@ -909,8 +909,7 @@ int MAIN(int argc, char *argv[])
- 			 (strcmp(*argv,"-accept") == 0))
- 			{
- 			if (--argc < 1) goto bad;
--			if (!extract_port(*(++argv),&port))
--				goto bad;
-+			port_str= *(++argv);
- 			}
- 		else if	(strcmp(*argv,"-verify") == 0)
- 			{
-@@ -1700,9 +1699,9 @@ bad:
- 	BIO_printf(bio_s_out,"ACCEPT\n");
- 	(void)BIO_flush(bio_s_out);
- 	if (www)
--		do_server(port,socket_type,&accept_socket,www_body, context);
-+		do_server(port_str,socket_type,&accept_socket,www_body, context);
- 	else
--		do_server(port,socket_type,&accept_socket,sv_body, context);
-+		do_server(port_str,socket_type,&accept_socket,sv_body, context);
- 	print_stats(bio_s_out,ctx);
- 	ret=0;
- end:
-diff -up openssl-1.0.0-beta5/apps/s_socket.c.ipv6-apps openssl-1.0.0-beta5/apps/s_socket.c
---- openssl-1.0.0-beta5/apps/s_socket.c.ipv6-apps	2009-08-26 13:21:50.000000000 +0200
-+++ openssl-1.0.0-beta5/apps/s_socket.c	2010-02-03 10:00:30.000000000 +0100
-@@ -102,9 +102,7 @@ static struct hostent *GetHostByName(cha
- static void ssl_sock_cleanup(void);
- #endif
- static int ssl_sock_init(void);
--static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
--static int init_server(int *sock, int port, int type);
--static int init_server_long(int *sock, int port,char *ip, int type);
-+static int init_server(int *sock, char *port, int type);
- static int do_accept(int acc_sock, int *sock, char **host);
- static int host_ip(char *str, unsigned char ip[4]);
- 
-@@ -234,58 +232,70 @@ static int ssl_sock_init(void)
- 	return(1);
- 	}
- 
--int init_client(int *sock, char *host, int port, int type)
-+int init_client(int *sock, char *host, char *port, int type)
- 	{
--	unsigned char ip[4];
--
--	if (!host_ip(host,&(ip[0])))
--		{
--		return(0);
--		}
--	return(init_client_ip(sock,ip,port,type));
--	}
--
--static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
--	{
--	unsigned long addr;
--	struct sockaddr_in them;
--	int s,i;
-+	struct addrinfo *res, *res0, hints;
-+	char * failed_call = NULL;
-+	int s;
-+	int e;
- 
- 	if (!ssl_sock_init()) return(0);
- 
--	memset((char *)&them,0,sizeof(them));
--	them.sin_family=AF_INET;
--	them.sin_port=htons((unsigned short)port);
--	addr=(unsigned long)
--		((unsigned long)ip[0]<<24L)|
--		((unsigned long)ip[1]<<16L)|
--		((unsigned long)ip[2]<< 8L)|
--		((unsigned long)ip[3]);
--	them.sin_addr.s_addr=htonl(addr);
--
--	if (type == SOCK_STREAM)
--		s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
--	else /* ( type == SOCK_DGRAM) */
--		s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
--			
--	if (s == INVALID_SOCKET) { perror("socket"); return(0); }
-+	memset(&hints, '\0', sizeof(hints));
-+	hints.ai_socktype = type;
-+	hints.ai_flags = AI_ADDRCONFIG;
-+
-+	e = getaddrinfo(host, port, &hints, &res);
-+	if (e)
-+	{
-+		fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
-+		if (e == EAI_SYSTEM)
-+			perror("getaddrinfo");
-+		return (0);
-+		}
- 
-+	res0 = res;
-+	while (res)
-+		{
-+		s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
-+		if (s == INVALID_SOCKET)
-+			{
-+			failed_call = "socket";
-+			goto nextres;
-+			}
- #if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
- 	if (type == SOCK_STREAM)
- 		{
--		i=0;
--		i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
--		if (i < 0) { perror("keepalive"); return(0); }
-+			int i=0;
-+			i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,
-+				(char *)&i,sizeof(i));
-+			if (i < 0) {
-+				failed_call = "keepalive";
-+				goto nextres;
-+				}
- 		}
- #endif
--
--	if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
--		{ closesocket(s); perror("connect"); return(0); }
-+		if (connect(s,(struct sockaddr *)res->ai_addr,
-+			res->ai_addrlen) == 0)
-+			{
-+			freeaddrinfo(res0);
- 	*sock=s;
- 	return(1);
- 	}
- 
--int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
-+		failed_call = "socket";
-+nextres:
-+		if (s != INVALID_SOCKET)
-+			close(s);
-+		res = res->ai_next;
-+		}
-+	freeaddrinfo(res0);
-+
-+	perror(failed_call);
-+	return(0);
-+	}
-+
-+int do_server(char *port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
- 	{
- 	int sock;
- 	char *name = NULL;
-@@ -323,33 +333,38 @@ int do_server(int port, int type, int *r
- 		}
- 	}
- 
--static int init_server_long(int *sock, int port, char *ip, int type)
-+static int init_server(int *sock, char *port, int type)
- 	{
--	int ret=0;
--	struct sockaddr_in server;
--	int s= -1,i;
-+	struct addrinfo *res, *res0, hints;
-+	char * failed_call = NULL;
-+	char port_name[8];
-+	int s;
-+	int e;
- 
- 	if (!ssl_sock_init()) return(0);
- 
--	memset((char *)&server,0,sizeof(server));
--	server.sin_family=AF_INET;
--	server.sin_port=htons((unsigned short)port);
--	if (ip == NULL)
--		server.sin_addr.s_addr=INADDR_ANY;
--	else
--/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
--#ifndef BIT_FIELD_LIMITS
--		memcpy(&server.sin_addr.s_addr,ip,4);
--#else
--		memcpy(&server.sin_addr,ip,4);
--#endif
-+	memset(&hints, '\0', sizeof(hints));
-+	hints.ai_socktype = type;
-+	hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG;
- 	
--		if (type == SOCK_STREAM)
--			s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
--		else /* type == SOCK_DGRAM */
--			s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
-+	e = getaddrinfo(NULL, port, &hints, &res);
-+	if (e)
-+		{
-+		fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
-+		if (e == EAI_SYSTEM)
-+			perror("getaddrinfo");
-+		return (0);
-+		}
- 
--	if (s == INVALID_SOCKET) goto err;
-+	res0 = res;
-+	while (res)
-+		{
-+		s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
-+		if (s == INVALID_SOCKET)
-+			{
-+			failed_call = "socket";
-+			goto nextres;
-+			}
- #if defined SOL_SOCKET && defined SO_REUSEADDR
- 		{
- 		int j = 1;
-@@ -357,36 +372,39 @@ static int init_server_long(int *sock, i
- 			   (void *) &j, sizeof j);
- 		}
- #endif
--	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
-+
-+		if (bind(s,(struct sockaddr *)res->ai_addr, res->ai_addrlen) == -1)
- 		{
--#ifndef OPENSSL_SYS_WINDOWS
--		perror("bind");
--#endif
--		goto err;
-+			failed_call = "bind";
-+			goto nextres;
- 		}
--	/* Make it 128 for linux */
--	if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
--	i=0;
--	*sock=s;
--	ret=1;
--err:
--	if ((ret == 0) && (s != -1))
-+		if (type==SOCK_STREAM && listen(s,128) == -1)
- 		{
--		SHUTDOWN(s);
-+			failed_call = "listen";
-+			goto nextres;
- 		}
--	return(ret);
-+
-+		*sock=s;
-+		return(1);
-+
-+nextres:
-+		if (s != INVALID_SOCKET)
-+			close(s);
-+		res = res->ai_next;
- 	}
-+	freeaddrinfo(res0);
- 
--static int init_server(int *sock, int port, int type)
--	{
--	return(init_server_long(sock, port, NULL, type));
-+	if (s == INVALID_SOCKET) { perror("socket"); return(0); }
-+
-+	perror(failed_call);
-+	return(0);
- 	}
- 
- static int do_accept(int acc_sock, int *sock, char **host)
- 	{
--	int ret,i;
--	struct hostent *h1,*h2;
--	static struct sockaddr_in from;
-+	static struct sockaddr_storage from;
-+	char buffer[NI_MAXHOST];
-+	int ret;
- 	int len;
- /*	struct linger ling; */
- 
-@@ -432,136 +450,58 @@ redoit:
- */
- 
- 	if (host == NULL) goto end;
--#ifndef BIT_FIELD_LIMITS
--	/* I should use WSAAsyncGetHostByName() under windows */
--	h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
--		sizeof(from.sin_addr.s_addr),AF_INET);
--#else
--	h1=gethostbyaddr((char *)&from.sin_addr,
--		sizeof(struct in_addr),AF_INET);
--#endif
--	if (h1 == NULL)
-+
-+	if (getnameinfo((struct sockaddr *)&from, sizeof(from),
-+		buffer, sizeof(buffer),
-+		NULL, 0, 0))
- 		{
--		BIO_printf(bio_err,"bad gethostbyaddr\n");
-+		BIO_printf(bio_err,"getnameinfo failed\n");
- 		*host=NULL;
- 		/* return(0); */
- 		}
- 	else
- 		{
--		if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
-+		if ((*host=(char *)OPENSSL_malloc(strlen(buffer)+1)) == NULL)
- 			{
- 			perror("OPENSSL_malloc");
- 			return(0);
- 			}
--		BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
--
--		h2=GetHostByName(*host);
--		if (h2 == NULL)
--			{
--			BIO_printf(bio_err,"gethostbyname failure\n");
--			return(0);
--			}
--		i=0;
--		if (h2->h_addrtype != AF_INET)
--			{
--			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
--			return(0);
--			}
-+		strcpy(*host, buffer);
- 		}
- end:
- 	*sock=ret;
- 	return(1);
- 	}
- 
--int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
--	     short *port_ptr)
-+int extract_host_port(char *str, char **host_ptr, 
-+	     char **port_ptr)
- 	{
--	char *h,*p;
-+	char *h,*p,*x;
- 
--	h=str;
--	p=strchr(str,':');
-+	x=h=str;
-+	if (*h == '[')
-+		{
-+		h++;
-+		p=strchr(h,']');
- 	if (p == NULL)
- 		{
--		BIO_printf(bio_err,"no port defined\n");
-+			BIO_printf(bio_err,"no ending bracket for IPv6 address\n");
- 		return(0);
- 		}
- 	*(p++)='\0';
--
--	if ((ip != NULL) && !host_ip(str,ip))
--		goto err;
--	if (host_ptr != NULL) *host_ptr=h;
--
--	if (!extract_port(p,port_ptr))
--		goto err;
--	return(1);
--err:
--	return(0);
-+		x = p;
- 	}
--
--static int host_ip(char *str, unsigned char ip[4])
--	{
--	unsigned int in[4]; 
--	int i;
--
--	if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
--		{
--		for (i=0; i<4; i++)
--			if (in[i] > 255)
--				{
--				BIO_printf(bio_err,"invalid IP address\n");
--				goto err;
--				}
--		ip[0]=in[0];
--		ip[1]=in[1];
--		ip[2]=in[2];
--		ip[3]=in[3];
--		}
--	else
--		{ /* do a gethostbyname */
--		struct hostent *he;
--
--		if (!ssl_sock_init()) return(0);
--
--		he=GetHostByName(str);
--		if (he == NULL)
--			{
--			BIO_printf(bio_err,"gethostbyname failure\n");
--			goto err;
--			}
--		/* cast to short because of win16 winsock definition */
--		if ((short)he->h_addrtype != AF_INET)
-+	p=strchr(x,':');
-+	if (p == NULL)
- 			{
--			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
--			return(0);
--			}
--		ip[0]=he->h_addr_list[0][0];
--		ip[1]=he->h_addr_list[0][1];
--		ip[2]=he->h_addr_list[0][2];
--		ip[3]=he->h_addr_list[0][3];
--		}
--	return(1);
--err:
-+		BIO_printf(bio_err,"no port defined\n");
- 	return(0);
- 	}
-+	*(p++)='\0';
- 
--int extract_port(char *str, short *port_ptr)
--	{
--	int i;
--	struct servent *s;
-+	if (host_ptr != NULL) *host_ptr=h;
-+	if (port_ptr != NULL) *port_ptr=p;
- 
--	i=atoi(str);
--	if (i != 0)
--		*port_ptr=(unsigned short)i;
--	else
--		{
--		s=getservbyname(str,"tcp");
--		if (s == NULL)
--			{
--			BIO_printf(bio_err,"getservbyname failure for %s\n",str);
--			return(0);
--			}
--		*port_ptr=ntohs((unsigned short)s->s_port);
--		}
- 	return(1);
- 	}
- 

openssl-1.0.0-beta5-readme-warning.patch

@@ -1,39 +0,0 @@
-diff -up openssl-1.0.0-beta5/README.warning openssl-1.0.0-beta5/README
---- openssl-1.0.0-beta5/README.warning	2010-01-20 16:00:47.000000000 +0100
-+++ openssl-1.0.0-beta5/README	2010-01-21 09:06:11.000000000 +0100
-@@ -5,6 +5,35 @@
-  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
-  All rights reserved.
- 
-+ WARNING
-+ -------
-+
-+ This version of OpenSSL is built in a way that supports operation in
-+ the so called FIPS mode. Note though that the library as we build it
-+ is not FIPS validated and the FIPS mode is present for testing purposes
-+ only.
-+ 
-+ This version also contains a few differences from the upstream code
-+ some of which are:
-+   * There are added changes forward ported from the upstream OpenSSL
-+     0.9.8 FIPS branch however the FIPS integrity verification check
-+     is implemented differently from the upstream FIPS validated OpenSSL
-+     module. It verifies HMAC-SHA256 checksum of the whole shared
-+     libraries. For this reason the changes are ported to files in the
-+     crypto directory and not in a separate fips subdirectory. Also
-+     note that the FIPS integrity verification check requires unmodified
-+     libcrypto and libssl shared library files which means that it will
-+     fail if these files are modified for example by prelink.
-+   * The module respects the kernel FIPS flag /proc/sys/crypto/fips and
-+     tries to initialize the FIPS mode if it is set to 1 aborting if the
-+     FIPS mode could not be initialized. It is also possible to force the
-+     OpenSSL library to FIPS mode especially for debugging purposes by
-+     setting the environment variable OPENSSL_FORCE_FIPS_MODE.
-+   * If the environment variable OPENSSL_NO_DEFAULT_ZLIB is set the module
-+     will not automatically load the built in compression method ZLIB
-+     when initialized. Applications can still explicitely ask for ZLIB
-+     compression method.
-+
-  DESCRIPTION
-  -----------
- 

openssl-1.0.0-dtls1-backports.patch

@@ -1,53 +0,0 @@
-diff -up openssl-1.0.0/ssl/d1_lib.c.dtls1 openssl-1.0.0/ssl/d1_lib.c
---- openssl-1.0.0/ssl/d1_lib.c.dtls1	2009-12-08 12:38:17.000000000 +0100
-+++ openssl-1.0.0/ssl/d1_lib.c	2010-04-09 16:29:49.000000000 +0200
-@@ -283,6 +283,16 @@ struct timeval* dtls1_get_timeout(SSL *s
- 		timeleft->tv_usec += 1000000;
- 		}
- 
-+	/* If remaining time is less than 15 ms, set it to 0
-+	 * to prevent issues because of small devergences with
-+	 * socket timeouts.
-+	 */
-+	if (timeleft->tv_sec == 0 && timeleft->tv_usec < 15000)
-+		{
-+		memset(timeleft, 0, sizeof(struct timeval));
-+		}
-+	
-+
- 	return timeleft;
- 	}
- 
-diff -up openssl-1.0.0/ssl/d1_pkt.c.dtls1 openssl-1.0.0/ssl/d1_pkt.c
---- openssl-1.0.0/ssl/d1_pkt.c.dtls1	2009-10-04 18:52:35.000000000 +0200
-+++ openssl-1.0.0/ssl/d1_pkt.c	2010-04-09 16:30:49.000000000 +0200
-@@ -667,14 +667,14 @@ again:
- 	if (rr->length == 0) goto again;
- 
- 	/* If this record is from the next epoch (either HM or ALERT),
--	 * buffer it since it cannot be processed at this time. Records
--	 * from the next epoch are marked as received even though they
--	 * are not processed, so as to prevent any potential resource
--	 * DoS attack */
-+	 * and a handshake is currently in progress, buffer it since it
-+	 * cannot be processed at this time. */
- 	if (is_next_epoch)
- 		{
--		dtls1_record_bitmap_update(s, bitmap);
--		dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);
-+		if (SSL_in_init(s) || s->in_handshake)
-+			{
-+			dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);
-+			}
- 		rr->length = 0;
- 		s->packet_length = 0;
- 		goto again;
-@@ -809,7 +809,7 @@ start:
- 		 * buffer the application data for later processing rather
- 		 * than dropping the connection.
- 		 */
--		dtls1_buffer_record(s, &(s->d1->buffered_app_data), 0);
-+		dtls1_buffer_record(s, &(s->d1->buffered_app_data), rr->seq_num);
- 		rr->length = 0;
- 		goto start;
- 		}

openssl-1.0.0-init-sha256.patch

@@ -1,79 +0,0 @@
-diff -up openssl-1.0.0/doc/ssl/SSL_library_init.pod.sha256 openssl-1.0.0/doc/ssl/SSL_library_init.pod
---- openssl-1.0.0/doc/ssl/SSL_library_init.pod.sha256	2006-03-12 01:37:55.000000000 +0100
-+++ openssl-1.0.0/doc/ssl/SSL_library_init.pod	2010-04-09 16:33:11.000000000 +0200
-@@ -15,7 +15,7 @@ SSL_library_init, OpenSSL_add_ssl_algori
- 
- =head1 DESCRIPTION
- 
--SSL_library_init() registers the available ciphers and digests.
-+SSL_library_init() registers the available SSL/TLS ciphers and digests.
- 
- OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are synonyms
- for SSL_library_init().
-@@ -27,24 +27,28 @@ SSL_library_init() is not reentrant. 
- 
- =head1 WARNING
- 
--SSL_library_init() only registers ciphers. Another important initialization
--is the seeding of the PRNG (Pseudo Random Number Generator), which has to
--be performed separately.
-+SSL_library_init() adds ciphers and digests used directly and indirectly by
-+SSL/TLS.
- 
- =head1 EXAMPLES
- 
- A typical TLS/SSL application will start with the library initialization,
--will provide readable error messages and will seed the PRNG.
-+and provide readable error messages.
- 
-  SSL_load_error_strings();                /* readable error messages */
-  SSL_library_init();                      /* initialize library */
-- actions_to_seed_PRNG(); 
- 
- =head1 RETURN VALUES
- 
- SSL_library_init() always returns "1", so it is safe to discard the return
- value.
- 
-+=head1 NOTES
-+
-+OpenSSL 0.9.8o and 1.0.0a and later added SHA2 algorithms to SSL_library_init().
-+Applications which need to use SHA2 in earlier versions of OpenSSL should call
-+OpenSSL_add_all_algorithms() as well.
-+
- =head1 SEE ALSO
- 
- L<ssl(3)|ssl(3)>, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>,
-diff -up openssl-1.0.0/ssl/ssl_algs.c.sha256 openssl-1.0.0/ssl/ssl_algs.c
---- openssl-1.0.0/ssl/ssl_algs.c.sha256	2010-04-06 12:52:38.000000000 +0200
-+++ openssl-1.0.0/ssl/ssl_algs.c	2010-04-09 16:34:41.000000000 +0200
-@@ -111,6 +111,14 @@ int SSL_library_init(void)
- 	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
- 	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
- #endif
-+#ifndef OPENSSL_NO_SHA256
-+	EVP_add_digest(EVP_sha224());
-+	EVP_add_digest(EVP_sha256());
-+#endif
-+#ifndef OPENSSL_NO_SHA512
-+	EVP_add_digest(EVP_sha384());
-+	EVP_add_digest(EVP_sha512());
-+#endif
- #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
- 	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
- 	EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
-@@ -148,6 +156,14 @@ int SSL_library_init(void)
- 	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
- 	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
- #endif
-+#ifndef OPENSSL_NO_SHA256
-+	EVP_add_digest(EVP_sha224());
-+	EVP_add_digest(EVP_sha256());
-+#endif
-+#ifndef OPENSSL_NO_SHA512
-+	EVP_add_digest(EVP_sha384());
-+	EVP_add_digest(EVP_sha512());
-+#endif
- #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
- 	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
- 	EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);

openssl-1.0.0-name-hash.patch

@@ -1,22 +0,0 @@
-diff -up openssl-1.0.0/crypto/x509/x509_cmp.c.name-hash openssl-1.0.0/crypto/x509/x509_cmp.c
---- openssl-1.0.0/crypto/x509/x509_cmp.c.name-hash	2010-01-12 18:27:10.000000000 +0100
-+++ openssl-1.0.0/crypto/x509/x509_cmp.c	2010-04-06 16:44:52.000000000 +0200
-@@ -236,10 +236,17 @@ unsigned long X509_NAME_hash_old(X509_NA
- 	{
- 	unsigned long ret=0;
- 	unsigned char md[16];
-+	EVP_MD_CTX ctx; 
- 
- 	/* Make sure X509_NAME structure contains valid cached encoding */
- 	i2d_X509_NAME(x,NULL);
--	EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL);
-+
-+	EVP_MD_CTX_init(&ctx);
-+	EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT | EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-+        EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)
-+		&& EVP_DigestUpdate(&ctx, x->bytes->data, x->bytes->length)
-+		&& EVP_DigestFinal_ex(&ctx, md, NULL);
-+	EVP_MD_CTX_cleanup(&ctx);
- 
- 	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
- 		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)

openssl-1.0.0-timezone.patch

@@ -1,21 +0,0 @@
-diff -up openssl-1.0.0/Makefile.org.timezone openssl-1.0.0/Makefile.org
---- openssl-1.0.0/Makefile.org.timezone	2010-03-30 11:08:40.000000000 +0200
-+++ openssl-1.0.0/Makefile.org	2010-04-06 12:49:21.000000000 +0200
-@@ -609,7 +609,7 @@ install_docs:
- 		sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
- 		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- 		(cd `$(PERL) util/dirname.pl $$i`; \
--		sh -c "$$pod2man \
-+		sh -c "TZ=UTC $$pod2man \
- 			--section=$$sec --center=OpenSSL \
- 			--release=$(VERSION) `basename $$i`") \
- 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
-@@ -626,7 +626,7 @@ install_docs:
- 		sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
- 		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
- 		(cd `$(PERL) util/dirname.pl $$i`; \
--		sh -c "$$pod2man \
-+		sh -c "TZ=UTC $$pod2man \
- 			--section=$$sec --center=OpenSSL \
- 			--release=$(VERSION) `basename $$i`") \
- 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \

openssl-1.0.0-version.patch

@@ -1,13 +0,0 @@
-diff -up openssl-1.0.0/crypto/opensslv.h.version openssl-1.0.0/crypto/opensslv.h
---- openssl-1.0.0/crypto/opensslv.h.version	2010-03-30 10:59:26.000000000 +0200
-+++ openssl-1.0.0/crypto/opensslv.h	2010-03-30 11:00:52.000000000 +0200
-@@ -25,7 +25,8 @@
-  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
-  *  major minor fix final patch/beta)
-  */
--#define OPENSSL_VERSION_NUMBER	0x1000000fL
-+/* we have to keep the version number to not break the abi */
-+#define OPENSSL_VERSION_NUMBER	0x10000003L
- #ifdef OPENSSL_FIPS
- #define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.0-fips 29 Mar 2010"
- #else

openssl-1.1.0-issuer-hash.patch

@@ -0,0 +1,11 @@
+diff -up openssl-1.1.0-pre5/crypto/x509/x509_cmp.c.issuer-hash openssl-1.1.0-pre5/crypto/x509/x509_cmp.c
+--- openssl-1.1.0-pre5/crypto/x509/x509_cmp.c.issuer-hash	2016-07-18 15:16:32.788881100 +0200
++++ openssl-1.1.0-pre5/crypto/x509/x509_cmp.c	2016-07-18 15:17:16.671871840 +0200
+@@ -87,6 +87,7 @@ unsigned long X509_issuer_and_serial_has
+ 
+     if (ctx == NULL)
+         goto err;
++    EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+     f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0);
+     if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL))
+         goto err;

openssl-1.1.1-alpn-cb.patch

@@ -0,0 +1,27 @@
+commit 9e885a707d604e9528b5491b78fb9c00f41193fc
+Author: Tomas Mraz <tmraz@fedoraproject.org>
+Date:   Thu Mar 26 15:59:00 2020 +0100
+
+    s_server: Properly indicate ALPN protocol mismatch
+    
+    Return SSL_TLSEXT_ERR_ALERT_FATAL from alpn_select_cb so that
+    an alert is sent to the client on ALPN protocol mismatch.
+    
+    Fixes: #2708
+    
+    Reviewed-by: Matt Caswell <matt@openssl.org>
+    (Merged from https://github.com/openssl/openssl/pull/11415)
+
+diff --git a/apps/s_server.c b/apps/s_server.c
+index bcc83e562c..591c6c19c5 100644
+--- a/apps/s_server.c
++++ b/apps/s_server.c
+@@ -707,7 +707,7 @@ static int alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
+     if (SSL_select_next_proto
+         ((unsigned char **)out, outlen, alpn_ctx->data, alpn_ctx->len, in,
+          inlen) != OPENSSL_NPN_NEGOTIATED) {
+-        return SSL_TLSEXT_ERR_NOACK;
++        return SSL_TLSEXT_ERR_ALERT_FATAL;
+     }
+ 
+     if (!s_quiet) {

openssl-1.1.1-apps-dgst.patch

@@ -0,0 +1,12 @@
+diff -up openssl-1.1.1b/apps/ca.c.dgst openssl-1.1.1b/apps/ca.c
+--- openssl-1.1.1b/apps/ca.c.dgst	2019-02-26 15:15:30.000000000 +0100
++++ openssl-1.1.1b/apps/ca.c	2019-03-15 15:53:46.622267688 +0100
+@@ -169,7 +169,7 @@ const OPTIONS ca_options[] = {
+     {"enddate", OPT_ENDDATE, 's',
+      "YYMMDDHHMMSSZ cert notAfter (overrides -days)"},
+     {"days", OPT_DAYS, 'p', "Number of days to certify the cert for"},
+-    {"md", OPT_MD, 's', "md to use; one of md2, md5, sha or sha1"},
++    {"md", OPT_MD, 's', "md to use; see openssl help for list"},
+     {"policy", OPT_POLICY, 's', "The CA 'policy' to support"},
+     {"keyfile", OPT_KEYFILE, 's', "Private key"},
+     {"keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)"},

openssl-1.1.1-build.patch

@@ -0,0 +1,40 @@
+diff -up openssl-1.1.1f/Configurations/10-main.conf.build openssl-1.1.1f/Configurations/10-main.conf
+--- openssl-1.1.1f/Configurations/10-main.conf.build	2020-03-31 14:17:45.000000000 +0200
++++ openssl-1.1.1f/Configurations/10-main.conf	2020-04-07 16:42:10.920546387 +0200
+@@ -678,6 +678,7 @@ my %targets = (
+         cxxflags         => add("-m64"),
+         lib_cppflags     => add("-DL_ENDIAN"),
+         perlasm_scheme   => "linux64le",
++        multilib         => "64",
+     },
+ 
+     "linux-armv4" => {
+@@ -718,6 +719,7 @@ my %targets = (
+     "linux-aarch64" => {
+         inherit_from     => [ "linux-generic64", asm("aarch64_asm") ],
+         perlasm_scheme   => "linux64",
++        multilib         => "64",
+     },
+     "linux-arm64ilp32" => {  # https://wiki.linaro.org/Platform/arm64-ilp32
+         inherit_from     => [ "linux-generic32", asm("aarch64_asm") ],
+diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build openssl-1.1.1f/Configurations/unix-Makefile.tmpl
+--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build	2020-04-07 16:42:10.920546387 +0200
++++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl	2020-04-07 16:44:23.539142108 +0200
+@@ -823,7 +823,7 @@ uninstall_runtime_libs:
+ install_man_docs:
+ 	@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
+ 	@$(ECHO) "*** Installing manpages"
+-	$(PERL) $(SRCDIR)/util/process_docs.pl \
++	TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
+ 		"--destdir=$(DESTDIR)$(MANDIR)" --type=man --suffix=$(MANSUFFIX)
+ 
+ uninstall_man_docs:
+@@ -835,7 +835,7 @@ uninstall_man_docs:
+ install_html_docs:
+ 	@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
+ 	@$(ECHO) "*** Installing HTML manpages"
+-	$(PERL) $(SRCDIR)/util/process_docs.pl \
++	TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
+ 		"--destdir=$(DESTDIR)$(HTMLDIR)" --type=html
+ 
+ uninstall_html_docs:

openssl-1.1.1-conf-paths.patch

@@ -0,0 +1,56 @@
+diff -up openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths openssl-1.1.1-pre8/apps/CA.pl.in
+--- openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths	2018-06-20 16:48:09.000000000 +0200
++++ openssl-1.1.1-pre8/apps/CA.pl.in	2018-07-25 17:26:58.388624296 +0200
+@@ -33,7 +33,7 @@ my $X509 = "$openssl x509";
+ my $PKCS12 = "$openssl pkcs12";
+ 
+ # default openssl.cnf file has setup as per the following
+-my $CATOP = "./demoCA";
++my $CATOP = "/etc/pki/CA";
+ my $CAKEY = "cakey.pem";
+ my $CAREQ = "careq.pem";
+ my $CACERT = "cacert.pem";
+diff -up openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths openssl-1.1.1-pre8/apps/openssl.cnf
+--- openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths	2018-07-25 17:26:58.378624057 +0200
++++ openssl-1.1.1-pre8/apps/openssl.cnf	2018-07-27 13:20:08.198513471 +0200
+@@ -23,6 +23,22 @@ oid_section		= new_oids
+ # (Alternatively, use a configuration file that has only
+ # X.509v3 extensions in its main [= default] section.)
+ 
++# Load default TLS policy configuration
++
++openssl_conf = default_modules
++
++[ default_modules ]
++
++ssl_conf = ssl_module
++
++[ ssl_module ]
++
++system_default = crypto_policy
++
++[ crypto_policy ]
++
++.include = /etc/crypto-policies/back-ends/opensslcnf.config
++
+ [ new_oids ]
+ 
+ # We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
+@@ -43,7 +59,7 @@ default_ca	= CA_default		# The default c
+ ####################################################################
+ [ CA_default ]
+ 
+-dir		= ./demoCA		# Where everything is kept
++dir		= /etc/pki/CA		# Where everything is kept
+ certs		= $dir/certs		# Where the issued certs are kept
+ crl_dir		= $dir/crl		# Where the issued crl are kept
+ database	= $dir/index.txt	# database index file.
+@@ -329,7 +345,7 @@ default_tsa = tsa_config1	# the default
+ [ tsa_config1 ]
+ 
+ # These are used by the TSA reply generation only.
+-dir		= ./demoCA		# TSA root directory
++dir		= /etc/pki/CA		# TSA root directory
+ serial		= $dir/tsaserial	# The current serial number (mandatory)
+ crypto_device	= builtin		# OpenSSL engine to use for signing
+ signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate

openssl-1.1.1-defaults.patch

@@ -1,17 +1,24 @@
-diff -up openssl-1.0.0-beta3/apps/openssl.cnf.defaults openssl-1.0.0-beta3/apps/openssl.cnf
---- openssl-1.0.0-beta3/apps/openssl.cnf.defaults	2009-04-04 20:09:43.000000000 +0200
-+++ openssl-1.0.0-beta3/apps/openssl.cnf	2009-08-04 22:57:16.000000000 +0200
-@@ -103,7 +103,8 @@ emailAddress		= optional
+diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cnf
+--- openssl-1.1.1a/apps/openssl.cnf.defaults	2018-11-20 14:35:37.000000000 +0100
++++ openssl-1.1.1a/apps/openssl.cnf	2019-01-15 13:56:50.841719776 +0100
+@@ -74,7 +74,7 @@ cert_opt 	= ca_default		# Certificate fi
  
+ default_days	= 365			# how long to certify for
+ default_crl_days= 30			# how long before next CRL
+-default_md	= default		# use public key default MD
++default_md	= sha256		# use SHA-256 by default
+ preserve	= no			# keep passed DN ordering
+ 
+ # A few difference way of specifying how similar the request should look
+@@ -106,6 +106,7 @@ emailAddress		= optional
  ####################################################################
  [ req ]
--default_bits		= 1024
-+default_bits		= 2048
-+default_md		= sha1
+ default_bits		= 2048
++default_md		= sha256
  default_keyfile 	= privkey.pem
  distinguished_name	= req_distinguished_name
  attributes		= req_attributes
-@@ -126,17 +127,18 @@ string_mask = utf8only
+@@ -128,17 +129,18 @@ string_mask = utf8only
  
  [ req_distinguished_name ]
  countryName			= Country Name (2 letter code)
@@ -25,7 +32,7 @@ diff -up openssl-1.0.0-beta3/apps/openssl.cnf.defaults openssl-1.0.0-beta3/apps/
 +#stateOrProvinceName_default	= Default Province
  
  localityName			= Locality Name (eg, city)
-+localityName_default	= Default City
++localityName_default		= Default City
  
  0.organizationName		= Organization Name (eg, company)
 -0.organizationName_default	= Internet Widgits Pty Ltd
@@ -33,11 +40,11 @@ diff -up openssl-1.0.0-beta3/apps/openssl.cnf.defaults openssl-1.0.0-beta3/apps/
  
  # we can do this but it is not needed normally :-)
  #1.organizationName		= Second Organization Name (eg, company)
-@@ -145,7 +147,7 @@ localityName			= Locality Name (eg, city
+@@ -147,7 +149,7 @@ localityName			= Locality Name (eg, city
  organizationalUnitName		= Organizational Unit Name (eg, section)
  #organizationalUnitName_default	=
  
--commonName			= Common Name (eg, YOUR name)
+-commonName			= Common Name (e.g. server FQDN or YOUR name)
 +commonName			= Common Name (eg, your name or your server\'s hostname)
  commonName_max			= 64
  

openssl-1.1.1-disable-ssl3.patch

@@ -0,0 +1,91 @@
+diff -up openssl-1.1.1-pre8/apps/s_client.c.disable-ssl3 openssl-1.1.1-pre8/apps/s_client.c
+--- openssl-1.1.1-pre8/apps/s_client.c.disable-ssl3	2018-07-16 18:08:20.000487628 +0200
++++ openssl-1.1.1-pre8/apps/s_client.c	2018-07-16 18:16:40.070186323 +0200
+@@ -1681,6 +1681,9 @@ int s_client_main(int argc, char **argv)
+     if (sdebug)
+         ssl_ctx_security_debug(ctx, sdebug);
+ 
++    if (min_version == SSL3_VERSION && max_version == SSL3_VERSION)
++        SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
++
+     if (!config_ctx(cctx, ssl_args, ctx))
+         goto end;
+ 
+diff -up openssl-1.1.1-pre8/apps/s_server.c.disable-ssl3 openssl-1.1.1-pre8/apps/s_server.c
+--- openssl-1.1.1-pre8/apps/s_server.c.disable-ssl3	2018-07-16 18:08:20.000487628 +0200
++++ openssl-1.1.1-pre8/apps/s_server.c	2018-07-16 18:17:17.300055551 +0200
+@@ -1760,6 +1760,9 @@ int s_server_main(int argc, char *argv[]
+     if (sdebug)
+         ssl_ctx_security_debug(ctx, sdebug);
+ 
++    if (min_version == SSL3_VERSION && max_version == SSL3_VERSION)
++        SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
++
+     if (!config_ctx(cctx, ssl_args, ctx))
+         goto end;
+ 
+diff -up openssl-1.1.1-pre8/ssl/ssl_lib.c.disable-ssl3 openssl-1.1.1-pre8/ssl/ssl_lib.c
+--- openssl-1.1.1-pre8/ssl/ssl_lib.c.disable-ssl3	2018-06-20 16:48:13.000000000 +0200
++++ openssl-1.1.1-pre8/ssl/ssl_lib.c	2018-07-16 18:08:20.001487652 +0200
+@@ -3016,6 +3016,16 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
+      */
+     ret->options |= SSL_OP_NO_COMPRESSION | SSL_OP_ENABLE_MIDDLEBOX_COMPAT;
+ 
++    if (meth->version != SSL3_VERSION) {
++        /*
++         * Disable SSLv3 by default.  Applications can
++         * re-enable it by configuring
++         * SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
++         * or by using the SSL_CONF API.
++         */
++        ret->options |= SSL_OP_NO_SSLv3;
++    }
++
+     ret->ext.status_type = TLSEXT_STATUSTYPE_nothing;
+ 
+     /*
+diff -up openssl-1.1.1-pre8/test/ssl_test.c.disable-ssl3 openssl-1.1.1-pre8/test/ssl_test.c
+--- openssl-1.1.1-pre8/test/ssl_test.c.disable-ssl3	2018-06-20 16:48:15.000000000 +0200
++++ openssl-1.1.1-pre8/test/ssl_test.c	2018-07-16 18:18:34.806865121 +0200
+@@ -443,6 +443,7 @@ static int test_handshake(int idx)
+             SSL_TEST_SERVERNAME_CB_NONE) {
+             if (!TEST_ptr(server2_ctx = SSL_CTX_new(TLS_server_method())))
+                 goto err;
++            SSL_CTX_clear_options(server2_ctx, SSL_OP_NO_SSLv3);
+             if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx,
+                                                          TLS_MAX_VERSION)))
+                 goto err;
+@@ -464,6 +465,8 @@ static int test_handshake(int idx)
+             if (!TEST_ptr(resume_server_ctx)
+                     || !TEST_ptr(resume_client_ctx))
+                 goto err;
++            SSL_CTX_clear_options(resume_server_ctx, SSL_OP_NO_SSLv3);
++            SSL_CTX_clear_options(resume_client_ctx, SSL_OP_NO_SSLv3);
+         }
+     }
+ 
+@@ -477,6 +480,9 @@ static int test_handshake(int idx)
+             || !TEST_int_gt(CONF_modules_load(conf, test_app, 0),  0))
+         goto err;
+ 
++    SSL_CTX_clear_options(server_ctx, SSL_OP_NO_SSLv3);
++    SSL_CTX_clear_options(client_ctx, SSL_OP_NO_SSLv3);
++
+     if (!SSL_CTX_config(server_ctx, "server")
+         || !SSL_CTX_config(client_ctx, "client")) {
+         goto err;
+diff -up openssl-1.1.1-pre8/test/ssltest_old.c.disable-ssl3 openssl-1.1.1-pre8/test/ssltest_old.c
+--- openssl-1.1.1-pre8/test/ssltest_old.c.disable-ssl3	2018-06-20 16:48:15.000000000 +0200
++++ openssl-1.1.1-pre8/test/ssltest_old.c	2018-07-16 18:08:20.002487676 +0200
+@@ -1358,6 +1358,11 @@ int main(int argc, char *argv[])
+         ERR_print_errors(bio_err);
+         goto end;
+     }
++
++    SSL_CTX_clear_options(c_ctx, SSL_OP_NO_SSLv3);
++    SSL_CTX_clear_options(s_ctx, SSL_OP_NO_SSLv3);
++    SSL_CTX_clear_options(s_ctx2, SSL_OP_NO_SSLv3);
++
+     /*
+      * Since we will use low security ciphersuites and keys for testing set
+      * security level to zero by default. Tests can override this by adding

openssl-1.1.1-ec-curves.patch

@@ -0,0 +1,266 @@
+diff -up openssl-1.1.1h/apps/speed.c.curves openssl-1.1.1h/apps/speed.c
+--- openssl-1.1.1h/apps/speed.c.curves	2020-09-22 14:55:07.000000000 +0200
++++ openssl-1.1.1h/apps/speed.c	2020-11-06 13:27:15.659288431 +0100
+@@ -490,90 +490,30 @@ static double rsa_results[RSA_NUM][2];
+ #endif /* OPENSSL_NO_RSA */
+ 
+ enum {
+-    R_EC_P160,
+-    R_EC_P192,
+     R_EC_P224,
+     R_EC_P256,
+     R_EC_P384,
+     R_EC_P521,
+-#ifndef OPENSSL_NO_EC2M
+-    R_EC_K163,
+-    R_EC_K233,
+-    R_EC_K283,
+-    R_EC_K409,
+-    R_EC_K571,
+-    R_EC_B163,
+-    R_EC_B233,
+-    R_EC_B283,
+-    R_EC_B409,
+-    R_EC_B571,
+-#endif
+-    R_EC_BRP256R1,
+-    R_EC_BRP256T1,
+-    R_EC_BRP384R1,
+-    R_EC_BRP384T1,
+-    R_EC_BRP512R1,
+-    R_EC_BRP512T1,
+     R_EC_X25519,
+     R_EC_X448
+ };
+ 
+ #ifndef OPENSSL_NO_EC
+ static OPT_PAIR ecdsa_choices[] = {
+-    {"ecdsap160", R_EC_P160},
+-    {"ecdsap192", R_EC_P192},
+     {"ecdsap224", R_EC_P224},
+     {"ecdsap256", R_EC_P256},
+     {"ecdsap384", R_EC_P384},
+     {"ecdsap521", R_EC_P521},
+-# ifndef OPENSSL_NO_EC2M
+-    {"ecdsak163", R_EC_K163},
+-    {"ecdsak233", R_EC_K233},
+-    {"ecdsak283", R_EC_K283},
+-    {"ecdsak409", R_EC_K409},
+-    {"ecdsak571", R_EC_K571},
+-    {"ecdsab163", R_EC_B163},
+-    {"ecdsab233", R_EC_B233},
+-    {"ecdsab283", R_EC_B283},
+-    {"ecdsab409", R_EC_B409},
+-    {"ecdsab571", R_EC_B571},
+-# endif
+-    {"ecdsabrp256r1", R_EC_BRP256R1},
+-    {"ecdsabrp256t1", R_EC_BRP256T1},
+-    {"ecdsabrp384r1", R_EC_BRP384R1},
+-    {"ecdsabrp384t1", R_EC_BRP384T1},
+-    {"ecdsabrp512r1", R_EC_BRP512R1},
+-    {"ecdsabrp512t1", R_EC_BRP512T1}
+ };
+ # define ECDSA_NUM       OSSL_NELEM(ecdsa_choices)
+ 
+ static double ecdsa_results[ECDSA_NUM][2];    /* 2 ops: sign then verify */
+ 
+ static const OPT_PAIR ecdh_choices[] = {
+-    {"ecdhp160", R_EC_P160},
+-    {"ecdhp192", R_EC_P192},
+     {"ecdhp224", R_EC_P224},
+     {"ecdhp256", R_EC_P256},
+     {"ecdhp384", R_EC_P384},
+     {"ecdhp521", R_EC_P521},
+-# ifndef OPENSSL_NO_EC2M
+-    {"ecdhk163", R_EC_K163},
+-    {"ecdhk233", R_EC_K233},
+-    {"ecdhk283", R_EC_K283},
+-    {"ecdhk409", R_EC_K409},
+-    {"ecdhk571", R_EC_K571},
+-    {"ecdhb163", R_EC_B163},
+-    {"ecdhb233", R_EC_B233},
+-    {"ecdhb283", R_EC_B283},
+-    {"ecdhb409", R_EC_B409},
+-    {"ecdhb571", R_EC_B571},
+-# endif
+-    {"ecdhbrp256r1", R_EC_BRP256R1},
+-    {"ecdhbrp256t1", R_EC_BRP256T1},
+-    {"ecdhbrp384r1", R_EC_BRP384R1},
+-    {"ecdhbrp384t1", R_EC_BRP384T1},
+-    {"ecdhbrp512r1", R_EC_BRP512R1},
+-    {"ecdhbrp512t1", R_EC_BRP512T1},
+     {"ecdhx25519", R_EC_X25519},
+     {"ecdhx448", R_EC_X448}
+ };
+@@ -1502,31 +1442,10 @@ int speed_main(int argc, char **argv)
+         unsigned int bits;
+     } test_curves[] = {
+         /* Prime Curves */
+-        {"secp160r1", NID_secp160r1, 160},
+-        {"nistp192", NID_X9_62_prime192v1, 192},
+         {"nistp224", NID_secp224r1, 224},
+         {"nistp256", NID_X9_62_prime256v1, 256},
+         {"nistp384", NID_secp384r1, 384},
+         {"nistp521", NID_secp521r1, 521},
+-# ifndef OPENSSL_NO_EC2M
+-        /* Binary Curves */
+-        {"nistk163", NID_sect163k1, 163},
+-        {"nistk233", NID_sect233k1, 233},
+-        {"nistk283", NID_sect283k1, 283},
+-        {"nistk409", NID_sect409k1, 409},
+-        {"nistk571", NID_sect571k1, 571},
+-        {"nistb163", NID_sect163r2, 163},
+-        {"nistb233", NID_sect233r1, 233},
+-        {"nistb283", NID_sect283r1, 283},
+-        {"nistb409", NID_sect409r1, 409},
+-        {"nistb571", NID_sect571r1, 571},
+-# endif
+-        {"brainpoolP256r1", NID_brainpoolP256r1, 256},
+-        {"brainpoolP256t1", NID_brainpoolP256t1, 256},
+-        {"brainpoolP384r1", NID_brainpoolP384r1, 384},
+-        {"brainpoolP384t1", NID_brainpoolP384t1, 384},
+-        {"brainpoolP512r1", NID_brainpoolP512r1, 512},
+-        {"brainpoolP512t1", NID_brainpoolP512t1, 512},
+         /* Other and ECDH only ones */
+         {"X25519", NID_X25519, 253},
+         {"X448", NID_X448, 448}
+@@ -2026,9 +1945,9 @@ int speed_main(int argc, char **argv)
+ #  endif
+ 
+ #  ifndef OPENSSL_NO_EC
+-    ecdsa_c[R_EC_P160][0] = count / 1000;
+-    ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
+-    for (i = R_EC_P192; i <= R_EC_P521; i++) {
++    ecdsa_c[R_EC_P224][0] = count / 1000;
++    ecdsa_c[R_EC_P224][1] = count / 1000 / 2;
++    for (i = R_EC_P256; i <= R_EC_P521; i++) {
+         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
+         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
+         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
+@@ -2040,7 +1959,7 @@ int speed_main(int argc, char **argv)
+             }
+         }
+     }
+-#   ifndef OPENSSL_NO_EC2M
++#   if 0
+     ecdsa_c[R_EC_K163][0] = count / 1000;
+     ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
+     for (i = R_EC_K233; i <= R_EC_K571; i++) {
+@@ -2071,8 +1990,8 @@ int speed_main(int argc, char **argv)
+     }
+ #   endif
+ 
+-    ecdh_c[R_EC_P160][0] = count / 1000;
+-    for (i = R_EC_P192; i <= R_EC_P521; i++) {
++    ecdh_c[R_EC_P224][0] = count / 1000;
++    for (i = R_EC_P256; i <= R_EC_P521; i++) {
+         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
+         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
+             ecdh_doit[i] = 0;
+@@ -2082,7 +2001,7 @@ int speed_main(int argc, char **argv)
+             }
+         }
+     }
+-#   ifndef OPENSSL_NO_EC2M
++#   if 0
+     ecdh_c[R_EC_K163][0] = count / 1000;
+     for (i = R_EC_K233; i <= R_EC_K571; i++) {
+         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
+diff -up openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves openssl-1.1.1h/crypto/ec/ecp_smpl.c
+--- openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves	2020-09-22 14:55:07.000000000 +0200
++++ openssl-1.1.1h/crypto/ec/ecp_smpl.c	2020-11-06 13:27:15.659288431 +0100
+@@ -145,6 +145,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO
+         return 0;
+     }
+ 
++    if (BN_num_bits(p) < 224) {
++        ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
++        return 0;
++    }
++
+     if (ctx == NULL) {
+         ctx = new_ctx = BN_CTX_new();
+         if (ctx == NULL)
+diff -up openssl-1.1.1h/test/ecdsatest.h.curves openssl-1.1.1h/test/ecdsatest.h
+--- openssl-1.1.1h/test/ecdsatest.h.curves	2020-11-06 13:27:15.627288114 +0100
++++ openssl-1.1.1h/test/ecdsatest.h	2020-11-06 13:27:15.660288441 +0100
+@@ -32,23 +32,6 @@ typedef struct {
+ } ecdsa_cavs_kat_t;
+ 
+ static const ecdsa_cavs_kat_t ecdsa_cavs_kats[] = {
+-    /* prime KATs from X9.62 */
+-    {NID_X9_62_prime192v1, NID_sha1,
+-     "616263",                  /* "abc" */
+-     "1a8d598fc15bf0fd89030b5cb1111aeb92ae8baf5ea475fb",
+-     "0462b12d60690cdcf330babab6e69763b471f994dd702d16a563bf5ec08069705ffff65e"
+-     "5ca5c0d69716dfcb3474373902",
+-     "fa6de29746bbeb7f8bb1e761f85f7dfb2983169d82fa2f4e",
+-     "885052380ff147b734c330c43d39b2c4a89f29b0f749fead",
+-     "e9ecc78106def82bf1070cf1d4d804c3cb390046951df686"},
+-    {NID_X9_62_prime239v1, NID_sha1,
+-     "616263",                  /* "abc" */
+-     "7ef7c6fabefffdea864206e80b0b08a9331ed93e698561b64ca0f7777f3d",
+-     "045b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c707fd9f1ed2e"
+-     "65f09f6ce0893baf5e8e31e6ae82ea8c3592335be906d38dee",
+-     "656c7196bf87dcc5d1f1020906df2782360d36b2de7a17ece37d503784af",
+-     "2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0",
+-     "2eeae988104e9c2234a3c2beb1f53bfa5dc11ff36a875d1e3ccb1f7e45cf"},
+     /* prime KATs from NIST CAVP */
+     {NID_secp224r1, NID_sha224,
+      "699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1"
+--- openssl-1.1.1h/test/recipes/15-test_genec.t.ec-curves	2020-11-06 13:58:36.402895540 +0100
++++ openssl-1.1.1h/test/recipes/15-test_genec.t	2020-11-06 13:59:38.508484498 +0100
+@@ -20,45 +20,11 @@ plan skip_all => "This test is unsupport
+     if disabled("ec");
+ 
+ my @prime_curves = qw(
+-    secp112r1
+-    secp112r2
+-    secp128r1
+-    secp128r2
+-    secp160k1
+-    secp160r1
+-    secp160r2
+-    secp192k1
+-    secp224k1
+     secp224r1
+     secp256k1
+     secp384r1
+     secp521r1
+-    prime192v1
+-    prime192v2
+-    prime192v3
+-    prime239v1
+-    prime239v2
+-    prime239v3
+     prime256v1
+-    wap-wsg-idm-ecid-wtls6
+-    wap-wsg-idm-ecid-wtls7
+-    wap-wsg-idm-ecid-wtls8
+-    wap-wsg-idm-ecid-wtls9
+-    wap-wsg-idm-ecid-wtls12
+-    brainpoolP160r1
+-    brainpoolP160t1
+-    brainpoolP192r1
+-    brainpoolP192t1
+-    brainpoolP224r1
+-    brainpoolP224t1
+-    brainpoolP256r1
+-    brainpoolP256t1
+-    brainpoolP320r1
+-    brainpoolP320t1
+-    brainpoolP384r1
+-    brainpoolP384t1
+-    brainpoolP512r1
+-    brainpoolP512t1
+ );
+ 
+ my @binary_curves = qw(
+@@ -115,7 +81,6 @@ push(@other_curves, 'SM2')
+     if !disabled("sm2");
+ 
+ my @curve_aliases = qw(
+-    P-192
+     P-224
+     P-256
+     P-384

openssl-1.1.1-edk2-build.patch

@@ -0,0 +1,57 @@
+diff -up openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build openssl-1.1.1g/crypto/evp/pkey_kdf.c
+--- openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build	2020-05-18 12:55:53.299548432 +0200
++++ openssl-1.1.1g/crypto/evp/pkey_kdf.c	2020-05-18 12:55:53.340548788 +0200
+@@ -12,6 +12,7 @@
+ #include <openssl/evp.h>
+ #include <openssl/err.h>
+ #include <openssl/kdf.h>
++#include "internal/numbers.h"
+ #include "crypto/evp.h"
+ 
+ static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
+diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build openssl-1.1.1g/crypto/kdf/hkdf.c
+--- openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build	2020-05-18 12:55:53.340548788 +0200
++++ openssl-1.1.1g/crypto/kdf/hkdf.c	2020-05-18 12:57:18.648288904 +0200
+@@ -13,6 +13,7 @@
+ #include <openssl/hmac.h>
+ #include <openssl/kdf.h>
+ #include <openssl/evp.h>
++#include "internal/numbers.h"
+ #include "internal/cryptlib.h"
+ #include "crypto/evp.h"
+ #include "kdf_local.h"
+diff -up openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build openssl-1.1.1g/crypto/rand/rand_unix.c
+--- openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build	2020-05-18 12:56:05.646655554 +0200
++++ openssl-1.1.1g/crypto/rand/rand_unix.c	2020-05-18 12:58:51.088090896 +0200
+@@ -20,7 +20,7 @@
+ #include "crypto/fips.h"
+ #include <stdio.h>
+ #include "internal/dso.h"
+-#ifdef __linux
++#if defined(__linux) && !defined(OPENSSL_SYS_UEFI)
+ # include <sys/syscall.h>
+ # include <sys/random.h>
+ # ifdef DEVRANDOM_WAIT
+diff -up openssl-1.1.1g/include/crypto/fips.h.edk2-build openssl-1.1.1g/include/crypto/fips.h
+--- openssl-1.1.1g/include/crypto/fips.h.edk2-build	2020-05-18 12:55:53.296548406 +0200
++++ openssl-1.1.1g/include/crypto/fips.h	2020-05-18 12:55:53.340548788 +0200
+@@ -50,10 +50,6 @@
+ #include <openssl/opensslconf.h>
+ #include <openssl/evp.h>
+ 
+-#ifndef OPENSSL_FIPS
+-# error FIPS is disabled.
+-#endif
+-
+ #ifdef OPENSSL_FIPS
+ 
+ int FIPS_module_mode_set(int onoff);
+@@ -97,4 +93,8 @@ void fips_set_selftest_fail(void);
+ 
+ void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr);
+ 
++#else
++
++# define fips_in_post() 0
++
+ #endif

openssl-1.1.1-fips-crng-test.patch

@@ -0,0 +1,408 @@
+diff -up openssl-1.1.1g/crypto/rand/build.info.crng-test openssl-1.1.1g/crypto/rand/build.info
+--- openssl-1.1.1g/crypto/rand/build.info.crng-test	2020-04-23 13:30:45.863389837 +0200
++++ openssl-1.1.1g/crypto/rand/build.info	2020-04-23 13:31:55.847069892 +0200
+@@ -1,6 +1,6 @@
+ LIBS=../../libcrypto
+ SOURCE[../../libcrypto]=\
+-        randfile.c rand_lib.c rand_err.c rand_egd.c \
++        randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
+         rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c
+ 
+ INCLUDE[drbg_ctr.o]=../modes
+diff -up openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1g/crypto/rand/drbg_lib.c
+--- openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test	2020-04-23 13:30:45.818390686 +0200
++++ openssl-1.1.1g/crypto/rand/drbg_lib.c	2020-04-23 13:30:45.864389819 +0200
+@@ -67,7 +67,7 @@ static CRYPTO_THREAD_LOCAL private_drbg;
+ 
+ 
+ /* NIST SP 800-90A DRBG recommends the use of a personalization string. */
+-static const char ossl_pers_string[] = "OpenSSL NIST SP 800-90A DRBG";
++static const char ossl_pers_string[] = DRBG_DEFAULT_PERS_STRING;
+ 
+ static CRYPTO_ONCE rand_drbg_init = CRYPTO_ONCE_STATIC_INIT;
+ 
+@@ -201,8 +201,13 @@ static RAND_DRBG *rand_drbg_new(int secu
+     drbg->parent = parent;
+ 
+     if (parent == NULL) {
++#ifdef OPENSSL_FIPS
++        drbg->get_entropy = rand_crngt_get_entropy;
++        drbg->cleanup_entropy = rand_crngt_cleanup_entropy;
++#else
+         drbg->get_entropy = rand_drbg_get_entropy;
+         drbg->cleanup_entropy = rand_drbg_cleanup_entropy;
++#endif
+ #ifndef RAND_DRBG_GET_RANDOM_NONCE
+         drbg->get_nonce = rand_drbg_get_nonce;
+         drbg->cleanup_nonce = rand_drbg_cleanup_nonce;
+diff -up openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1g/crypto/rand/rand_crng_test.c
+--- openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test	2020-04-23 13:30:45.864389819 +0200
++++ openssl-1.1.1g/crypto/rand/rand_crng_test.c	2020-04-23 13:30:45.864389819 +0200
+@@ -0,0 +1,118 @@
++/*
++ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
++ * Copyright (c) 2019, Oracle and/or its affiliates.  All rights reserved.
++ *
++ * Licensed under the Apache License 2.0 (the "License").  You may not use
++ * this file except in compliance with the License.  You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++/*
++ * Implementation of the FIPS 140-2 section 4.9.2 Conditional Tests.
++ */
++
++#include <string.h>
++#include <openssl/evp.h>
++#include "crypto/rand.h"
++#include "internal/thread_once.h"
++#include "rand_local.h"
++
++static RAND_POOL *crngt_pool;
++static unsigned char crngt_prev[EVP_MAX_MD_SIZE];
++
++int (*crngt_get_entropy)(unsigned char *, unsigned char *, unsigned int *)
++    = &rand_crngt_get_entropy_cb;
++
++int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md,
++                              unsigned int *md_size)
++{
++    int r;
++    size_t n;
++    unsigned char *p;
++
++    n = rand_pool_acquire_entropy(crngt_pool);
++    if (n >= CRNGT_BUFSIZ) {
++        p = rand_pool_detach(crngt_pool);
++        r = EVP_Digest(p, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL);
++        if (r != 0)
++            memcpy(buf, p, CRNGT_BUFSIZ);
++        rand_pool_reattach(crngt_pool, p);
++        return r;
++    }
++    return 0;
++}
++
++void rand_crngt_cleanup(void)
++{
++    rand_pool_free(crngt_pool);
++    crngt_pool = NULL;
++}
++
++int rand_crngt_init(void)
++{
++    unsigned char buf[CRNGT_BUFSIZ];
++
++    if ((crngt_pool = rand_pool_new(0, 1, CRNGT_BUFSIZ, CRNGT_BUFSIZ)) == NULL)
++        return 0;
++    if (crngt_get_entropy(buf, crngt_prev, NULL)) {
++        OPENSSL_cleanse(buf, sizeof(buf));
++        return 1;
++    }
++    rand_crngt_cleanup();
++    return 0;
++}
++
++static CRYPTO_ONCE rand_crngt_init_flag = CRYPTO_ONCE_STATIC_INIT;
++DEFINE_RUN_ONCE_STATIC(do_rand_crngt_init)
++{
++    return OPENSSL_init_crypto(0, NULL)
++        && rand_crngt_init()
++        && OPENSSL_atexit(&rand_crngt_cleanup);
++}
++
++int rand_crngt_single_init(void)
++{
++    return RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init);
++}
++
++size_t rand_crngt_get_entropy(RAND_DRBG *drbg,
++                              unsigned char **pout,
++                              int entropy, size_t min_len, size_t max_len,
++                              int prediction_resistance)
++{
++    unsigned char buf[CRNGT_BUFSIZ], md[EVP_MAX_MD_SIZE];
++    unsigned int sz;
++    RAND_POOL *pool;
++    size_t q, r = 0, s, t = 0;
++    int attempts = 3;
++
++    if (!RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init))
++        return 0;
++
++    if ((pool = rand_pool_new(entropy, 1, min_len, max_len)) == NULL)
++        return 0;
++
++    while ((q = rand_pool_bytes_needed(pool, 1)) > 0 && attempts-- > 0) {
++        s = q > sizeof(buf) ? sizeof(buf) : q;
++        if (!crngt_get_entropy(buf, md, &sz)
++            || memcmp(crngt_prev, md, sz) == 0
++            || !rand_pool_add(pool, buf, s, s * 8))
++            goto err;
++        memcpy(crngt_prev, md, sz);
++        t += s;
++        attempts++;
++    }
++    r = t;
++    *pout = rand_pool_detach(pool);
++err:
++    OPENSSL_cleanse(buf, sizeof(buf));
++    rand_pool_free(pool);
++    return r;
++}
++
++void rand_crngt_cleanup_entropy(RAND_DRBG *drbg,
++                                unsigned char *out, size_t outlen)
++{
++    OPENSSL_secure_clear_free(out, outlen);
++}
+diff -up openssl-1.1.1g/crypto/rand/rand_local.h.crng-test openssl-1.1.1g/crypto/rand/rand_local.h
+--- openssl-1.1.1g/crypto/rand/rand_local.h.crng-test	2020-04-23 13:30:45.470397250 +0200
++++ openssl-1.1.1g/crypto/rand/rand_local.h	2020-04-23 13:30:45.864389819 +0200
+@@ -33,7 +33,15 @@
+ # define MASTER_RESEED_TIME_INTERVAL             (60*60)   /* 1 hour */
+ # define SLAVE_RESEED_TIME_INTERVAL              (7*60)    /* 7 minutes */
+ 
+-
++/*
++ * The number of bytes that constitutes an atomic lump of entropy with respect
++ * to the FIPS 140-2 section 4.9.2 Conditional Tests.  The size is somewhat
++ * arbitrary, the smaller the value, the less entropy is consumed on first
++ * read but the higher the probability of the test failing by accident.
++ *
++ * The value is in bytes.
++ */
++#define CRNGT_BUFSIZ    16
+ 
+ /*
+  * Maximum input size for the DRBG (entropy, nonce, personalization string)
+@@ -44,6 +52,8 @@
+  */
+ # define DRBG_MAX_LENGTH                         INT32_MAX
+ 
++/* The default nonce */
++# define DRBG_DEFAULT_PERS_STRING                "OpenSSL NIST SP 800-90A DRBG"
+ 
+ /*
+  * Maximum allocation size for RANDOM_POOL buffers
+@@ -296,4 +306,22 @@ int rand_drbg_enable_locking(RAND_DRBG *
+ /* initializes the AES-CTR DRBG implementation */
+ int drbg_ctr_init(RAND_DRBG *drbg);
+ 
++/*
++ * Entropy call back for the FIPS 140-2 section 4.9.2 Conditional Tests.
++ * These need to be exposed for the unit tests.
++ */
++int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md,
++                              unsigned int *md_size);
++extern int (*crngt_get_entropy)(unsigned char *buf, unsigned char *md,
++                                unsigned int *md_size);
++int rand_crngt_init(void);
++void rand_crngt_cleanup(void);
++
++/*
++ * Expose the run once initialisation function for the unit tests because.
++ * they need to restart from scratch to validate the first block is skipped
++ * properly.
++ */
++int rand_crngt_single_init(void);
++
+ #endif
+diff -up openssl-1.1.1g/include/crypto/rand.h.crng-test openssl-1.1.1g/include/crypto/rand.h
+--- openssl-1.1.1g/include/crypto/rand.h.crng-test	2020-04-23 13:30:45.824390573 +0200
++++ openssl-1.1.1g/include/crypto/rand.h	2020-04-23 13:30:45.864389819 +0200
+@@ -49,6 +49,14 @@ size_t rand_drbg_get_additional_data(RAN
+ 
+ void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
+ 
++/* CRNG test entropy filter callbacks. */
++size_t rand_crngt_get_entropy(RAND_DRBG *drbg,
++                              unsigned char **pout,
++                              int entropy, size_t min_len, size_t max_len,
++                              int prediction_resistance);
++void rand_crngt_cleanup_entropy(RAND_DRBG *drbg,
++                                unsigned char *out, size_t outlen);
++
+ /*
+  * RAND_POOL functions
+  */
+diff -up openssl-1.1.1g/test/drbgtest.c.crng-test openssl-1.1.1g/test/drbgtest.c
+--- openssl-1.1.1g/test/drbgtest.c.crng-test	2020-04-21 14:22:39.000000000 +0200
++++ openssl-1.1.1g/test/drbgtest.c	2020-04-23 13:30:45.865389800 +0200
+@@ -150,6 +150,31 @@ static size_t kat_nonce(RAND_DRBG *drbg,
+     return t->noncelen;
+ }
+ 
++ /*
++ * Disable CRNG testing if it is enabled.
++ * If the DRBG is ready or in an error state, this means an instantiate cycle
++ * for which the default personalisation string is used.
++ */
++static int disable_crngt(RAND_DRBG *drbg)
++{
++    static const char pers[] = DRBG_DEFAULT_PERS_STRING;
++    const int instantiate = drbg->state != DRBG_UNINITIALISED;
++
++    if (drbg->get_entropy != rand_crngt_get_entropy)
++        return 1;
++
++     if ((instantiate && !RAND_DRBG_uninstantiate(drbg))
++        || !TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_drbg_get_entropy,
++                                              &rand_drbg_cleanup_entropy,
++                                              &rand_drbg_get_nonce,
++                                              &rand_drbg_cleanup_nonce))
++        || (instantiate
++            && !RAND_DRBG_instantiate(drbg, (const unsigned char *)pers,
++                                      sizeof(pers) - 1)))
++        return 0;
++    return 1;
++}
++
+ static int uninstantiate(RAND_DRBG *drbg)
+ {
+     int ret = drbg == NULL ? 1 : RAND_DRBG_uninstantiate(drbg);
+@@ -175,7 +200,8 @@ static int single_kat(DRBG_SELFTEST_DATA
+     if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL)))
+         return 0;
+     if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
+-                                           kat_nonce, NULL))) {
++                                           kat_nonce, NULL))
++        || !TEST_true(disable_crngt(drbg))) {
+         failures++;
+         goto err;
+     }
+@@ -293,7 +319,8 @@ static int error_check(DRBG_SELFTEST_DAT
+     unsigned int reseed_counter_tmp;
+     int ret = 0;
+ 
+-    if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL)))
++    if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL))
++	|| !TEST_true(disable_crngt(drbg)))
+         goto err;
+ 
+     /*
+@@ -740,6 +767,10 @@ static int test_rand_drbg_reseed(void)
+         || !TEST_ptr_eq(private->parent, master))
+         return 0;
+ 
++    /* Disable CRNG testing for the master DRBG */
++    if (!TEST_true(disable_crngt(master)))
++        return 0;
++
+     /* uninstantiate the three global DRBGs */
+     RAND_DRBG_uninstantiate(private);
+     RAND_DRBG_uninstantiate(public);
+@@ -964,7 +995,8 @@ static int test_rand_seed(void)
+     size_t rand_buflen;
+     size_t required_seed_buflen = 0;
+ 
+-    if (!TEST_ptr(master = RAND_DRBG_get0_master()))
++    if (!TEST_ptr(master = RAND_DRBG_get0_master())
++        || !TEST_true(disable_crngt(master)))
+         return 0;
+ 
+ #ifdef OPENSSL_RAND_SEED_NONE
+@@ -1013,6 +1045,95 @@ static int test_rand_add(void)
+     return 1;
+ }
+ 
++/*
++ * A list of the FIPS DRGB types.
++ */
++static const struct s_drgb_types {
++    int nid;
++    int flags;
++} drgb_types[] = {
++    { NID_aes_128_ctr,  0                   },
++    { NID_aes_192_ctr,  0                   },
++    { NID_aes_256_ctr,  0                   },
++};
++
++/* Six cases for each covers seed sizes up to 32 bytes */
++static const size_t crngt_num_cases = 6;
++
++static size_t crngt_case, crngt_idx;
++
++static int crngt_entropy_cb(unsigned char *buf, unsigned char *md,
++                            unsigned int *md_size)
++{
++    size_t i, z;
++
++    if (!TEST_int_lt(crngt_idx, crngt_num_cases))
++        return 0;
++    /* Generate a block of unique data unless this is the duplication point */
++    z = crngt_idx++;
++    if (z > 0 && crngt_case == z)
++        z--;
++    for (i = 0; i < CRNGT_BUFSIZ; i++)
++        buf[i] = (unsigned char)(i + 'A' + z);
++    return EVP_Digest(buf, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL);
++}
++
++static int test_crngt(int n)
++{
++    const struct s_drgb_types *dt = drgb_types + n / crngt_num_cases;
++    RAND_DRBG *drbg = NULL;
++    unsigned char buff[100];
++    size_t ent;
++    int res = 0;
++    int expect;
++
++    if (!TEST_true(rand_crngt_single_init()))
++        return 0;
++    rand_crngt_cleanup();
++
++    if (!TEST_ptr(drbg = RAND_DRBG_new(dt->nid, dt->flags, NULL)))
++        return 0;
++    ent = (drbg->min_entropylen + CRNGT_BUFSIZ - 1) / CRNGT_BUFSIZ;
++    crngt_case = n % crngt_num_cases;
++    crngt_idx = 0;
++    crngt_get_entropy = &crngt_entropy_cb;
++    if (!TEST_true(rand_crngt_init()))
++        goto err;
++#ifndef OPENSSL_FIPS
++    if (!TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_crngt_get_entropy,
++                                           &rand_crngt_cleanup_entropy,
++                                           &rand_drbg_get_nonce,
++                                           &rand_drbg_cleanup_nonce)))
++        goto err;
++#endif
++    expect = crngt_case == 0 || crngt_case > ent;
++    if (!TEST_int_eq(RAND_DRBG_instantiate(drbg, NULL, 0), expect))
++        goto err;
++    if (!expect)
++        goto fin;
++    if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0)))
++        goto err;
++
++    expect = crngt_case == 0 || crngt_case > 2 * ent;
++    if (!TEST_int_eq(RAND_DRBG_reseed(drbg, NULL, 0, 0), expect))
++        goto err;
++    if (!expect)
++        goto fin;
++    if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0)))
++        goto err;
++
++fin:
++    res = 1;
++err:
++    if (!res)
++        TEST_note("DRBG %zd case %zd block %zd", n / crngt_num_cases,
++                  crngt_case, crngt_idx);
++    uninstantiate(drbg);
++    RAND_DRBG_free(drbg);
++    crngt_get_entropy = &rand_crngt_get_entropy_cb;
++    return res;
++}
++
+ int setup_tests(void)
+ {
+     app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
+@@ -1025,5 +1146,6 @@ int setup_tests(void)
+ #if defined(OPENSSL_THREADS)
+     ADD_TEST(test_multi_thread);
+ #endif
++    ADD_ALL_TESTS(test_crngt, crngt_num_cases * OSSL_NELEM(drgb_types));
+     return 1;
+ }

openssl-1.1.1-fips-curves.patch

@@ -0,0 +1,200 @@
+diff -up openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves openssl-1.1.1g/crypto/ec/ec_curve.c
+--- openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves	2020-05-18 12:59:54.839643980 +0200
++++ openssl-1.1.1g/crypto/ec/ec_curve.c	2020-05-18 12:59:54.852644093 +0200
+@@ -13,6 +13,7 @@
+ #include <openssl/err.h>
+ #include <openssl/obj_mac.h>
+ #include <openssl/opensslconf.h>
++#include <openssl/crypto.h>
+ #include "internal/nelem.h"
+ 
+ typedef struct {
+@@ -237,6 +238,7 @@ static const struct {
+ 
+ typedef struct _ec_list_element_st {
+     int nid;
++    int fips_allowed;
+     const EC_CURVE_DATA *data;
+     const EC_METHOD *(*meth) (void);
+     const char *comment;
+@@ -246,23 +248,23 @@ static const ec_list_element curve_list[
+     /* prime field curves */
+     /* secg curves */
+ #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+-    {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
++    {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
+      "NIST/SECG curve over a 224 bit prime field"},
+ #else
+-    {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
++    {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, 0,
+      "NIST/SECG curve over a 224 bit prime field"},
+ #endif
+-    {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
++    {NID_secp256k1, 0, &_EC_SECG_PRIME_256K1.h, 0,
+      "SECG curve over a 256 bit prime field"},
+     /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
+-    {NID_secp384r1, &_EC_NIST_PRIME_384.h,
++    {NID_secp384r1, 1, &_EC_NIST_PRIME_384.h,
+ # if defined(S390X_EC_ASM)
+      EC_GFp_s390x_nistp384_method,
+ # else
+      0,
+ # endif
+      "NIST/SECG curve over a 384 bit prime field"},
+-    {NID_secp521r1, &_EC_NIST_PRIME_521.h,
++    {NID_secp521r1, 1, &_EC_NIST_PRIME_521.h,
+ # if defined(S390X_EC_ASM)
+      EC_GFp_s390x_nistp521_method,
+ # elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
+@@ -272,7 +274,7 @@ static const ec_list_element curve_list[
+ # endif
+      "NIST/SECG curve over a 521 bit prime field"},
+     /* X9.62 curves */
+-    {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,
++    {NID_X9_62_prime256v1, 1, &_EC_X9_62_PRIME_256V1.h,
+ #if defined(ECP_NISTZ256_ASM)
+      EC_GFp_nistz256_method,
+ # elif defined(S390X_EC_ASM)
+@@ -404,6 +406,10 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int
+ 
+     for (i = 0; i < curve_list_length; i++)
+         if (curve_list[i].nid == nid) {
++            if (!curve_list[i].fips_allowed && FIPS_mode()) {
++                ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_NOT_A_NIST_PRIME);
++                return NULL;
++            }
+             ret = ec_group_new_from_data(curve_list[i]);
+             break;
+         }
+@@ -418,19 +424,31 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int
+ 
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
+ {
+-    size_t i, min;
++    size_t i, j, num;
++    int fips_mode = FIPS_mode();
+ 
+-    if (r == NULL || nitems == 0)
+-        return curve_list_length;
++    num = curve_list_length;
++    if (fips_mode)
++        for (i = 0; i < curve_list_length; i++) {
++            if (!curve_list[i].fips_allowed)
++                --num;
++        }
+ 
+-    min = nitems < curve_list_length ? nitems : curve_list_length;
++    if (r == NULL || nitems == 0) {
++        return num;
++    }
+ 
+-    for (i = 0; i < min; i++) {
+-        r[i].nid = curve_list[i].nid;
+-        r[i].comment = curve_list[i].comment;
++    for (i = 0, j = 0; i < curve_list_length; i++) {
++        if (j >= nitems)
++            break;
++        if (!fips_mode || curve_list[i].fips_allowed) {
++            r[j].nid = curve_list[i].nid;
++            r[j].comment = curve_list[i].comment;
++            ++j;
++        }
+     }
+ 
+-    return curve_list_length;
++    return num;
+ }
+ 
+ /* Functions to translate between common NIST curve names and NIDs */
+diff -up openssl-1.1.1g/ssl/t1_lib.c.fips-curves openssl-1.1.1g/ssl/t1_lib.c
+--- openssl-1.1.1g/ssl/t1_lib.c.fips-curves	2020-05-18 12:59:54.797643616 +0200
++++ openssl-1.1.1g/ssl/t1_lib.c	2020-05-18 13:03:54.748725463 +0200
+@@ -678,6 +678,36 @@ static const uint16_t tls12_sigalgs[] =
+ #endif
+ };
+ 
++static const uint16_t tls12_fips_sigalgs[] = {
++#ifndef OPENSSL_NO_EC
++    TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
++    TLSEXT_SIGALG_ecdsa_secp384r1_sha384,
++    TLSEXT_SIGALG_ecdsa_secp521r1_sha512,
++#endif
++
++    TLSEXT_SIGALG_rsa_pss_pss_sha256,
++    TLSEXT_SIGALG_rsa_pss_pss_sha384,
++    TLSEXT_SIGALG_rsa_pss_pss_sha512,
++    TLSEXT_SIGALG_rsa_pss_rsae_sha256,
++    TLSEXT_SIGALG_rsa_pss_rsae_sha384,
++    TLSEXT_SIGALG_rsa_pss_rsae_sha512,
++
++    TLSEXT_SIGALG_rsa_pkcs1_sha256,
++    TLSEXT_SIGALG_rsa_pkcs1_sha384,
++    TLSEXT_SIGALG_rsa_pkcs1_sha512,
++
++#ifndef OPENSSL_NO_EC
++    TLSEXT_SIGALG_ecdsa_sha224,
++#endif
++    TLSEXT_SIGALG_rsa_pkcs1_sha224,
++#ifndef OPENSSL_NO_DSA
++    TLSEXT_SIGALG_dsa_sha224,
++    TLSEXT_SIGALG_dsa_sha256,
++    TLSEXT_SIGALG_dsa_sha384,
++    TLSEXT_SIGALG_dsa_sha512,
++#endif
++};
++
+ #ifndef OPENSSL_NO_EC
+ static const uint16_t suiteb_sigalgs[] = {
+     TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
+@@ -894,6 +924,8 @@ static const SIGALG_LOOKUP *tls1_get_leg
+     }
+     if (idx < 0 || idx >= (int)OSSL_NELEM(tls_default_sigalg))
+         return NULL;
++    if (FIPS_mode()) /* We do not allow legacy SHA1 signatures in FIPS mode */
++        return NULL;
+     if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) {
+         const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(tls_default_sigalg[idx]);
+ 
+@@ -954,6 +986,9 @@ size_t tls12_get_psigalgs(SSL *s, int se
+     } else if (s->cert->conf_sigalgs) {
+         *psigs = s->cert->conf_sigalgs;
+         return s->cert->conf_sigalgslen;
++    } else if (FIPS_mode()) {
++        *psigs = tls12_fips_sigalgs;
++        return OSSL_NELEM(tls12_fips_sigalgs);
+     } else {
+         *psigs = tls12_sigalgs;
+         return OSSL_NELEM(tls12_sigalgs);
+@@ -973,6 +1008,9 @@ int tls_check_sigalg_curve(const SSL *s,
+     if (s->cert->conf_sigalgs) {
+         sigs = s->cert->conf_sigalgs;
+         siglen = s->cert->conf_sigalgslen;
++    } else if (FIPS_mode()) {
++        sigs = tls12_fips_sigalgs;
++        siglen = OSSL_NELEM(tls12_fips_sigalgs);
+     } else {
+         sigs = tls12_sigalgs;
+         siglen = OSSL_NELEM(tls12_sigalgs);
+@@ -1617,6 +1655,8 @@ static int tls12_sigalg_allowed(const SS
+     if (lu->sig == NID_id_GostR3410_2012_256
+             || lu->sig == NID_id_GostR3410_2012_512
+             || lu->sig == NID_id_GostR3410_2001) {
++        if (FIPS_mode())
++            return 0;
+         /* We never allow GOST sig algs on the server with TLSv1.3 */
+         if (s->server && SSL_IS_TLS13(s))
+             return 0;
+@@ -2842,6 +2882,13 @@ int tls_choose_sigalg(SSL *s, int fatale
+                 const uint16_t *sent_sigs;
+                 size_t sent_sigslen;
+ 
++                if (fatalerrs && FIPS_mode()) {
++                    /* There are no suitable legacy algorithms in FIPS mode */
++                    SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
++                             SSL_F_TLS_CHOOSE_SIGALG,
++                             SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
++                    return 0;
++                }
+                 if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) {
+                     if (!fatalerrs)
+                         return 1;

openssl-1.1.1-fips-drbg-selftest.patch

@@ -0,0 +1,587 @@
+diff -up openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest openssl-1.1.1g/crypto/fips/fips_post.c
+--- openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest	2020-04-23 13:33:12.500624151 +0200
++++ openssl-1.1.1g/crypto/fips/fips_post.c	2020-04-23 13:33:12.618621925 +0200
+@@ -67,12 +67,18 @@
+ 
+ # include <openssl/fips.h>
+ # include "crypto/fips.h"
++# include "crypto/rand.h"
+ # include "fips_locl.h"
+ 
+ /* Run all selftests */
+ int FIPS_selftest(void)
+ {
+     int rv = 1;
++    if (!rand_drbg_selftest()) {
++        FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_TEST_FAILURE);
++        ERR_add_error_data(2, "Type=", "rand_drbg_selftest");
++        rv = 0;
++    }
+     if (!FIPS_selftest_drbg())
+         rv = 0;
+     if (!FIPS_selftest_sha1())
+diff -up openssl-1.1.1g/crypto/rand/build.info.drbg-selftest openssl-1.1.1g/crypto/rand/build.info
+--- openssl-1.1.1g/crypto/rand/build.info.drbg-selftest	2020-04-23 13:33:12.619621907 +0200
++++ openssl-1.1.1g/crypto/rand/build.info	2020-04-23 13:34:10.857523497 +0200
+@@ -1,6 +1,6 @@
+ LIBS=../../libcrypto
+ SOURCE[../../libcrypto]=\
+         randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
+-        rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c
++        rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c drbg_selftest.c
+ 
+ INCLUDE[drbg_ctr.o]=../modes
+diff -up openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1g/crypto/rand/drbg_selftest.c
+--- openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest	2020-04-23 13:33:12.619621907 +0200
++++ openssl-1.1.1g/crypto/rand/drbg_selftest.c	2020-04-23 13:33:12.619621907 +0200
+@@ -0,0 +1,537 @@
++/*
++ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License").  You may not use
++ * this file except in compliance with the License.  You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++#include <string.h>
++#include <stddef.h>
++#include "internal/nelem.h"
++#include <openssl/crypto.h>
++#include <openssl/err.h>
++#include <openssl/rand_drbg.h>
++#include <openssl/obj_mac.h>
++#include "internal/thread_once.h"
++#include "crypto/rand.h"
++
++typedef struct test_ctx_st {
++    const unsigned char *entropy;
++    size_t entropylen;
++    int entropycnt;
++    const unsigned char *nonce;
++    size_t noncelen;
++    int noncecnt;
++} TEST_CTX;
++
++static int app_data_index = -1;
++static CRYPTO_ONCE get_index_once = CRYPTO_ONCE_STATIC_INIT;
++DEFINE_RUN_ONCE_STATIC(drbg_app_data_index_init)
++{
++    app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
++
++    return 1;
++}
++
++enum drbg_kat_type {
++    NO_RESEED,
++    PR_FALSE,
++    PR_TRUE
++};
++
++enum drbg_df {
++    USE_DF,
++    NO_DF,
++    NA
++};
++
++struct drbg_kat_no_reseed {
++    size_t count;
++    const unsigned char *entropyin;
++    const unsigned char *nonce;
++    const unsigned char *persstr;
++    const unsigned char *addin1;
++    const unsigned char *addin2;
++    const unsigned char *retbytes;
++};
++
++struct drbg_kat_pr_false {
++    size_t count;
++    const unsigned char *entropyin;
++    const unsigned char *nonce;
++    const unsigned char *persstr;
++    const unsigned char *entropyinreseed;
++    const unsigned char *addinreseed;
++    const unsigned char *addin1;
++    const unsigned char *addin2;
++    const unsigned char *retbytes;
++};
++
++struct drbg_kat_pr_true {
++    size_t count;
++    const unsigned char *entropyin;
++    const unsigned char *nonce;
++    const unsigned char *persstr;
++    const unsigned char *entropyinpr1;
++    const unsigned char *addin1;
++    const unsigned char *entropyinpr2;
++    const unsigned char *addin2;
++    const unsigned char *retbytes;
++};
++
++struct drbg_kat {
++    enum drbg_kat_type type;
++    enum drbg_df df;
++    int nid;
++
++    size_t entropyinlen;
++    size_t noncelen;
++    size_t persstrlen;
++    size_t addinlen;
++    size_t retbyteslen;
++
++    const void *t;
++};
++
++/*
++ * Excerpt from test/drbg_cavs_data.c
++ * DRBG test vectors from:
++ * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/
++ */
++
++static const unsigned char kat1308_entropyin[] = {
++    0x7c, 0x5d, 0x90, 0x70, 0x3b, 0x8a, 0xc7, 0x0f, 0x23, 0x73, 0x24, 0x9c,
++    0xa7, 0x15, 0x41, 0x71, 0x7a, 0x31, 0xea, 0x32, 0xfc, 0x28, 0x0d, 0xd7,
++    0x5b, 0x09, 0x01, 0x98, 0x1b, 0xe2, 0xa5, 0x53, 0xd9, 0x05, 0x32, 0x97,
++    0xec, 0xbe, 0x86, 0xfd, 0x1c, 0x1c, 0x71, 0x4c, 0x52, 0x29, 0x9e, 0x52,
++};
++static const unsigned char kat1308_nonce[] = {0};
++static const unsigned char kat1308_persstr[] = {
++    0xdc, 0x07, 0x2f, 0x68, 0xfa, 0x77, 0x03, 0x23, 0x42, 0xb0, 0xf5, 0xa2,
++    0xd9, 0xad, 0xa1, 0xd0, 0xad, 0xa2, 0x14, 0xb4, 0xd0, 0x8e, 0xfb, 0x39,
++    0xdd, 0xc2, 0xac, 0xfb, 0x98, 0xdf, 0x7f, 0xce, 0x4c, 0x75, 0x56, 0x45,
++    0xcd, 0x86, 0x93, 0x74, 0x90, 0x6e, 0xf6, 0x9e, 0x85, 0x7e, 0xfb, 0xc3,
++};
++static const unsigned char kat1308_addin0[] = {
++    0x52, 0x25, 0xc4, 0x2f, 0x03, 0xce, 0x29, 0x71, 0xc5, 0x0b, 0xc3, 0x4e,
++    0xad, 0x8d, 0x6f, 0x17, 0x82, 0xe1, 0xf3, 0xfd, 0xfd, 0x9b, 0x94, 0x9a,
++    0x1d, 0xac, 0xd0, 0xd4, 0x3f, 0x2b, 0xe3, 0xab, 0x7c, 0x3d, 0x3e, 0x5a,
++    0x68, 0xbb, 0xa4, 0x74, 0x68, 0x1a, 0xc6, 0x27, 0xff, 0xe0, 0xc0, 0x6c,
++};
++static const unsigned char kat1308_addin1[] = {
++    0xdc, 0x91, 0xd7, 0xb7, 0xb9, 0x94, 0x79, 0x0f, 0x06, 0xc4, 0x70, 0x19,
++    0x33, 0x25, 0x7c, 0x96, 0x01, 0xa0, 0x62, 0xb0, 0x50, 0xe6, 0xc0, 0x3a,
++    0x56, 0x8f, 0xc5, 0x50, 0x48, 0xc6, 0xf4, 0x49, 0xe5, 0x70, 0x16, 0x2e,
++    0xae, 0xf2, 0x99, 0xb4, 0x2d, 0x70, 0x18, 0x16, 0xcd, 0xe0, 0x24, 0xe4,
++};
++static const unsigned char kat1308_retbits[] = {
++    0xde, 0xf8, 0x91, 0x1b, 0xf1, 0xe1, 0xa9, 0x97, 0xd8, 0x61, 0x84, 0xe2,
++    0xdb, 0x83, 0x3e, 0x60, 0x45, 0xcd, 0xc8, 0x66, 0x93, 0x28, 0xc8, 0x92,
++    0xbc, 0x25, 0xae, 0xe8, 0xb0, 0xed, 0xed, 0x16, 0x3d, 0xa5, 0xf9, 0x0f,
++    0xb3, 0x72, 0x08, 0x84, 0xac, 0x3c, 0x3b, 0xaa, 0x5f, 0xf9, 0x7d, 0x63,
++    0x3e, 0xde, 0x59, 0x37, 0x0e, 0x40, 0x12, 0x2b, 0xbc, 0x6c, 0x96, 0x53,
++    0x26, 0x32, 0xd0, 0xb8,
++};
++static const struct drbg_kat_no_reseed kat1308_t = {
++    2, kat1308_entropyin, kat1308_nonce, kat1308_persstr,
++    kat1308_addin0, kat1308_addin1, kat1308_retbits
++};
++static const struct drbg_kat kat1308 = {
++    NO_RESEED, NO_DF, NID_aes_256_ctr, 48, 0, 48, 48, 64, &kat1308_t
++};
++
++static const unsigned char kat1465_entropyin[] = {
++    0xc9, 0x96, 0x3a, 0x15, 0x51, 0x76, 0x4f, 0xe0, 0x45, 0x82, 0x8a, 0x64,
++    0x87, 0xbe, 0xaa, 0xc0,
++};
++static const unsigned char kat1465_nonce[] = {
++    0x08, 0xcd, 0x69, 0x39, 0xf8, 0x58, 0x9a, 0x85,
++};
++static const unsigned char kat1465_persstr[] = {0};
++static const unsigned char kat1465_entropyinreseed[] = {
++    0x16, 0xcc, 0x35, 0x15, 0xb1, 0x17, 0xf5, 0x33, 0x80, 0x9a, 0x80, 0xc5,
++    0x1f, 0x4b, 0x7b, 0x51,
++};
++static const unsigned char kat1465_addinreseed[] = {
++    0xf5, 0x3d, 0xf1, 0x2e, 0xdb, 0x28, 0x1c, 0x00, 0x7b, 0xcb, 0xb6, 0x12,
++    0x61, 0x9f, 0x26, 0x5f,
++};
++static const unsigned char kat1465_addin0[] = {
++    0xe2, 0x67, 0x06, 0x62, 0x09, 0xa7, 0xcf, 0xd6, 0x84, 0x8c, 0x20, 0xf6,
++    0x10, 0x5a, 0x73, 0x9c,
++};
++static const unsigned char kat1465_addin1[] = {
++    0x26, 0xfa, 0x50, 0xe1, 0xb3, 0xcb, 0x65, 0xed, 0xbc, 0x6d, 0xda, 0x18,
++    0x47, 0x99, 0x1f, 0xeb,
++};
++static const unsigned char kat1465_retbits[] = {
++    0xf9, 0x47, 0xc6, 0xb0, 0x58, 0xa8, 0x66, 0x8a, 0xf5, 0x2b, 0x2a, 0x6d,
++    0x4e, 0x24, 0x6f, 0x65, 0xbf, 0x51, 0x22, 0xbf, 0xe8, 0x8d, 0x6c, 0xeb,
++    0xf9, 0x68, 0x7f, 0xed, 0x3b, 0xdd, 0x6b, 0xd5, 0x28, 0x47, 0x56, 0x52,
++    0xda, 0x50, 0xf0, 0x90, 0x73, 0x95, 0x06, 0x58, 0xaf, 0x08, 0x98, 0x6e,
++    0x24, 0x18, 0xfd, 0x2f, 0x48, 0x72, 0x57, 0xd6, 0x59, 0xab, 0xe9, 0x41,
++    0x58, 0xdb, 0x27, 0xba,
++};
++static const struct drbg_kat_pr_false kat1465_t = {
++    9, kat1465_entropyin, kat1465_nonce, kat1465_persstr,
++    kat1465_entropyinreseed, kat1465_addinreseed, kat1465_addin0,
++    kat1465_addin1, kat1465_retbits
++};
++static const struct drbg_kat kat1465 = {
++    PR_FALSE, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat1465_t
++};
++
++static const unsigned char kat3146_entropyin[] = {
++    0xd7, 0x08, 0x42, 0x82, 0xc2, 0xd2, 0xd1, 0xde, 0x01, 0xb4, 0x36, 0xb3,
++    0x7f, 0xbd, 0xd3, 0xdd, 0xb3, 0xc4, 0x31, 0x4f, 0x8f, 0xa7, 0x10, 0xf4,
++};
++static const unsigned char kat3146_nonce[] = {
++    0x7b, 0x9e, 0xcd, 0x49, 0x4f, 0x46, 0xa0, 0x08, 0x32, 0xff, 0x2e, 0xc3,
++    0x50, 0x86, 0xca, 0xca,
++};
++static const unsigned char kat3146_persstr[] = {0};
++static const unsigned char kat3146_entropyinpr1[] = {
++    0x68, 0xd0, 0x7b, 0xa4, 0xe7, 0x22, 0x19, 0xe6, 0xb6, 0x46, 0x6a, 0xda,
++    0x8e, 0x67, 0xea, 0x63, 0x3f, 0xaf, 0x2f, 0x6c, 0x9d, 0x5e, 0x48, 0x15,
++};
++static const unsigned char kat3146_addinpr1[] = {
++    0x70, 0x0f, 0x54, 0xf4, 0x53, 0xde, 0xca, 0x61, 0x5c, 0x49, 0x51, 0xd1,
++    0x41, 0xc4, 0xf1, 0x2f, 0x65, 0xfb, 0x7e, 0xbc, 0x9b, 0x14, 0xba, 0x90,
++    0x05, 0x33, 0x7e, 0x64, 0xb7, 0x2b, 0xaf, 0x99,
++};
++static const unsigned char kat3146_entropyinpr2[] = {
++    0xeb, 0x77, 0xb0, 0xe9, 0x2d, 0x31, 0xc8, 0x66, 0xc5, 0xc4, 0xa7, 0xf7,
++    0x6c, 0xb2, 0x74, 0x36, 0x4b, 0x25, 0x78, 0x04, 0xd8, 0xd7, 0xd2, 0x34,
++};
++static const unsigned char kat3146_addinpr2[] = {
++    0x05, 0xcd, 0x2a, 0x97, 0x5a, 0x5d, 0xfb, 0x98, 0xc1, 0xf1, 0x00, 0x0c,
++    0xed, 0xe6, 0x2a, 0xba, 0xf0, 0x89, 0x1f, 0x5a, 0x4f, 0xd7, 0x48, 0xb3,
++    0x24, 0xc0, 0x8a, 0x3d, 0x60, 0x59, 0x5d, 0xb6,
++};
++static const unsigned char kat3146_retbits[] = {
++    0x29, 0x94, 0xa4, 0xa8, 0x17, 0x3e, 0x62, 0x2f, 0x94, 0xdd, 0x40, 0x1f,
++    0xe3, 0x7e, 0x77, 0xd4, 0x38, 0xbc, 0x0e, 0x49, 0x46, 0xf6, 0x0e, 0x28,
++    0x91, 0xc6, 0x9c, 0xc4, 0xa6, 0xa1, 0xf8, 0x9a, 0x64, 0x5e, 0x99, 0x76,
++    0xd0, 0x2d, 0xee, 0xde, 0xe1, 0x2c, 0x93, 0x29, 0x4b, 0x12, 0xcf, 0x87,
++    0x03, 0x98, 0xb9, 0x74, 0x41, 0xdb, 0x3a, 0x49, 0x9f, 0x92, 0xd0, 0x45,
++    0xd4, 0x30, 0x73, 0xbb,
++};
++static const struct drbg_kat_pr_true kat3146_t = {
++    10, kat3146_entropyin, kat3146_nonce, kat3146_persstr,
++    kat3146_entropyinpr1, kat3146_addinpr1, kat3146_entropyinpr2,
++    kat3146_addinpr2, kat3146_retbits
++};
++static const struct drbg_kat kat3146 = {
++    PR_TRUE, USE_DF, NID_aes_192_ctr, 24, 16, 0, 32, 64, &kat3146_t
++};
++
++static const struct drbg_kat *drbg_test[] = { &kat1308, &kat1465, &kat3146 };
++
++static const size_t drbg_test_nelem = OSSL_NELEM(drbg_test);
++
++static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout,
++                          int entropy, size_t min_len, size_t max_len,
++                          int prediction_resistance)
++{
++    TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
++
++    t->entropycnt++;
++    *pout = (unsigned char *)t->entropy;
++    return t->entropylen;
++}
++
++static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout,
++                        int entropy, size_t min_len, size_t max_len)
++{
++    TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
++
++    t->noncecnt++;
++    *pout = (unsigned char *)t->nonce;
++    return t->noncelen;
++}
++
++/*
++ * Do a single NO_RESEED KAT:
++ *
++ * Instantiate
++ * Generate Random Bits (pr=false)
++ * Generate Random Bits (pr=false)
++ * Uninstantiate
++ *
++ * Return 0 on failure.
++ */
++static int single_kat_no_reseed(const struct drbg_kat *td)
++{
++    struct drbg_kat_no_reseed *data = (struct drbg_kat_no_reseed *)td->t;
++    RAND_DRBG *drbg = NULL;
++    unsigned char *buff = NULL;
++    unsigned int flags = 0;
++    int failures = 0;
++    TEST_CTX t;
++
++    if (td->df != USE_DF)
++        flags |= RAND_DRBG_FLAG_CTR_NO_DF;
++
++    if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
++        return 0;
++
++    if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
++                                 kat_nonce, NULL)) {
++        failures++;
++        goto err;
++    }
++    memset(&t, 0, sizeof(t));
++    t.entropy = data->entropyin;
++    t.entropylen = td->entropyinlen;
++    t.nonce = data->nonce;
++    t.noncelen = td->noncelen;
++    RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
++
++    buff = OPENSSL_malloc(td->retbyteslen);
++    if (buff == NULL) {
++        failures++;
++        goto err;
++    }
++
++    if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)
++        || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
++                               data->addin1, td->addinlen)
++        || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
++                               data->addin2, td->addinlen)
++        || memcmp(data->retbytes, buff,
++                  td->retbyteslen) != 0)
++        failures++;
++
++err:
++    OPENSSL_free(buff);
++    RAND_DRBG_uninstantiate(drbg);
++    RAND_DRBG_free(drbg);
++    return failures == 0;
++}
++
++/*-
++ * Do a single PR_FALSE KAT:
++ *
++ * Instantiate
++ * Reseed
++ * Generate Random Bits (pr=false)
++ * Generate Random Bits (pr=false)
++ * Uninstantiate
++ *
++ * Return 0 on failure.
++ */
++static int single_kat_pr_false(const struct drbg_kat *td)
++{
++    struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t;
++    RAND_DRBG *drbg = NULL;
++    unsigned char *buff = NULL;
++    unsigned int flags = 0;
++    int failures = 0;
++    TEST_CTX t;
++
++    if (td->df != USE_DF)
++        flags |= RAND_DRBG_FLAG_CTR_NO_DF;
++
++    if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
++        return 0;
++
++    if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
++                                 kat_nonce, NULL)) {
++        failures++;
++        goto err;
++    }
++    memset(&t, 0, sizeof(t));
++    t.entropy = data->entropyin;
++    t.entropylen = td->entropyinlen;
++    t.nonce = data->nonce;
++    t.noncelen = td->noncelen;
++    RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
++
++    buff = OPENSSL_malloc(td->retbyteslen);
++    if (buff == NULL) {
++        failures++;
++        goto err;
++    }
++
++    if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
++        failures++;
++
++    t.entropy = data->entropyinreseed;
++    t.entropylen = td->entropyinlen;
++
++    if (!RAND_DRBG_reseed(drbg, data->addinreseed, td->addinlen, 0)
++        || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
++                               data->addin1, td->addinlen)
++        || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
++                               data->addin2, td->addinlen)
++        || memcmp(data->retbytes, buff,
++                  td->retbyteslen) != 0)
++        failures++;
++
++err:
++    OPENSSL_free(buff);
++    RAND_DRBG_uninstantiate(drbg);
++    RAND_DRBG_free(drbg);
++    return failures == 0;
++}
++
++/*-
++ * Do a single PR_TRUE KAT:
++ *
++ * Instantiate
++ * Generate Random Bits (pr=true)
++ * Generate Random Bits (pr=true)
++ * Uninstantiate
++ *
++ * Return 0 on failure.
++ */
++static int single_kat_pr_true(const struct drbg_kat *td)
++{
++    struct drbg_kat_pr_true *data = (struct drbg_kat_pr_true *)td->t;
++    RAND_DRBG *drbg = NULL;
++    unsigned char *buff = NULL;
++    unsigned int flags = 0;
++    int failures = 0;
++    TEST_CTX t;
++
++    if (td->df != USE_DF)
++        flags |= RAND_DRBG_FLAG_CTR_NO_DF;
++
++    if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
++        return 0;
++
++    if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
++                                 kat_nonce, NULL)) {
++        failures++;
++        goto err;
++    }
++    memset(&t, 0, sizeof(t));
++    t.nonce = data->nonce;
++    t.noncelen = td->noncelen;
++    t.entropy = data->entropyin;
++    t.entropylen = td->entropyinlen;
++    RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
++
++    buff = OPENSSL_malloc(td->retbyteslen);
++    if (buff == NULL) {
++        failures++;
++        goto err;
++    }
++
++    if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
++        failures++;
++
++    t.entropy = data->entropyinpr1;
++    t.entropylen = td->entropyinlen;
++
++    if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
++                            data->addin1, td->addinlen))
++        failures++;
++
++    t.entropy = data->entropyinpr2;
++    t.entropylen = td->entropyinlen;
++
++    if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
++                            data->addin2, td->addinlen)
++        || memcmp(data->retbytes, buff,
++                  td->retbyteslen) != 0)
++        failures++;
++
++err:
++    OPENSSL_free(buff);
++    RAND_DRBG_uninstantiate(drbg);
++    RAND_DRBG_free(drbg);
++    return failures == 0;
++}
++
++static int test_kats(int i)
++{
++    const struct drbg_kat *td = drbg_test[i];
++    int rv = 0;
++
++    switch (td->type) {
++    case NO_RESEED:
++        if (!single_kat_no_reseed(td))
++            goto err;
++        break;
++    case PR_FALSE:
++        if (!single_kat_pr_false(td))
++            goto err;
++        break;
++    case PR_TRUE:
++        if (!single_kat_pr_true(td))
++            goto err;
++        break;
++    default:	/* cant happen */
++        goto err;
++    }
++    rv = 1;
++err:
++    return rv;
++}
++
++/*-
++ * Do one expected-error test:
++ *
++ * Instantiate with no entropy supplied
++ *
++ * Return 0 on failure.
++ */
++static int test_drbg_sanity(const struct drbg_kat *td)
++{
++    struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t;
++    RAND_DRBG *drbg = NULL;
++    unsigned int flags = 0;
++    int failures = 0;
++    TEST_CTX t;
++
++    if (td->df != USE_DF)
++        flags |= RAND_DRBG_FLAG_CTR_NO_DF;
++
++    if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
++        return 0;
++
++    if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
++                                 kat_nonce, NULL)) {
++        failures++;
++        goto err;
++    }
++    memset(&t, 0, sizeof(t));
++    t.entropy = data->entropyin;
++    t.entropylen = 0;     /* No entropy */
++    t.nonce = data->nonce;
++    t.noncelen = td->noncelen;
++    RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
++
++    ERR_set_mark();
++    /* This must fail. */
++    if (RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
++        failures++;
++    RAND_DRBG_uninstantiate(drbg);
++    ERR_pop_to_mark();
++
++err:
++    RAND_DRBG_free(drbg);
++    return failures == 0;
++}
++
++
++int rand_drbg_selftest(void)
++{
++    int i;
++
++    if (!RUN_ONCE(&get_index_once, drbg_app_data_index_init))
++        return 0;
++
++    for (i = 0; i < drbg_test_nelem; i++) {
++        if (test_kats(i) <= 0)
++            return 0;
++    }
++
++    if (test_drbg_sanity(&kat1465) <= 0)
++        return 0;
++
++    return 1;
++}
+diff -up openssl-1.1.1g/include/crypto/rand.h.drbg-selftest openssl-1.1.1g/include/crypto/rand.h
+--- openssl-1.1.1g/include/crypto/rand.h.drbg-selftest	2020-04-23 13:33:12.587622510 +0200
++++ openssl-1.1.1g/include/crypto/rand.h	2020-04-23 13:33:12.619621907 +0200
+@@ -140,4 +140,9 @@ void rand_pool_cleanup(void);
+  */
+ void rand_pool_keep_random_devices_open(int keep);
+ 
++/*
++ * Perform the DRBG KAT selftests
++ */
++int rand_drbg_selftest(void);
++
+ #endif

openssl-1.1.1-fips-post-rand.patch

@@ -0,0 +1,189 @@
+diff -up openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand openssl-1.1.1e/crypto/fips/fips.c
+--- openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand	2020-03-17 18:06:16.822418854 +0100
++++ openssl-1.1.1e/crypto/fips/fips.c	2020-03-17 18:06:16.861418172 +0100
+@@ -68,6 +68,7 @@
+ 
+ # include <openssl/fips.h>
+ # include "internal/thread_once.h"
++# include "crypto/rand.h"
+ 
+ # ifndef PATH_MAX
+ #  define PATH_MAX 1024
+@@ -76,6 +77,7 @@
+ static int fips_selftest_fail = 0;
+ static int fips_mode = 0;
+ static int fips_started = 0;
++static int fips_post = 0;
+ 
+ static int fips_is_owning_thread(void);
+ static int fips_set_owning_thread(void);
+@@ -158,6 +160,11 @@ void fips_set_selftest_fail(void)
+     fips_selftest_fail = 1;
+ }
+ 
++int fips_in_post(void)
++{
++    return fips_post;
++}
++
+ /* we implement what libfipscheck does ourselves */
+ 
+ static int
+@@ -445,6 +452,8 @@ int FIPS_module_mode_set(int onoff)
+         }
+ # endif
+ 
++        fips_post = 1;
++
+         if (!FIPS_selftest()) {
+             fips_selftest_fail = 1;
+             ret = 0;
+@@ -459,7 +468,12 @@ int FIPS_module_mode_set(int onoff)
+             goto end;
+         }
+ 
++        fips_post = 0;
++
+         fips_set_mode(onoff);
++        /* force RNG reseed with entropy from getrandom() on next call */
++        rand_force_reseed();
++
+         ret = 1;
+         goto end;
+     }
+diff -up openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1e/crypto/rand/drbg_lib.c
+--- openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/rand/drbg_lib.c	2020-03-17 18:07:35.305045521 +0100
+@@ -1009,6 +1009,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg
+     return min_entropy > min_entropylen ? min_entropy : min_entropylen;
+ }
+ 
++void rand_force_reseed(void)
++{
++    RAND_DRBG *drbg;
++
++    drbg = RAND_DRBG_get0_master();
++    drbg->fork_id = 0;
++
++    drbg = RAND_DRBG_get0_private();
++    drbg->fork_id = 0;
++
++    drbg = RAND_DRBG_get0_public();
++    drbg->fork_id = 0;
++}
++
+ /* Implements the default OpenSSL RAND_add() method */
+ static int drbg_add(const void *buf, int num, double randomness)
+ {
+diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/crypto/rand/rand_unix.c
+--- openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/rand/rand_unix.c	2020-03-17 18:09:01.503537189 +0100
+@@ -17,10 +17,12 @@
+ #include <openssl/crypto.h>
+ #include "rand_local.h"
+ #include "crypto/rand.h"
++#include "crypto/fips.h"
+ #include <stdio.h>
+ #include "internal/dso.h"
+ #ifdef __linux
+ # include <sys/syscall.h>
++# include <sys/random.h>
+ # ifdef DEVRANDOM_WAIT
+ #  include <sys/shm.h>
+ #  include <sys/utsname.h>
+@@ -342,7 +344,7 @@ static ssize_t sysctl_random(char *buf,
+  * syscall_random(): Try to get random data using a system call
+  * returns the number of bytes returned in buf, or < 0 on error.
+  */
+-static ssize_t syscall_random(void *buf, size_t buflen)
++static ssize_t syscall_random(void *buf, size_t buflen, int nonblock)
+ {
+     /*
+      * Note: 'buflen' equals the size of the buffer which is used by the
+@@ -364,6 +366,7 @@ static ssize_t syscall_random(void *buf,
+      * - Linux since 3.17 with glibc 2.25
+      * - FreeBSD since 12.0 (1200061)
+      */
++#  if 0
+ #  if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)
+     extern int getentropy(void *buffer, size_t length) __attribute__((weak));
+ 
+@@ -385,10 +388,10 @@ static ssize_t syscall_random(void *buf,
+     if (p_getentropy.p != NULL)
+         return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1;
+ #  endif
+-
++#  endif
+     /* Linux supports this since version 3.17 */
+-#  if defined(__linux) && defined(__NR_getrandom)
+-    return syscall(__NR_getrandom, buf, buflen, 0);
++#  if defined(__linux) && defined(SYS_getrandom)
++    return syscall(SYS_getrandom, buf, buflen, nonblock?GRND_NONBLOCK:0);
+ #  elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
+     return sysctl_random(buf, buflen);
+ #  else
+@@ -623,6 +626,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
+     size_t entropy_available;
+ 
+ #   if defined(OPENSSL_RAND_SEED_GETRANDOM)
++    int in_post;
++
++    for (in_post = fips_in_post(); in_post >= 0; --in_post) {
+     {
+         size_t bytes_needed;
+         unsigned char *buffer;
+@@ -633,7 +639,7 @@ size_t rand_pool_acquire_entropy(RAND_PO
+         bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
+         while (bytes_needed != 0 && attempts-- > 0) {
+             buffer = rand_pool_add_begin(pool, bytes_needed);
+-            bytes = syscall_random(buffer, bytes_needed);
++            bytes = syscall_random(buffer, bytes_needed, in_post);
+             if (bytes > 0) {
+                 rand_pool_add_end(pool, bytes, 8 * bytes);
+                 bytes_needed -= bytes;
+@@ -668,8 +674,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
+             int attempts = 3;
+             const int fd = get_random_device(i);
+ 
+-            if (fd == -1)
++            if (fd == -1) {
++                OPENSSL_showfatal("Random device %s cannot be opened.\n", random_device_paths[i]);
+                 continue;
++            }
+ 
+             while (bytes_needed != 0 && attempts-- > 0) {
+                 buffer = rand_pool_add_begin(pool, bytes_needed);
+@@ -732,7 +740,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
+             return entropy_available;
+     }
+ #   endif
+-
++#   ifdef OPENSSL_RAND_SEED_GETRANDOM
++    }
++#   endif
+     return rand_pool_entropy_available(pool);
+ #  endif
+ }
+diff -up openssl-1.1.1e/include/crypto/fips.h.fips-post-rand openssl-1.1.1e/include/crypto/fips.h
+--- openssl-1.1.1e/include/crypto/fips.h.fips-post-rand	2020-03-17 18:06:16.831418696 +0100
++++ openssl-1.1.1e/include/crypto/fips.h	2020-03-17 18:06:16.861418172 +0100
+@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void);
+ int FIPS_selftest_drbg(void);
+ int FIPS_selftest_cmac(void);
+ 
++int fips_in_post(void);
++
+ int fips_pkey_signature_test(EVP_PKEY *pkey,
+                                  const unsigned char *tbs, int tbslen,
+                                  const unsigned char *kat,
+diff -up openssl-1.1.1e/include/crypto/rand.h.fips-post-rand openssl-1.1.1e/include/crypto/rand.h
+--- openssl-1.1.1e/include/crypto/rand.h.fips-post-rand	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/include/crypto/rand.h	2020-03-17 18:07:35.303045555 +0100
+@@ -24,6 +24,7 @@
+ typedef struct rand_pool_st RAND_POOL;
+ 
+ void rand_cleanup_int(void);
++void rand_force_reseed(void);
+ void rand_drbg_cleanup_int(void);
+ void drbg_delete_thread_state(void);
+ 

openssl-1.1.1-intel-cet.patch

@@ -0,0 +1,500 @@
+diff -up openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl
+--- openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl	2020-03-19 17:07:02.626522694 +0100
+@@ -275,6 +275,7 @@ $code.=<<___;
+ .align	16
+ ${PREFIX}_encrypt:
+ .cfi_startproc
++	endbranch
+ 	movups	($inp),$inout0		# load input
+ 	mov	240($key),$rounds	# key->rounds
+ ___
+@@ -293,6 +294,7 @@ $code.=<<___;
+ .align	16
+ ${PREFIX}_decrypt:
+ .cfi_startproc
++	endbranch
+ 	movups	($inp),$inout0		# load input
+ 	mov	240($key),$rounds	# key->rounds
+ ___
+@@ -613,6 +615,7 @@ $code.=<<___;
+ .align	16
+ aesni_ecb_encrypt:
+ .cfi_startproc
++	endbranch
+ ___
+ $code.=<<___ if ($win64);
+ 	lea	-0x58(%rsp),%rsp
+@@ -985,6 +988,7 @@ $code.=<<___;
+ .align	16
+ aesni_ccm64_encrypt_blocks:
+ .cfi_startproc
++	endbranch
+ ___
+ $code.=<<___ if ($win64);
+ 	lea	-0x58(%rsp),%rsp
+@@ -1077,6 +1081,7 @@ $code.=<<___;
+ .align	16
+ aesni_ccm64_decrypt_blocks:
+ .cfi_startproc
++	endbranch
+ ___
+ $code.=<<___ if ($win64);
+ 	lea	-0x58(%rsp),%rsp
+@@ -1203,6 +1208,7 @@ $code.=<<___;
+ .align	16
+ aesni_ctr32_encrypt_blocks:
+ .cfi_startproc
++	endbranch
+ 	cmp	\$1,$len
+ 	jne	.Lctr32_bulk
+ 
+@@ -1775,6 +1781,7 @@ $code.=<<___;
+ .align	16
+ aesni_xts_encrypt:
+ .cfi_startproc
++	endbranch
+ 	lea	(%rsp),%r11			# frame pointer
+ .cfi_def_cfa_register	%r11
+ 	push	%rbp
+@@ -2258,6 +2265,7 @@ $code.=<<___;
+ .align	16
+ aesni_xts_decrypt:
+ .cfi_startproc
++	endbranch
+ 	lea	(%rsp),%r11			# frame pointer
+ .cfi_def_cfa_register	%r11
+ 	push	%rbp
+@@ -2783,6 +2791,7 @@ $code.=<<___;
+ .align	32
+ aesni_ocb_encrypt:
+ .cfi_startproc
++	endbranch
+ 	lea	(%rsp),%rax
+ 	push	%rbx
+ .cfi_push	%rbx
+@@ -3249,6 +3258,7 @@ __ocb_encrypt1:
+ .align	32
+ aesni_ocb_decrypt:
+ .cfi_startproc
++	endbranch
+ 	lea	(%rsp),%rax
+ 	push	%rbx
+ .cfi_push	%rbx
+@@ -3737,6 +3747,7 @@ $code.=<<___;
+ .align	16
+ ${PREFIX}_cbc_encrypt:
+ .cfi_startproc
++	endbranch
+ 	test	$len,$len		# check length
+ 	jz	.Lcbc_ret
+ 
+diff -up openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl
+--- openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl	2020-03-19 17:00:15.974621757 +0100
+@@ -696,6 +696,7 @@ _vpaes_schedule_mangle:
+ .align	16
+ ${PREFIX}_set_encrypt_key:
+ .cfi_startproc
++	endbranch
+ ___
+ $code.=<<___ if ($win64);
+ 	lea	-0xb8(%rsp),%rsp
+@@ -746,6 +747,7 @@ $code.=<<___;
+ .align	16
+ ${PREFIX}_set_decrypt_key:
+ .cfi_startproc
++	endbranch
+ ___
+ $code.=<<___ if ($win64);
+ 	lea	-0xb8(%rsp),%rsp
+@@ -801,6 +803,7 @@ $code.=<<___;
+ .align	16
+ ${PREFIX}_encrypt:
+ .cfi_startproc
++	endbranch
+ ___
+ $code.=<<___ if ($win64);
+ 	lea	-0xb8(%rsp),%rsp
+@@ -846,6 +849,7 @@ $code.=<<___;
+ .align	16
+ ${PREFIX}_decrypt:
+ .cfi_startproc
++	endbranch
+ ___
+ $code.=<<___ if ($win64);
+ 	lea	-0xb8(%rsp),%rsp
+@@ -897,6 +901,7 @@ $code.=<<___;
+ .align	16
+ ${PREFIX}_cbc_encrypt:
+ .cfi_startproc
++	endbranch
+ 	xchg	$key,$len
+ ___
+ ($len,$key)=($key,$len);
+diff -up openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.c
+--- openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/async/arch/async_posix.c	2020-03-19 17:00:15.974621757 +0100
+@@ -34,7 +34,9 @@ void async_local_cleanup(void)
+ 
+ int async_fibre_makecontext(async_fibre *fibre)
+ {
++#ifndef USE_SWAPCONTEXT
+     fibre->env_init = 0;
++#endif
+     if (getcontext(&fibre->fibre) == 0) {
+         fibre->fibre.uc_stack.ss_sp = OPENSSL_malloc(STACKSIZE);
+         if (fibre->fibre.uc_stack.ss_sp != NULL) {
+diff -up openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.h
+--- openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet	2020-03-19 17:00:15.435631166 +0100
++++ openssl-1.1.1e/crypto/async/arch/async_posix.h	2020-03-19 17:00:15.975621739 +0100
+@@ -25,17 +25,33 @@
+ #  define ASYNC_POSIX
+ #  define ASYNC_ARCH
+ 
++#  ifdef __CET__
++/*
++ * When Intel CET is enabled, makecontext will create a different
++ * shadow stack for each context.  async_fibre_swapcontext cannot
++ * use _longjmp.  It must call swapcontext to swap shadow stack as
++ * well as normal stack.
++ */
++#   define USE_SWAPCONTEXT
++#  endif
+ #  include <ucontext.h>
+-#  include <setjmp.h>
++#  ifndef USE_SWAPCONTEXT
++#   include <setjmp.h>
++#  endif
+ 
+ typedef struct async_fibre_st {
+     ucontext_t fibre;
++#  ifndef USE_SWAPCONTEXT
+     jmp_buf env;
+     int env_init;
++#  endif
+ } async_fibre;
+ 
+ static ossl_inline int async_fibre_swapcontext(async_fibre *o, async_fibre *n, int r)
+ {
++#  ifdef USE_SWAPCONTEXT
++    swapcontext(&o->fibre, &n->fibre);
++#  else
+     o->env_init = 1;
+ 
+     if (!r || !_setjmp(o->env)) {
+@@ -44,6 +60,7 @@ static ossl_inline int async_fibre_swapc
+         else
+             setcontext(&n->fibre);
+     }
++#  endif
+ 
+     return 1;
+ }
+diff -up openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl
+--- openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl	2020-03-19 17:00:15.975621739 +0100
+@@ -685,6 +685,7 @@ $code.=<<___;
+ .align	16
+ Camellia_cbc_encrypt:
+ .cfi_startproc
++	endbranch
+ 	cmp	\$0,%rdx
+ 	je	.Lcbc_abort
+ 	push	%rbx
+diff -up openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl
+--- openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl	2020-03-19 17:00:15.975621739 +0100
+@@ -239,6 +239,7 @@ $code=<<___;
+ .align	16
+ gcm_gmult_4bit:
+ .cfi_startproc
++	endbranch
+ 	push	%rbx
+ .cfi_push	%rbx
+ 	push	%rbp		# %rbp and others are pushed exclusively in
+@@ -286,6 +287,7 @@ $code.=<<___;
+ .align	16
+ gcm_ghash_4bit:
+ .cfi_startproc
++	endbranch
+ 	push	%rbx
+ .cfi_push	%rbx
+ 	push	%rbp
+@@ -612,6 +614,7 @@ $code.=<<___;
+ .align	16
+ gcm_gmult_clmul:
+ .cfi_startproc
++	endbranch
+ .L_gmult_clmul:
+ 	movdqu		($Xip),$Xi
+ 	movdqa		.Lbswap_mask(%rip),$T3
+@@ -663,6 +666,7 @@ $code.=<<___;
+ .align	32
+ gcm_ghash_clmul:
+ .cfi_startproc
++	endbranch
+ .L_ghash_clmul:
+ ___
+ $code.=<<___ if ($win64);
+@@ -1166,6 +1170,7 @@ $code.=<<___;
+ .align	32
+ gcm_gmult_avx:
+ .cfi_startproc
++	endbranch
+ 	jmp	.L_gmult_clmul
+ .cfi_endproc
+ .size	gcm_gmult_avx,.-gcm_gmult_avx
+@@ -1177,6 +1182,7 @@ $code.=<<___;
+ .align	32
+ gcm_ghash_avx:
+ .cfi_startproc
++	endbranch
+ ___
+ if ($avx) {
+ my ($Xip,$Htbl,$inp,$len)=@_4args;
+diff -up openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet openssl-1.1.1e/crypto/perlasm/cbc.pl
+--- openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/perlasm/cbc.pl	2020-03-19 17:00:15.976621722 +0100
+@@ -165,21 +165,28 @@ sub cbc
+ 	&jmp_ptr($count);
+ 
+ &set_label("ej7");
++	&endbranch()
+ 	&movb(&HB("edx"),	&BP(6,$in,"",0));
+ 	&shl("edx",8);
+ &set_label("ej6");
++	&endbranch()
+ 	&movb(&HB("edx"),	&BP(5,$in,"",0));
+ &set_label("ej5");
++	&endbranch()
+ 	&movb(&LB("edx"),	&BP(4,$in,"",0));
+ &set_label("ej4");
++	&endbranch()
+ 	&mov("ecx",		&DWP(0,$in,"",0));
+ 	&jmp(&label("ejend"));
+ &set_label("ej3");
++	&endbranch()
+ 	&movb(&HB("ecx"),	&BP(2,$in,"",0));
+ 	&shl("ecx",8);
+ &set_label("ej2");
++	&endbranch()
+ 	&movb(&HB("ecx"),	&BP(1,$in,"",0));
+ &set_label("ej1");
++	&endbranch()
+ 	&movb(&LB("ecx"),	&BP(0,$in,"",0));
+ &set_label("ejend");
+ 
+diff -up openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl
+--- openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl	2020-03-19 17:00:15.984621582 +0100
+@@ -101,6 +101,33 @@ elsif (!$gas)
+     $decor="\$L\$";
+ }
+ 
++my $cet_property;
++if ($flavour =~ /elf/) {
++	# Always generate .note.gnu.property section for ELF outputs to
++	# mark Intel CET support since all input files must be marked
++	# with Intel CET support in order for linker to mark output with
++	# Intel CET support.
++	my $p2align=3; $p2align=2 if ($flavour eq "elf32");
++	$cet_property = <<_____;
++	.section ".note.gnu.property", "a"
++	.p2align $p2align
++	.long 1f - 0f
++	.long 4f - 1f
++	.long 5
++0:
++	.asciz "GNU"
++1:
++	.p2align $p2align
++	.long 0xc0000002
++	.long 3f - 2f
++2:
++	.long 3
++3:
++	.p2align $p2align
++4:
++_____
++}
++
+ my $current_segment;
+ my $current_function;
+ my %globals;
+@@ -1213,6 +1240,7 @@ while(defined(my $line=<>)) {
+     print $line,"\n";
+ }
+ 
++print "$cet_property"			if ($cet_property);
+ print "\n$current_segment\tENDS\n"	if ($current_segment && $masm);
+ print "END\n"				if ($masm);
+ 
+diff -up openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86gas.pl
+--- openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/perlasm/x86gas.pl	2020-03-19 17:00:15.985621565 +0100
+@@ -124,6 +124,7 @@ sub ::function_begin_B
+     push(@out,".align\t$align\n");
+     push(@out,"$func:\n");
+     push(@out,"$begin:\n")		if ($global);
++    &::endbranch();
+     $::stack=4;
+ }
+ 
+@@ -172,6 +173,26 @@ sub ::file_end
+ 	else		{ push (@out,"$tmp\n"); }
+     }
+     push(@out,$initseg) if ($initseg);
++    if ($::elf) {
++	push(@out,"
++	.section \".note.gnu.property\", \"a\"
++	.p2align 2
++	.long 1f - 0f
++	.long 4f - 1f
++	.long 5
++0:
++	.asciz \"GNU\"
++1:
++	.p2align 2
++	.long 0xc0000002
++	.long 3f - 2f
++2:
++	.long 3
++3:
++	.p2align 2
++4:
++");
++    }
+ }
+ 
+ sub ::data_byte	{   push(@out,".byte\t".join(',',@_)."\n");   }
+diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl
+--- openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet	2020-03-19 17:00:38.185234015 +0100
++++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl	2020-03-19 17:05:46.575850341 +0100
+@@ -2806,6 +2806,7 @@ $code.=<<___;
+ .align	32
+ poly1305_blocks_vpmadd52:
+ .cfi_startproc
++	endbranch
+ 	shr	\$4,$len
+ 	jz	.Lno_data_vpmadd52		# too short
+ 
+@@ -3739,6 +3740,7 @@ $code.=<<___;
+ .align	32
+ poly1305_emit_base2_44:
+ .cfi_startproc
++	endbranch
+ 	mov	0($ctx),%r8	# load hash value
+ 	mov	8($ctx),%r9
+ 	mov	16($ctx),%r10
+diff -up openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl
+--- openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet	2020-03-19 17:00:38.190233928 +0100
++++ openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl	2020-03-19 17:05:02.598618064 +0100
+@@ -140,6 +140,7 @@ $code=<<___;
+ .align	16
+ RC4:
+ .cfi_startproc
++	endbranch
+ 	or	$len,$len
+ 	jne	.Lentry
+ 	ret
+@@ -455,6 +456,7 @@ $code.=<<___;
+ .align	16
+ RC4_set_key:
+ .cfi_startproc
++	endbranch
+ 	lea	8($dat),$dat
+ 	lea	($inp,$len),$inp
+ 	neg	$len
+@@ -529,6 +531,7 @@ RC4_set_key:
+ .align	16
+ RC4_options:
+ .cfi_startproc
++	endbranch
+ 	lea	.Lopts(%rip),%rax
+ 	mov	OPENSSL_ia32cap_P(%rip),%edx
+ 	bt	\$20,%edx
+diff -up openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet openssl-1.1.1e/crypto/x86_64cpuid.pl
+--- openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet	2020-03-17 15:31:17.000000000 +0100
++++ openssl-1.1.1e/crypto/x86_64cpuid.pl	2020-03-19 17:03:58.172742775 +0100
+@@ -40,6 +40,7 @@ print<<___;
+ .align	16
+ OPENSSL_atomic_add:
+ .cfi_startproc
++	endbranch
+ 	movl	($arg1),%eax
+ .Lspin:	leaq	($arg2,%rax),%r8
+ 	.byte	0xf0		# lock
+@@ -56,6 +57,7 @@ OPENSSL_atomic_add:
+ .align	16
+ OPENSSL_rdtsc:
+ .cfi_startproc
++	endbranch
+ 	rdtsc
+ 	shl	\$32,%rdx
+ 	or	%rdx,%rax
+@@ -68,6 +70,7 @@ OPENSSL_rdtsc:
+ .align	16
+ OPENSSL_ia32_cpuid:
+ .cfi_startproc
++	endbranch
+ 	mov	%rbx,%r8		# save %rbx
+ .cfi_register	%rbx,%r8
+ 
+@@ -237,6 +240,7 @@ OPENSSL_ia32_cpuid:
+ .align  16
+ OPENSSL_cleanse:
+ .cfi_startproc
++	endbranch
+ 	xor	%rax,%rax
+ 	cmp	\$15,$arg2
+ 	jae	.Lot
+@@ -274,6 +278,7 @@ OPENSSL_cleanse:
+ .align  16
+ CRYPTO_memcmp:
+ .cfi_startproc
++	endbranch
+ 	xor	%rax,%rax
+ 	xor	%r10,%r10
+ 	cmp	\$0,$arg3
+@@ -312,6 +317,7 @@ print<<___ if (!$win64);
+ .align	16
+ OPENSSL_wipe_cpu:
+ .cfi_startproc
++	endbranch
+ 	pxor	%xmm0,%xmm0
+ 	pxor	%xmm1,%xmm1
+ 	pxor	%xmm2,%xmm2
+@@ -346,6 +352,8 @@ print<<___ if ($win64);
+ .type	OPENSSL_wipe_cpu,\@abi-omnipotent
+ .align	16
+ OPENSSL_wipe_cpu:
++.cfi_startproc
++	endbranch
+ 	pxor	%xmm0,%xmm0
+ 	pxor	%xmm1,%xmm1
+ 	pxor	%xmm2,%xmm2
+@@ -376,6 +384,7 @@ print<<___;
+ .align	16
+ OPENSSL_instrument_bus:
+ .cfi_startproc
++	endbranch
+ 	mov	$arg1,$out	# tribute to Win64
+ 	mov	$arg2,$cnt
+ 	mov	$arg2,$max
+@@ -410,6 +419,7 @@ OPENSSL_instrument_bus:
+ .align	16
+ OPENSSL_instrument_bus2:
+ .cfi_startproc
++	endbranch
+ 	mov	$arg1,$out	# tribute to Win64
+ 	mov	$arg2,$cnt
+ 	mov	$arg3,$max
+@@ -465,6 +475,7 @@ print<<___;
+ .align	16
+ OPENSSL_ia32_${rdop}_bytes:
+ .cfi_startproc
++	endbranch
+ 	xor	%rax, %rax	# return value
+ 	cmp	\$0,$arg2
+ 	je	.Ldone_${rdop}_bytes

openssl-1.1.1-kdf-selftest.patch

@@ -0,0 +1,170 @@
+diff -up openssl-1.1.1g/crypto/fips/build.info.kdf-selftest openssl-1.1.1g/crypto/fips/build.info
+--- openssl-1.1.1g/crypto/fips/build.info.kdf-selftest	2020-06-03 16:08:36.274849058 +0200
++++ openssl-1.1.1g/crypto/fips/build.info	2020-06-03 16:11:05.609079372 +0200
+@@ -5,7 +5,7 @@ SOURCE[../../libcrypto]=\
+         fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
+         fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \
+         fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \
+-        fips_dh_selftest.c fips_ers.c
++        fips_dh_selftest.c fips_kdf_selftest.c fips_ers.c
+ 
+ PROGRAMS_NO_INST=\
+           fips_standalone_hmac
+diff -up openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c
+--- openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest	2020-06-03 16:08:36.337849577 +0200
++++ openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c	2020-06-03 16:08:36.337849577 +0200
+@@ -0,0 +1,117 @@
++/*
++ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
++ * Copyright (c) 2018-2019, Oracle and/or its affiliates.  All rights reserved.
++ *
++ * Licensed under the Apache License 2.0 (the "License").  You may not use
++ * this file except in compliance with the License.  You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++#include <string.h>
++#include <openssl/err.h>
++#include <openssl/fips.h>
++#include "crypto/fips.h"
++
++#include <openssl/evp.h>
++#include <openssl/kdf.h>
++
++#ifdef OPENSSL_FIPS
++int FIPS_selftest_pbkdf2(void)
++{
++    int ret = 0;
++    EVP_KDF_CTX *kctx;
++    unsigned char out[32];
++
++    if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) {
++        goto err;
++    }
++    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) {
++        goto err;
++    }
++    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) {
++        goto err;
++    }
++    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) {
++        goto err;
++    }
++    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
++        goto err;
++    }
++    if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
++        goto err;
++    }
++
++    {
++        const unsigned char expected[sizeof(out)] = {
++            0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3,
++            0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0,
++            0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf,
++            0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43
++        };
++        if (memcmp(out, expected, sizeof(expected))) {
++            goto err;
++        }
++    }
++    ret = 1;
++
++err:
++    if (!ret)
++        FIPSerr(FIPS_F_FIPS_SELFTEST_PBKDF2, FIPS_R_SELFTEST_FAILED);
++    EVP_KDF_CTX_free(kctx);
++    return ret;
++}
++
++/* Test vector from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos
++ * 5) appendix A. */
++int FIPS_selftest_kbkdf(void)
++{
++    int ret = 0;
++    EVP_KDF_CTX *kctx;
++    char *label = "prf", *prf_input = "test";
++    static unsigned char input_key[] = {
++        0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
++        0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
++    };
++    static unsigned char output[] = {
++        0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
++        0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
++        0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
++        0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
++    };
++    unsigned char result[sizeof(output)] = { 0 };
++
++    if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) {
++        goto err;
++    }
++    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) {
++        goto err;
++    }
++    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
++        goto err;
++    }
++    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) {
++        goto err;
++    }
++    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) {
++        goto err;
++    }
++    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) {
++        goto err;
++    }
++    ret = EVP_KDF_derive(kctx, result, sizeof(result)) > 0
++        && memcmp(result, output, sizeof(output)) == 0;
++err:
++
++    if (!ret)
++        FIPSerr(FIPS_F_FIPS_SELFTEST_KBKDF, FIPS_R_SELFTEST_FAILED);
++    EVP_KDF_CTX_free(kctx);
++    return ret;
++}
++
++int FIPS_selftest_kdf(void)
++{
++    return FIPS_selftest_pbkdf2() && FIPS_selftest_kbkdf();
++}
++
++#endif
+diff -up openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_post.c
+--- openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest	2020-06-03 16:08:36.332849536 +0200
++++ openssl-1.1.1g/crypto/fips/fips_post.c	2020-06-03 16:08:36.338849585 +0200
+@@ -111,6 +111,8 @@ int FIPS_selftest(void)
+         rv = 0;
+     if (!FIPS_selftest_ecdh())
+         rv = 0;
++    if (!FIPS_selftest_kdf())
++        rv = 0;
+     return rv;
+ }
+ 
+diff -up openssl-1.1.1g/include/crypto/fips.h.kdf-selftest openssl-1.1.1g/include/crypto/fips.h
+--- openssl-1.1.1g/include/crypto/fips.h.kdf-selftest	2020-06-03 16:08:36.330849519 +0200
++++ openssl-1.1.1g/include/crypto/fips.h	2020-06-03 16:08:36.338849585 +0200
+@@ -72,6 +72,9 @@ void FIPS_drbg_stick(int onoff);
+ int FIPS_selftest_hmac(void);
+ int FIPS_selftest_drbg(void);
+ int FIPS_selftest_cmac(void);
++int FIPS_selftest_kbkdf(void);
++int FIPS_selftest_pbkdf2(void);
++int FIPS_selftest_kdf(void);
+ 
+ int fips_in_post(void);
+ 
+diff -up openssl-1.1.1g/include/openssl/fips.h.kdf-selftest openssl-1.1.1g/include/openssl/fips.h
+--- openssl-1.1.1g/include/openssl/fips.h.kdf-selftest	2020-06-03 16:08:36.282849124 +0200
++++ openssl-1.1.1g/include/openssl/fips.h	2020-06-03 16:08:36.338849585 +0200
+@@ -123,6 +123,8 @@ extern "C" {
+ # define FIPS_F_FIPS_SELFTEST_DSA                         112
+ # define FIPS_F_FIPS_SELFTEST_ECDSA                       133
+ # define FIPS_F_FIPS_SELFTEST_HMAC                        113
++# define FIPS_F_FIPS_SELFTEST_KBKDF                       151
++# define FIPS_F_FIPS_SELFTEST_PBKDF2                      152
+ # define FIPS_F_FIPS_SELFTEST_SHA1                        115
+ # define FIPS_F_FIPS_SELFTEST_SHA2                        105
+ # define FIPS_F_OSSL_ECDSA_SIGN_SIG                       143

openssl-1.1.1-man-rename.patch

@@ -0,0 +1,19 @@
+diff -up openssl-1.1.1-pre9/doc/man1/openssl.pod.man-rename openssl-1.1.1-pre9/doc/man1/openssl.pod
+--- openssl-1.1.1-pre9/doc/man1/openssl.pod.man-rename	2018-08-21 14:14:13.000000000 +0200
++++ openssl-1.1.1-pre9/doc/man1/openssl.pod	2018-08-22 12:13:04.092568064 +0200
+@@ -482,13 +482,13 @@ L<dhparam(1)>, L<dsa(1)>, L<dsaparam(1)>
+ L<ec(1)>, L<ecparam(1)>,
+ L<enc(1)>, L<engine(1)>, L<errstr(1)>, L<gendsa(1)>, L<genpkey(1)>,
+ L<genrsa(1)>, L<nseq(1)>, L<ocsp(1)>,
+-L<passwd(1)>,
+ L<pkcs12(1)>, L<pkcs7(1)>, L<pkcs8(1)>,
+ L<pkey(1)>, L<pkeyparam(1)>, L<pkeyutl(1)>, L<prime(1)>,
+-L<rand(1)>, L<rehash(1)>, L<req(1)>, L<rsa(1)>,
++L<rehash(1)>, L<req(1)>, L<rsa(1)>,
+ L<rsautl(1)>, L<s_client(1)>,
+ L<s_server(1)>, L<s_time(1)>, L<sess_id(1)>,
+ L<smime(1)>, L<speed(1)>, L<spkac(1)>, L<srp(1)>, L<storeutl(1)>,
++L<sslpasswd(1)>, L<sslrand(1)>,
+ L<ts(1)>,
+ L<verify(1)>, L<version(1)>, L<x509(1)>,
+ L<crypto(7)>, L<ssl(7)>, L<x509v3_config(5)>

openssl-1.1.1-no-brainpool.patch

@@ -0,0 +1,112 @@
+diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in
+--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool	2019-09-10 15:13:07.000000000 +0200
++++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in	2019-09-13 15:11:07.358687169 +0200
+@@ -147,22 +147,22 @@ our @tests = (
+     {
+         name => "ECDSA with brainpool",
+         server =>  {
+-            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
+-            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
+-            "Groups" => "brainpoolP256r1",
++            "Certificate" => test_pem("server-ecdsa-cert.pem"),
++            "PrivateKey" => test_pem("server-ecdsa-key.pem"),
++#            "Groups" => "brainpoolP256r1",
+         },
+         client => {
+             #We don't restrict this to TLSv1.2, although use of brainpool
+             #should force this anyway so that this should succeed
+             "CipherString" => "aECDSA",
+             "RequestCAFile" => test_pem("root-cert.pem"),
+-            "Groups" => "brainpoolP256r1",
++#            "Groups" => "brainpoolP256r1",
+         },
+         test   => {
+-            "ExpectedServerCertType" =>, "brainpoolP256r1",
+-            "ExpectedServerSignType" =>, "EC",
++#            "ExpectedServerCertType" =>, "brainpoolP256r1",
++#            "ExpectedServerSignType" =>, "EC",
+             # Note: certificate_authorities not sent for TLS < 1.3
+-            "ExpectedServerCANames" =>, "empty",
++#            "ExpectedServerCANames" =>, "empty",
+             "ExpectedResult" => "Success"
+         },
+     },
+@@ -853,18 +853,18 @@ my @tests_tls_1_3 = (
+     {
+         name => "TLS 1.3 ECDSA with brainpool",
+         server =>  {
+-            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
+-            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
+-            "Groups" => "brainpoolP256r1",
++            "Certificate" => test_pem("server-ecdsa-cert.pem"),
++            "PrivateKey" => test_pem("server-ecdsa-key.pem"),
++#            "Groups" => "brainpoolP256r1",
+         },
+         client => {
+             "RequestCAFile" => test_pem("root-cert.pem"),
+-            "Groups" => "brainpoolP256r1",
++#            "Groups" => "brainpoolP256r1",
+             "MinProtocol" => "TLSv1.3",
+             "MaxProtocol" => "TLSv1.3"
+         },
+         test   => {
+-            "ExpectedResult" => "ServerFail"
++            "ExpectedResult" => "Success"
+         },
+     },
+ );
+diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf
+--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool	2019-09-10 15:13:07.000000000 +0200
++++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf	2019-09-13 15:12:27.380288469 +0200
+@@ -238,23 +238,18 @@ server = 5-ECDSA with brainpool-server
+ client = 5-ECDSA with brainpool-client
+ 
+ [5-ECDSA with brainpool-server]
+-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
++Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ CipherString = DEFAULT
+-Groups = brainpoolP256r1
+-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
++PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+ 
+ [5-ECDSA with brainpool-client]
+ CipherString = aECDSA
+-Groups = brainpoolP256r1
+ RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+ VerifyMode = Peer
+ 
+ [test-5]
+ ExpectedResult = Success
+-ExpectedServerCANames = empty
+-ExpectedServerCertType = brainpoolP256r1
+-ExpectedServerSignType = EC
+ 
+ 
+ # ===========================================================
+@@ -1713,14 +1708,12 @@ server = 52-TLS 1.3 ECDSA with brainpool
+ client = 52-TLS 1.3 ECDSA with brainpool-client
+ 
+ [52-TLS 1.3 ECDSA with brainpool-server]
+-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
++Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ CipherString = DEFAULT
+-Groups = brainpoolP256r1
+-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
++PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+ 
+ [52-TLS 1.3 ECDSA with brainpool-client]
+ CipherString = DEFAULT
+-Groups = brainpoolP256r1
+ MaxProtocol = TLSv1.3
+ MinProtocol = TLSv1.3
+ RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+@@ -1728,7 +1721,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro
+ VerifyMode = Peer
+ 
+ [test-52]
+-ExpectedResult = ServerFail
++ExpectedResult = Success
+ 
+ 
+ # ===========================================================

openssl-1.1.1-no-html.patch

@@ -0,0 +1,12 @@
+diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html openssl-1.1.1f/Configurations/unix-Makefile.tmpl
+--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html	2020-04-07 16:45:21.904083989 +0200
++++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl	2020-04-07 16:45:56.218461895 +0200
+@@ -544,7 +544,7 @@ install_sw: install_dev install_engines
+ 
+ uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
+ 
+-install_docs: install_man_docs install_html_docs
++install_docs: install_man_docs
+ 
+ uninstall_docs: uninstall_man_docs uninstall_html_docs
+ 	$(RM) -r "$(DESTDIR)$(DOCDIR)"

openssl-1.1.1-no-weak-verify.patch

@@ -0,0 +1,26 @@
+diff -up openssl-1.1.1b/crypto/asn1/a_verify.c.no-weak-verify openssl-1.1.1b/crypto/asn1/a_verify.c
+--- openssl-1.1.1b/crypto/asn1/a_verify.c.no-weak-verify	2019-02-26 15:15:30.000000000 +0100
++++ openssl-1.1.1b/crypto/asn1/a_verify.c	2019-02-28 11:25:31.531862873 +0100
+@@ -7,6 +7,9 @@
+  * https://www.openssl.org/source/license.html
+  */
+ 
++/* for secure_getenv */
++#define _GNU_SOURCE
++
+ #include <stdio.h>
+ #include <time.h>
+ #include <sys/types.h>
+@@ -130,6 +133,12 @@ int ASN1_item_verify(const ASN1_ITEM *it
+         if (ret != 2)
+             goto err;
+         ret = -1;
++    } else if ((mdnid == NID_md5
++               && secure_getenv("OPENSSL_ENABLE_MD5_VERIFY") == NULL) ||
++               mdnid == NID_md4 || mdnid == NID_md2 || mdnid == NID_sha) {
++        ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
++                ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
++        goto err;
+     } else {
+         const EVP_MD *type = EVP_get_digestbynid(mdnid);
+ 

openssl-1.1.1-rewire-fips-drbg.patch

@@ -0,0 +1,170 @@
+diff -up openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_lib.c
+--- openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg	2020-06-22 13:32:47.611852927 +0200
++++ openssl-1.1.1g/crypto/fips/fips_drbg_lib.c	2020-06-22 13:32:47.675852917 +0200
+@@ -337,6 +337,19 @@ static int drbg_reseed(DRBG_CTX *dctx,
+ int FIPS_drbg_reseed(DRBG_CTX *dctx,
+                      const unsigned char *adin, size_t adinlen)
+ {
++    int len = (int)adinlen;
++
++    if (len < 0 || (size_t)len != adinlen) {
++        FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG);
++        return 0;
++    }
++    RAND_seed(adin, len);
++    return 1;
++}
++
++int FIPS_drbg_reseed_internal(DRBG_CTX *dctx,
++                     const unsigned char *adin, size_t adinlen)
++{
+     return drbg_reseed(dctx, adin, adinlen, 1);
+ }
+ 
+@@ -358,6 +371,19 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, u
+                        int prediction_resistance,
+                        const unsigned char *adin, size_t adinlen)
+ {
++    int len = (int)outlen;
++
++    if (len < 0 || (size_t)len != outlen) {
++        FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG);
++        return 0;
++    }
++    return RAND_bytes(out, len);
++}
++
++int FIPS_drbg_generate_internal(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
++                       int prediction_resistance,
++                       const unsigned char *adin, size_t adinlen)
++{
+     int r = 0;
+ 
+     if (FIPS_selftest_failed()) {
+diff -up openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_rand.c
+--- openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg	2020-06-22 13:32:47.611852927 +0200
++++ openssl-1.1.1g/crypto/fips/fips_drbg_rand.c	2020-06-22 13:32:47.675852917 +0200
+@@ -57,6 +57,8 @@
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
+ #include <openssl/fips.h>
++#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
++#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
+ #include <openssl/fips_rand.h>
+ #include "fips_rand_lcl.h"
+ 
+diff -up openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c
+--- openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg	2020-06-22 13:32:47.612852927 +0200
++++ openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c	2020-06-22 13:32:47.675852917 +0200
+@@ -55,6 +55,8 @@
+ #include <openssl/crypto.h>
+ #include <openssl/err.h>
+ #include <openssl/fips.h>
++#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
++#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
+ #include <openssl/fips_rand.h>
+ #include "fips_rand_lcl.h"
+ #include "fips_locl.h"
+diff -up openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_post.c
+--- openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg	2020-06-22 13:32:47.672852918 +0200
++++ openssl-1.1.1g/crypto/fips/fips_post.c	2020-06-22 13:32:47.675852917 +0200
+@@ -79,8 +79,6 @@ int FIPS_selftest(void)
+         ERR_add_error_data(2, "Type=", "rand_drbg_selftest");
+         rv = 0;
+     }
+-    if (!FIPS_selftest_drbg())
+-        rv = 0;
+     if (!FIPS_selftest_sha1())
+         rv = 0;
+     if (!FIPS_selftest_sha2())
+diff -up openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_rand_lib.c
+--- openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg	2020-06-22 13:32:47.613852927 +0200
++++ openssl-1.1.1g/crypto/fips/fips_rand_lib.c	2020-06-22 13:36:28.722817967 +0200
+@@ -120,6 +120,7 @@ void FIPS_rand_reset(void)
+ 
+ int FIPS_rand_seed(const void *buf, int num)
+ {
++#if 0
+     if (!fips_approved_rand_meth && FIPS_module_mode()) {
+         FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD);
+         return 0;
+@@ -127,10 +128,15 @@ int FIPS_rand_seed(const void *buf, int
+     if (fips_rand_meth && fips_rand_meth->seed)
+         fips_rand_meth->seed(buf, num);
+     return 1;
++#else
++    RAND_seed(buf, num);
++    return 1;
++#endif
+ }
+ 
+ int FIPS_rand_bytes(unsigned char *buf, int num)
+ {
++#if 0
+     if (!fips_approved_rand_meth && FIPS_module_mode()) {
+         FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD);
+         return 0;
+@@ -138,10 +144,14 @@ int FIPS_rand_bytes(unsigned char *buf,
+     if (fips_rand_meth && fips_rand_meth->bytes)
+         return fips_rand_meth->bytes(buf, num);
+     return 0;
++#else
++    return RAND_bytes(buf, num);
++#endif
+ }
+ 
+ int FIPS_rand_status(void)
+ {
++#if 0
+     if (!fips_approved_rand_meth && FIPS_module_mode()) {
+         FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD);
+         return 0;
+@@ -149,6 +159,9 @@ int FIPS_rand_status(void)
+     if (fips_rand_meth && fips_rand_meth->status)
+         return fips_rand_meth->status();
+     return 0;
++#else
++    return RAND_status();
++#endif
+ }
+ 
+ /* Return instantiated strength of PRNG. For DRBG this is an internal
+diff -up openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips.h
+--- openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg	2020-06-22 13:32:47.672852918 +0200
++++ openssl-1.1.1g/include/openssl/fips.h	2020-06-22 13:32:47.675852917 +0200
+@@ -64,6 +64,11 @@ extern "C" {
+ 
+     int FIPS_selftest(void);
+     int FIPS_selftest_failed(void);
++
++    /*
++     * This function is deprecated as it performs selftest of the old FIPS drbg
++     * implementation that is not validated.
++     */
+     int FIPS_selftest_drbg_all(void);
+ 
+     int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
+diff -up openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips_rand.h
+--- openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg	2020-06-22 13:32:47.617852926 +0200
++++ openssl-1.1.1g/include/openssl/fips_rand.h	2020-06-22 13:32:47.675852917 +0200
+@@ -60,6 +60,20 @@
+ #  ifdef  __cplusplus
+ extern "C" {
+ #  endif
++
++/*
++ * IMPORTANT NOTE:
++ * All functions in this header file are deprecated and should not be used
++ * as they use the old FIPS_drbg implementation that is not FIPS validated
++ * anymore.
++ * To provide backwards compatibility for applications that need FIPS compliant
++ * RNG number generation and use FIPS_drbg_generate, this function was
++ * re-wired to call the FIPS validated DRBG instance instead through
++ * the RAND_bytes() call.
++ *
++ * All these functions will be removed in future.
++ */
++
+     typedef struct drbg_ctx_st DRBG_CTX;
+ /* DRBG external flags */
+ /* Flag for CTR mode only: use derivation function ctr_df */

openssl-1.1.1-seclevel.patch

@@ -0,0 +1,160 @@
+diff -up openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1g/crypto/x509/x509_vfy.c
+--- openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel	2020-04-21 14:22:39.000000000 +0200
++++ openssl-1.1.1g/crypto/x509/x509_vfy.c	2020-06-05 17:16:54.835536823 +0200
+@@ -3225,6 +3225,7 @@ static int build_chain(X509_STORE_CTX *c
+ }
+ 
+ static const int minbits_table[] = { 80, 112, 128, 192, 256 };
++static const int minbits_digest_table[] = { 80, 80, 128, 192, 256 };
+ static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table);
+ 
+ /*
+@@ -3276,6 +3277,11 @@ static int check_sig_level(X509_STORE_CT
+ 
+     if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL))
+         return 0;
+-
+-    return secbits >= minbits_table[level - 1];
++    /*
++     * Allow SHA1 in SECLEVEL 2 in non-FIPS mode or when the magic
++     * disable SHA1 flag is not set.
++     */
++    if ((ctx->param->flags & 0x40000000) || FIPS_mode())
++        return secbits >= minbits_table[level - 1];
++    return secbits >= minbits_digest_table[level - 1];
+ }
+diff -up openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod
+--- openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel	2020-04-21 14:22:39.000000000 +0200
++++ openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod	2020-06-04 15:48:01.608178833 +0200
+@@ -81,8 +81,10 @@ using MD5 for the MAC is also prohibited
+ 
+ =item B<Level 2>
+ 
+-Security level set to 112 bits of security. As a result RSA, DSA and DH keys
+-shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited.
++Security level set to 112 bits of security with the exception of SHA1 allowed
++for signatures.
++As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys
++shorter than 224 bits are prohibited.
+ In addition to the level 1 exclusions any cipher suite using RC4 is also
+ prohibited. SSL version 3 is also not allowed. Compression is disabled.
+ 
+diff -up openssl-1.1.1g/ssl/ssl_cert.c.seclevel openssl-1.1.1g/ssl/ssl_cert.c
+--- openssl-1.1.1g/ssl/ssl_cert.c.seclevel	2020-04-21 14:22:39.000000000 +0200
++++ openssl-1.1.1g/ssl/ssl_cert.c	2020-06-05 17:10:11.842198401 +0200
+@@ -27,6 +27,7 @@
+ static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
+                                          int op, int bits, int nid, void *other,
+                                          void *ex);
++static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx);
+ 
+ static CRYPTO_ONCE ssl_x509_store_ctx_once = CRYPTO_ONCE_STATIC_INIT;
+ static volatile int ssl_x509_store_ctx_idx = -1;
+@@ -396,7 +397,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_
+     X509_VERIFY_PARAM_set_auth_level(param, SSL_get_security_level(s));
+ 
+     /* Set suite B flags if needed */
+-    X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s));
++    X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s) | sha1_disable(s, NULL));
+     if (!X509_STORE_CTX_set_ex_data
+         (ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s)) {
+         goto end;
+@@ -953,12 +954,33 @@ static int ssl_security_default_callback
+             return 0;
+         break;
+     default:
++        /* allow SHA1 in SECLEVEL 2 in non FIPS mode */
++        if (nid == NID_sha1 && minbits == 112 && !sha1_disable(s, ctx))
++            break;
+         if (bits < minbits)
+             return 0;
+     }
+     return 1;
+ }
+ 
++static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx)
++{
++    unsigned long ret = 0x40000000; /* a magical internal value used by X509_VERIFY_PARAM */
++    const CERT *c;
++
++    if (FIPS_mode())
++        return ret;
++
++    if (ctx != NULL) {
++       c = ctx->cert;
++    } else {
++       c = s->cert;
++    }
++    if (tls1_cert_sigalgs_have_sha1(c))
++        return 0;
++    return ret;
++}
++
+ int ssl_security(const SSL *s, int op, int bits, int nid, void *other)
+ {
+     return s->cert->sec_cb(s, NULL, op, bits, nid, other, s->cert->sec_ex);
+diff -up openssl-1.1.1g/ssl/ssl_local.h.seclevel openssl-1.1.1g/ssl/ssl_local.h
+--- openssl-1.1.1g/ssl/ssl_local.h.seclevel	2020-06-04 15:48:01.602178783 +0200
++++ openssl-1.1.1g/ssl/ssl_local.h	2020-06-05 17:02:22.666313410 +0200
+@@ -2576,6 +2576,7 @@ __owur int tls1_save_sigalgs(SSL *s, PAC
+ __owur int tls1_process_sigalgs(SSL *s);
+ __owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey);
+ __owur int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd);
++int tls1_cert_sigalgs_have_sha1(const CERT *c);
+ __owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs);
+ #  ifndef OPENSSL_NO_EC
+ __owur int tls_check_sigalg_curve(const SSL *s, int curve);
+diff -up openssl-1.1.1g/ssl/t1_lib.c.seclevel openssl-1.1.1g/ssl/t1_lib.c
+--- openssl-1.1.1g/ssl/t1_lib.c.seclevel	2020-06-04 15:48:01.654179221 +0200
++++ openssl-1.1.1g/ssl/t1_lib.c	2020-06-05 17:02:40.268459157 +0200
+@@ -2145,6 +2145,36 @@ int tls1_set_sigalgs(CERT *c, const int
+     return 0;
+ }
+ 
++static int tls1_sigalgs_have_sha1(const uint16_t *sigalgs, size_t sigalgslen)
++{
++    size_t i;
++
++    for (i = 0; i < sigalgslen; i++, sigalgs++) {
++        const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(*sigalgs);
++
++        if (lu == NULL)
++            continue;
++        if (lu->hash == NID_sha1)
++            return 1;
++    }
++    return 0;
++}
++
++
++int tls1_cert_sigalgs_have_sha1(const CERT *c)
++{
++    if (c->client_sigalgs != NULL) {
++        if (tls1_sigalgs_have_sha1(c->client_sigalgs, c->client_sigalgslen))
++            return 1;
++    }
++    if (c->conf_sigalgs != NULL) {
++        if (tls1_sigalgs_have_sha1(c->conf_sigalgs, c->conf_sigalgslen))
++            return 1;
++        return 0;
++    }
++    return 1;
++}
++
+ static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid)
+ {
+     int sig_nid, use_pc_sigalgs = 0;
+diff -up openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel openssl-1.1.1g/test/recipes/25-test_verify.t
+--- openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel	2020-04-21 14:22:39.000000000 +0200
++++ openssl-1.1.1g/test/recipes/25-test_verify.t	2020-06-04 15:48:01.608178833 +0200
+@@ -346,8 +346,8 @@ ok(verify("ee-pss-sha1-cert", "sslserver
+ ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ),
+     "CA with PSS signature using SHA256");
+ 
+-ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"),
+-    "Reject PSS signature using SHA1 and auth level 2");
++ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "3"),
++    "Reject PSS signature using SHA1 and auth level 3");
+ 
+ ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"),
+     "PSS signature using SHA256 and auth level 2");

openssl-1.1.1-system-cipherlist.patch

@@ -0,0 +1,310 @@
+diff -up openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist openssl-1.1.1c/Configurations/unix-Makefile.tmpl
+--- openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist	2019-05-29 15:42:27.951329271 +0200
++++ openssl-1.1.1c/Configurations/unix-Makefile.tmpl	2019-05-29 15:42:27.974328867 +0200
+@@ -180,6 +180,10 @@ MANDIR=$(INSTALLTOP)/share/man
+ DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)
+ HTMLDIR=$(DOCDIR)/html
+ 
++{- output_off() if $config{system_ciphers_file} eq ""; "" -}
++SYSTEM_CIPHERS_FILE_DEFINE=-DSYSTEM_CIPHERS_FILE="\"{- $config{system_ciphers_file} -}\""
++{- output_on() if $config{system_ciphers_file} eq ""; "" -}
++
+ # MANSUFFIX is for the benefit of anyone who may want to have a suffix
+ # appended after the manpage file section number.  "ssl" is popular,
+ # resulting in files such as config.5ssl rather than config.5.
+@@ -203,6 +207,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -}
+ CXX={- $config{CXX} ? "\$(CROSS_COMPILE)$config{CXX}" : '' -}
+ CPPFLAGS={- our $cppflags1 = join(" ",
+                                   (map { "-D".$_} @{$config{CPPDEFINES}}),
++                                  "\$(SYSTEM_CIPHERS_FILE_DEFINE)",
+                                   (map { "-I".$_} @{$config{CPPINCLUDES}}),
+                                   @{$config{CPPFLAGS}}) -}
+ CFLAGS={- join(' ', @{$config{CFLAGS}}) -}
+diff -up openssl-1.1.1c/Configure.system-cipherlist openssl-1.1.1c/Configure
+--- openssl-1.1.1c/Configure.system-cipherlist	2019-05-28 15:12:21.000000000 +0200
++++ openssl-1.1.1c/Configure	2019-05-29 15:45:10.465469533 +0200
+@@ -24,7 +24,7 @@ use OpenSSL::Glob;
+ my $orig_death_handler = $SIG{__DIE__};
+ $SIG{__DIE__} = \&death_handler;
+ 
+-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
++my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
+ 
+ # Options:
+ #
+@@ -41,6 +41,9 @@ my $usage="Usage: Configure [no-<cipher>
+ #               This becomes the value of OPENSSLDIR in Makefile and in C.
+ #               (Default: PREFIX/ssl)
+ #
++# --system-ciphers-file  A file to read cipher string from when the PROFILE=SYSTEM
++#		cipher is specified (default).
++#
+ # --cross-compile-prefix Add specified prefix to binutils components.
+ #
+ # --api         One of 0.9.8, 1.0.0 or 1.1.0.  Do not compile support for
+@@ -295,6 +298,7 @@ $config{prefix}="";
+ $config{openssldir}="";
+ $config{processor}="";
+ $config{libdir}="";
++$config{system_ciphers_file}="";
+ my $auto_threads=1;    # enable threads automatically? true by default
+ my $default_ranlib;
+ 
+@@ -824,6 +828,10 @@ while (@argvcopy)
+                             push @seed_sources, $x;
+                             }
+                         }
++		elsif (/^--system-ciphers-file=(.*)$/)
++			{
++			$config{system_ciphers_file}=$1;
++			}
+                 elsif (/^--cross-compile-prefix=(.*)$/)
+                         {
+                         $user{CROSS_COMPILE}=$1;
+@@ -1016,6 +1024,8 @@ if ($target eq "HASH") {
+     exit 0;
+ }
+ 
++chop $config{system_ciphers_file} if $config{system_ciphers_file} =~ /\/$/;
++
+ print "Configuring OpenSSL version $config{version} ($config{version_num}) ";
+ print "for $target\n";
+ 
+diff -up openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist openssl-1.1.1c/doc/man1/ciphers.pod
+--- openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist	2019-05-28 15:12:21.000000000 +0200
++++ openssl-1.1.1c/doc/man1/ciphers.pod	2019-05-29 15:42:27.975328849 +0200
+@@ -182,6 +182,15 @@ As of OpenSSL 1.0.0, the B<ALL> cipher s
+ 
+ The cipher suites not enabled by B<ALL>, currently B<eNULL>.
+ 
++=item B<PROFILE=SYSTEM>
++
++The list of enabled cipher suites will be loaded from the system crypto policy
++configuration file B</etc/crypto-policies/back-ends/openssl.config>.
++See also L<update-crypto-policies(8)>.
++This is the default behavior unless an application explicitly sets a cipher
++list. If used in a cipher list configuration value this string must be at the
++beginning of the cipher list, otherwise it will not be recognized.
++
+ =item B<HIGH>
+ 
+ "High" encryption cipher suites. This currently means those with key lengths
+diff -up openssl-1.1.1c/include/openssl/ssl.h.system-cipherlist openssl-1.1.1c/include/openssl/ssl.h
+--- openssl-1.1.1c/include/openssl/ssl.h.system-cipherlist	2019-05-28 15:12:21.000000000 +0200
++++ openssl-1.1.1c/include/openssl/ssl.h	2019-05-29 15:42:27.975328849 +0200
+@@ -186,6 +186,11 @@ extern "C" {
+  * throwing out anonymous and unencrypted ciphersuites! (The latter are not
+  * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
+  */
++# ifdef SYSTEM_CIPHERS_FILE
++#  define SSL_SYSTEM_DEFAULT_CIPHER_LIST "PROFILE=SYSTEM"
++# else
++#  define SSL_SYSTEM_DEFAULT_CIPHER_LIST SSL_DEFAULT_CIPHER_LIST
++# endif
+ 
+ /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
+ # define SSL_SENT_SHUTDOWN       1
+diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ciph.c
+--- openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist	2019-05-28 15:12:21.000000000 +0200
++++ openssl-1.1.1c/ssl/ssl_ciph.c	2019-05-29 15:42:27.976328831 +0200
+@@ -9,6 +9,8 @@
+  * https://www.openssl.org/source/license.html
+  */
+ 
++/* for secure_getenv */
++#define _GNU_SOURCE
+ #include <stdio.h>
+ #include <ctype.h>
+ #include <openssl/objects.h>
+@@ -1399,6 +1401,53 @@ int SSL_set_ciphersuites(SSL *s, const c
+     return ret;
+ }
+ 
++#ifdef SYSTEM_CIPHERS_FILE
++static char *load_system_str(const char *suffix)
++{
++    FILE *fp;
++    char buf[1024];
++    char *new_rules;
++    const char *ciphers_path;
++    unsigned len, slen;
++
++    if ((ciphers_path = secure_getenv("OPENSSL_SYSTEM_CIPHERS_OVERRIDE")) == NULL)
++        ciphers_path = SYSTEM_CIPHERS_FILE;
++    fp = fopen(ciphers_path, "r");
++    if (fp == NULL || fgets(buf, sizeof(buf), fp) == NULL) {
++        /* cannot open or file is empty */
++        snprintf(buf, sizeof(buf), "%s", SSL_DEFAULT_CIPHER_LIST);
++    }
++
++    if (fp)
++        fclose(fp);
++
++    slen = strlen(suffix);
++    len = strlen(buf);
++
++    if (buf[len - 1] == '\n') {
++        len--;
++        buf[len] = 0;
++    }
++    if (buf[len - 1] == '\r') {
++        len--;
++        buf[len] = 0;
++    }
++
++    new_rules = OPENSSL_malloc(len + slen + 1);
++    if (new_rules == 0)
++        return NULL;
++
++    memcpy(new_rules, buf, len);
++    if (slen > 0) {
++        memcpy(&new_rules[len], suffix, slen);
++        len += slen;
++    }
++    new_rules[len] = 0;
++
++    return new_rules;
++}
++#endif
++
+ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
+                                              STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
+                                              STACK_OF(SSL_CIPHER) **cipher_list,
+@@ -1412,15 +1461,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+     const char *rule_p;
+     CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
+     const SSL_CIPHER **ca_list = NULL;
++#ifdef SYSTEM_CIPHERS_FILE
++    char *new_rules = NULL;
++
++    if (rule_str != NULL && strncmp(rule_str, "PROFILE=SYSTEM", 14) == 0) {
++        char *p = rule_str + 14;
++    
++        new_rules = load_system_str(p);
++        rule_str = new_rules;
++    }
++#endif
+ 
+     /*
+      * Return with error if nothing to do.
+      */
+     if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
+-        return NULL;
++        goto err;
+ #ifndef OPENSSL_NO_EC
+     if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))
+-        return NULL;
++        goto err;
+ #endif
+ 
+     /*
+@@ -1443,7 +1502,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+     co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers);
+     if (co_list == NULL) {
+         SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+-        return NULL;          /* Failure */
++        goto err;
+     }
+ 
+     ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
+@@ -1509,8 +1568,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+      * in force within each class
+      */
+     if (!ssl_cipher_strength_sort(&head, &tail)) {
+-        OPENSSL_free(co_list);
+-        return NULL;
++        goto err;
+     }
+ 
+     /*
+@@ -1555,9 +1613,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+     num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
+     ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max);
+     if (ca_list == NULL) {
+-        OPENSSL_free(co_list);
+         SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+-        return NULL;          /* Failure */
++        goto err;
+     }
+     ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
+                                disabled_mkey, disabled_auth, disabled_enc,
+@@ -1583,8 +1640,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+     OPENSSL_free(ca_list);      /* Not needed anymore */
+ 
+     if (!ok) {                  /* Rule processing failure */
+-        OPENSSL_free(co_list);
+-        return NULL;
++        goto err;
+     }
+ 
+     /*
+@@ -1592,14 +1648,18 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+      * if we cannot get one.
+      */
+     if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
+-        OPENSSL_free(co_list);
+-        return NULL;
++        goto err;
+     }
+ 
++#ifdef SYSTEM_CIPHERS_FILE
++    OPENSSL_free(new_rules);    /* Not needed anymore */
++#endif
++
+     /* Add TLSv1.3 ciphers first - we always prefer those if possible */
+     for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {
+         if (!sk_SSL_CIPHER_push(cipherstack,
+                                 sk_SSL_CIPHER_value(tls13_ciphersuites, i))) {
++            OPENSSL_free(co_list);
+             sk_SSL_CIPHER_free(cipherstack);
+             return NULL;
+         }
+@@ -1631,6 +1691,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+     *cipher_list = cipherstack;
+ 
+     return cipherstack;
++
++err:
++    OPENSSL_free(co_list);
++#ifdef SYSTEM_CIPHERS_FILE
++    OPENSSL_free(new_rules);
++#endif
++    return NULL;
++  
+ }
+ 
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
+diff -up openssl-1.1.1c/ssl/ssl_lib.c.system-cipherlist openssl-1.1.1c/ssl/ssl_lib.c
+--- openssl-1.1.1c/ssl/ssl_lib.c.system-cipherlist	2019-05-29 15:42:27.970328937 +0200
++++ openssl-1.1.1c/ssl/ssl_lib.c	2019-05-29 15:42:27.977328814 +0200
+@@ -662,7 +662,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx
+                                 ctx->tls13_ciphersuites,
+                                 &(ctx->cipher_list),
+                                 &(ctx->cipher_list_by_id),
+-                                SSL_DEFAULT_CIPHER_LIST, ctx->cert);
++                                SSL_SYSTEM_DEFAULT_CIPHER_LIST, ctx->cert);
+     if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
+         SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
+         return 0;
+@@ -2954,7 +2954,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
+     if (!ssl_create_cipher_list(ret->method,
+                                 ret->tls13_ciphersuites,
+                                 &ret->cipher_list, &ret->cipher_list_by_id,
+-                                SSL_DEFAULT_CIPHER_LIST, ret->cert)
++                                SSL_SYSTEM_DEFAULT_CIPHER_LIST, ret->cert)
+         || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
+         SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
+         goto err2;
+diff -up openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist openssl-1.1.1c/test/cipherlist_test.c
+--- openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist	2019-05-28 15:12:21.000000000 +0200
++++ openssl-1.1.1c/test/cipherlist_test.c	2019-05-29 15:42:27.977328814 +0200
+@@ -251,7 +251,9 @@ end:
+ 
+ int setup_tests(void)
+ {
++#ifndef SYSTEM_CIPHERS_FILE
+     ADD_TEST(test_default_cipherlist_implicit);
++#endif
+     ADD_TEST(test_default_cipherlist_explicit);
+     ADD_TEST(test_default_cipherlist_clear);
+     return 1;

openssl-1.1.1-ts-sha256-default.patch

@@ -0,0 +1,70 @@
+diff -up openssl-1.1.1h/apps/openssl.cnf.ts-sha256-default openssl-1.1.1h/apps/openssl.cnf
+--- openssl-1.1.1h/apps/openssl.cnf.ts-sha256-default	2020-11-06 11:07:28.850100899 +0100
++++ openssl-1.1.1h/apps/openssl.cnf	2020-11-06 11:11:28.042913791 +0100
+@@ -364,5 +348,5 @@ tsa_name		= yes	# Must the TSA name be i
+ 				# (optional, default: no)
+ ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
+ 				# (optional, default: no)
+-ess_cert_id_alg		= sha1	# algorithm to compute certificate
++ess_cert_id_alg		= sha256	# algorithm to compute certificate
+ 				# identifier (optional, default: sha1)
+diff -up openssl-1.1.1h/apps/ts.c.ts-sha256-default openssl-1.1.1h/apps/ts.c
+--- openssl-1.1.1h/apps/ts.c.ts-sha256-default	2020-09-22 14:55:07.000000000 +0200
++++ openssl-1.1.1h/apps/ts.c	2020-11-06 11:07:28.883101220 +0100
+@@ -423,7 +423,7 @@ static TS_REQ *create_query(BIO *data_bi
+     ASN1_OBJECT *policy_obj = NULL;
+     ASN1_INTEGER *nonce_asn1 = NULL;
+ 
+-    if (md == NULL && (md = EVP_get_digestbyname("sha1")) == NULL)
++    if (md == NULL && (md = EVP_get_digestbyname("sha256")) == NULL)
+         goto err;
+     if ((ts_req = TS_REQ_new()) == NULL)
+         goto err;
+diff -up openssl-1.1.1h/crypto/ts/ts_conf.c.ts-sha256-default openssl-1.1.1h/crypto/ts/ts_conf.c
+--- openssl-1.1.1h/crypto/ts/ts_conf.c.ts-sha256-default	2020-11-06 12:03:51.226372867 +0100
++++ openssl-1.1.1h/crypto/ts/ts_conf.c	2020-11-06 12:04:01.713488990 +0100
+@@ -476,7 +476,7 @@ int TS_CONF_set_ess_cert_id_digest(CONF
+     const char *md = NCONF_get_string(conf, section, ENV_ESS_CERT_ID_ALG);
+ 
+     if (md == NULL)
+-        md = "sha1";
++        md = "sha256";
+ 
+     cert_md = EVP_get_digestbyname(md);
+     if (cert_md == NULL) {
+diff -up openssl-1.1.1h/doc/man1/ts.pod.ts-sha256-default openssl-1.1.1h/doc/man1/ts.pod
+--- openssl-1.1.1h/doc/man1/ts.pod.ts-sha256-default	2020-09-22 14:55:07.000000000 +0200
++++ openssl-1.1.1h/doc/man1/ts.pod	2020-11-06 11:07:28.883101220 +0100
+@@ -518,7 +518,7 @@ included. Default is no. (Optional)
+ =item B<ess_cert_id_alg>
+ 
+ This option specifies the hash function to be used to calculate the TSA's
+-public key certificate identifier. Default is sha1. (Optional)
++public key certificate identifier. Default is sha256. (Optional)
+ 
+ =back
+ 
+@@ -530,7 +530,7 @@ openssl/apps/openssl.cnf will do.
+ 
+ =head2 Time Stamp Request
+ 
+-To create a timestamp request for design1.txt with SHA-1
++To create a timestamp request for design1.txt with SHA-256
+ without nonce and policy and no certificate is required in the response:
+ 
+   openssl ts -query -data design1.txt -no_nonce \
+@@ -546,12 +546,12 @@ To print the content of the previous req
+ 
+   openssl ts -query -in design1.tsq -text
+ 
+-To create a timestamp request which includes the MD-5 digest
++To create a timestamp request which includes the SHA-512 digest
+ of design2.txt, requests the signer certificate and nonce,
+ specifies a policy id (assuming the tsa_policy1 name is defined in the
+ OID section of the config file):
+ 
+-  openssl ts -query -data design2.txt -md5 \
++  openssl ts -query -data design2.txt -sha512 \
+         -tspolicy tsa_policy1 -cert -out design2.tsq
+ 
+ =head2 Time Stamp Response

openssl-1.1.1-version-add-engines.patch

@@ -0,0 +1,38 @@
+diff -up openssl-1.1.1-pre8/apps/version.c.version-add-engines openssl-1.1.1-pre8/apps/version.c
+--- openssl-1.1.1-pre8/apps/version.c.version-add-engines	2018-06-20 16:48:09.000000000 +0200
++++ openssl-1.1.1-pre8/apps/version.c	2018-07-16 18:00:40.608624346 +0200
+@@ -64,7 +64,7 @@ int version_main(int argc, char **argv)
+ {
+     int ret = 1, dirty = 0, seed = 0;
+     int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0;
+-    int engdir = 0;
++    int engdir = 0, engines = 0;
+     char *prog;
+     OPTION_CHOICE o;
+ 
+@@ -106,7 +106,7 @@ opthelp:
+             break;
+         case OPT_A:
+             seed = options = cflags = version = date = platform = dir = engdir
+-                = 1;
++                = engines = 1;
+             break;
+         }
+     }
+@@ -188,6 +188,16 @@ opthelp:
+ #endif
+         printf("\n");
+     }
++    if (engines) {
++        ENGINE *e;
++        printf("engines:  ");
++        e = ENGINE_get_first();
++        while (e) {
++            printf("%s ", ENGINE_get_id(e));
++            e = ENGINE_get_next(e);
++        }
++        printf("\n");
++    }
+     ret = 0;
+  end:
+     return ret;

openssl-1.1.1-version-override.patch

@@ -0,0 +1,12 @@
+diff -up openssl-1.1.1g/include/openssl/opensslv.h.version-override openssl-1.1.1g/include/openssl/opensslv.h
+--- openssl-1.1.1g/include/openssl/opensslv.h.version-override	2020-04-23 13:29:37.802673513 +0200
++++ openssl-1.1.1g/include/openssl/opensslv.h	2020-04-23 13:30:13.064008458 +0200
+@@ -40,7 +40,7 @@ extern "C" {
+  *  major minor fix final patch/beta)
+  */
+ # define OPENSSL_VERSION_NUMBER  0x1010108fL
+-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1h  22 Sep 2020"
++# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1h FIPS 22 Sep 2020"
+ 
+ /*-
+  * The macros below are to be used for shared library (.so, .dll, ...)

openssl-1.1.1-weak-ciphers.patch

@@ -0,0 +1,57 @@
+diff -up openssl-1.1.1/ssl/s3_lib.c.weak-ciphers openssl-1.1.1/ssl/s3_lib.c
+--- openssl-1.1.1/ssl/s3_lib.c.weak-ciphers	2018-09-11 14:48:23.000000000 +0200
++++ openssl-1.1.1/ssl/s3_lib.c	2018-09-17 12:53:33.850637181 +0200
+@@ -2612,7 +2612,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      SSL_GOST89MAC,
+      TLS1_VERSION, TLS1_2_VERSION,
+      0, 0,
+-     SSL_HIGH,
++     SSL_MEDIUM,
+      SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
+      256,
+      256,
+@@ -2644,7 +2644,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      SSL_GOST89MAC12,
+      TLS1_VERSION, TLS1_2_VERSION,
+      0, 0,
+-     SSL_HIGH,
++     SSL_MEDIUM,
+      SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
+      256,
+      256,
+@@ -2753,7 +2753,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      },
+ #endif                          /* OPENSSL_NO_SEED */
+ 
+-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
++#if 0 /* No MD5 ciphersuites */
+     {
+      1,
+      SSL3_TXT_RSA_RC4_128_MD5,
+@@ -2770,6 +2770,8 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      128,
+      128,
+      },
++#endif
++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+     {
+      1,
+      SSL3_TXT_RSA_RC4_128_SHA,
+@@ -2786,6 +2788,8 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      128,
+      128,
+      },
++#endif
++#if 0
+     {
+      1,
+      SSL3_TXT_ADH_RC4_128_MD5,
+@@ -2802,6 +2806,8 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      128,
+      128,
+      },
++#endif
++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+     {
+      1,
+      TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,

openssl-thread-test.c

@@ -1,400 +0,0 @@
-/* Test program to verify that RSA signing is thread-safe in OpenSSL. */
-
-#include <assert.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <limits.h>
-#include <pthread.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/rand.h>
-#include <openssl/rsa.h>
-#include <openssl/md5.h>
-#include <openssl/ssl.h>
-
-/* Just assume we want to do engine stuff if we're using 0.9.6b or
- * higher. This assumption is only valid for versions bundled with RHL. */
-#if OPENSSL_VERSION_NUMBER  >= 0x0090602fL
-#include <openssl/engine.h>
-#define USE_ENGINE
-#endif
-
-#define MAX_THREAD_COUNT	10000
-#define ITERATION_COUNT		10
-#define MAIN_COUNT		100
-
-/* OpenSSL requires us to provide thread ID and locking primitives. */
-pthread_mutex_t *mutex_locks = NULL;
-static unsigned long
-thread_id_cb(void)
-{
-	return (unsigned long) pthread_self();
-}
-static void
-lock_cb(int mode, int n, const char *file, int line)
-{
-	if (mode & CRYPTO_LOCK) {
-		pthread_mutex_lock(&mutex_locks[n]);
-	} else {
-		pthread_mutex_unlock(&mutex_locks[n]);
-	}
-}
-
-struct thread_args {
-	RSA *rsa;
-	int digest_type;
-	unsigned char *digest;
-	unsigned int digest_len;
-	unsigned char *signature;
-	unsigned int signature_len;
-	pthread_t main_thread;
-};
-
-static int print = 0;
-
-pthread_mutex_t sign_lock = PTHREAD_MUTEX_INITIALIZER;
-static int locked_sign = 0;
-static void SIGN_LOCK() {if (locked_sign) pthread_mutex_lock(&sign_lock);}
-static void SIGN_UNLOCK() {if (locked_sign) pthread_mutex_unlock(&sign_lock);}
-
-pthread_mutex_t verify_lock = PTHREAD_MUTEX_INITIALIZER;
-static int locked_verify = 0;
-static void VERIFY_LOCK() {if (locked_verify) pthread_mutex_lock(&verify_lock);}
-static void VERIFY_UNLOCK() {if (locked_verify) pthread_mutex_unlock(&verify_lock);}
-
-pthread_mutex_t failure_count_lock = PTHREAD_MUTEX_INITIALIZER;
-long failure_count = 0;
-static void
-failure()
-{
-	pthread_mutex_lock(&failure_count_lock);
-	failure_count++;
-	pthread_mutex_unlock(&failure_count_lock);
-}
-
-static void *
-thread_main(void *argp)
-{
-	struct thread_args *args = argp;
-	unsigned char *signature;
-	unsigned int signature_len, signature_alloc_len;
-	int ret, i;
-
-	signature_alloc_len = args->signature_len;
-	if (RSA_size(args->rsa) > signature_alloc_len) {
-		signature_alloc_len = RSA_size(args->rsa);
-	}
-	signature = malloc(signature_alloc_len);
-	if (signature == NULL) {
-		fprintf(stderr, "Skipping checks in thread %lu -- %s.\n",
-			(unsigned long) pthread_self(), strerror(errno));
-		pthread_exit(0);
-		return NULL;
-	}
-	for (i = 0; i < ITERATION_COUNT; i++) {
-		signature_len = signature_alloc_len;
-		SIGN_LOCK();
-		ret = RSA_check_key(args->rsa);
-		ERR_print_errors_fp(stdout);
-		if (ret != 1) {
-			failure();
-			break;
-		}
-		ret = RSA_sign(args->digest_type,
-			       args->digest,
-			       args->digest_len,
-			       signature, &signature_len,
-			       args->rsa);
-		SIGN_UNLOCK();
-		ERR_print_errors_fp(stdout);
-		if (ret != 1) {
-			failure();
-			break;
-		}
-
-		VERIFY_LOCK();
-		ret = RSA_verify(args->digest_type,
-			         args->digest,
-			         args->digest_len,
-			         signature, signature_len,
-			         args->rsa);
-		VERIFY_UNLOCK();
-		if (ret != 1) {
-			fprintf(stderr,
-				"Signature from thread %lu(%d) fails "
-				"verification (passed in thread #%lu)!\n",
-				(long) pthread_self(), i,
-				(long) args->main_thread);
-			ERR_print_errors_fp(stdout);
-			failure();
-			continue;
-		}
-		if (print) {
-			fprintf(stderr, ">%d\n", i);
-		}
-	}
-	free(signature);
-
-	pthread_exit(0);
-
-	return NULL;
-}
-
-unsigned char *
-xmemdup(unsigned char *s, size_t len)
-{
-	unsigned char *r;
-	r = malloc(len);
-	if (r == NULL) {
-		fprintf(stderr, "Out of memory.\n");
-		ERR_print_errors_fp(stdout);
-		assert(r != NULL);
-	}
-	memcpy(r, s, len);
-	return r;
-}
-
-int
-main(int argc, char **argv)
-{
-	RSA *rsa;
-	MD5_CTX md5;
-	int fd, i;
-	pthread_t threads[MAX_THREAD_COUNT];
-	int thread_count = 1000;
-	unsigned char *message, *digest;
-	unsigned int message_len, digest_len;
-	unsigned char *correct_signature;
-	unsigned int correct_siglen, ret;
-	struct thread_args master_args, *args;
-	int sync = 0, seed = 0;
-	int again = 1;
-#ifdef USE_ENGINE
-	char *engine = NULL;
-	ENGINE *e = NULL;
-#endif
-
-	pthread_mutex_init(&failure_count_lock, NULL);
-
-	for (i = 1; i < argc; i++) {
-		if (strcmp(argv[i], "--seed") == 0) {
-			printf("Seeding PRNG.\n");
-			seed++;
-		} else
-		if (strcmp(argv[i], "--sync") == 0) {
-			printf("Running synchronized.\n");
-			sync++;
-		} else
-		if ((strcmp(argv[i], "--threads") == 0) && (i < argc - 1)) {
-			i++;
-			thread_count = atol(argv[i]);
-			if (thread_count > MAX_THREAD_COUNT) {
-				thread_count = MAX_THREAD_COUNT;
-			}
-			printf("Starting %d threads.\n", thread_count);
-			sync++;
-		} else
-		if (strcmp(argv[i], "--sign") == 0) {
-			printf("Locking signing.\n");
-			locked_sign++;
-		} else
-		if (strcmp(argv[i], "--verify") == 0) {
-			printf("Locking verifies.\n");
-			locked_verify++;
-		} else
-		if (strcmp(argv[i], "--print") == 0) {
-			printf("Tracing.\n");
-			print++;
-#ifdef USE_ENGINE
-		} else
-		if ((strcmp(argv[i], "--engine") == 0) && (i < argc - 1)) {
-			printf("Using engine \"%s\".\n", argv[i + 1]);
-			engine = argv[i + 1];
-			i++;
-#endif
-		} else {
-			printf("Bad argument: %s\n", argv[i]);
-			return 1;
-		}
-	}
-
-	/* Get some random data to sign. */
-	fd = open("/dev/urandom", O_RDONLY);
-	if (fd == -1) {
-		fprintf(stderr, "Error opening /dev/urandom: %s\n",
-			strerror(errno));
-	}
-
-	if (print) {
-		fprintf(stderr, "Reading random data.\n");
-	}
-	message = malloc(message_len = 9371);
-	read(fd, message, message_len);
-	close(fd);
-
-	/* Initialize the SSL library and set up thread-safe locking. */
-	ERR_load_crypto_strings();
-	SSL_library_init();
-	mutex_locks = malloc(sizeof(pthread_mutex_t) * CRYPTO_num_locks());
-	for (i = 0; i < CRYPTO_num_locks(); i++) {
-		pthread_mutex_init(&mutex_locks[i], NULL);
-	}
-	CRYPTO_set_id_callback(thread_id_cb);
-	CRYPTO_set_locking_callback(lock_cb);
-	ERR_print_errors_fp(stdout);
-
-	/* Seed the PRNG if we were asked to do so. */
-	if (seed) {
-		if (print) {
-			fprintf(stderr, "Seeding PRNG.\n");
-		}
-		RAND_add(message, message_len, message_len);
-		ERR_print_errors_fp(stdout);
-	}
-
-	/* Turn on a hardware crypto device if asked to do so. */
-#ifdef USE_ENGINE
-	if (engine) {
-#if OPENSSL_VERSION_NUMBER  >= 0x0090700fL
-		ENGINE_load_builtin_engines();
-#endif
-		if (print) {
-			fprintf(stderr, "Initializing \"%s\" engine.\n",
-				engine);
-		}
-		e = ENGINE_by_id(engine);
-		ERR_print_errors_fp(stdout);
-		if (e) {
-			i = ENGINE_init(e);
-			ERR_print_errors_fp(stdout);
-			i = ENGINE_set_default_RSA(e);
-			ERR_print_errors_fp(stdout);
-		}
-	}
-#endif
-
-	/* Compute the digest for the signature. */
-	if (print) {
-		fprintf(stderr, "Computing digest.\n");
-	}
-	digest = malloc(digest_len = MD5_DIGEST_LENGTH);
-	MD5_Init(&md5);
-	MD5_Update(&md5, message, message_len);
-	MD5_Final(digest, &md5);
-
-	/* Generate a signing key. */
-	if (print) {
-		fprintf(stderr, "Generating key.\n");
-	}
-	rsa = RSA_generate_key(4096, 3, NULL, NULL);
-	ERR_print_errors_fp(stdout);
-	if (rsa == NULL) {
-		_exit(1);
-	}
-
-	/* Sign the data. */
-	correct_siglen = RSA_size(rsa);
-	correct_signature = malloc(correct_siglen);
-	for (i = 0; i < MAIN_COUNT; i++) {
-		if (print) {
-			fprintf(stderr, "Signing data (%d).\n", i);
-		}
-		ret = RSA_check_key(rsa);
-		ERR_print_errors_fp(stdout);
-		if (ret != 1) {
-			failure();
-		}
-		correct_siglen = RSA_size(rsa);
-		ret = RSA_sign(NID_md5, digest, digest_len,
-			       correct_signature, &correct_siglen,
-			       rsa);
-		ERR_print_errors_fp(stdout);
-		if (ret != 1) {
-			_exit(2);
-		}
-		if (print) {
-			fprintf(stderr, "Verifying data (%d).\n", i);
-		}
-		ret = RSA_verify(NID_md5, digest, digest_len,
-			         correct_signature, correct_siglen,
-			         rsa);
-		if (ret != 1) {
-			_exit(2);
-		}
-	}
-
-	/* Collect up the inforamtion which other threads will need for
-	 * comparing their signature results with ours. */
-	master_args.rsa = rsa;
-	master_args.digest_type = NID_md5;
-	master_args.digest = digest;
-	master_args.digest_len = digest_len;
-	master_args.signature = correct_signature;
-	master_args.signature_len = correct_siglen;
-	master_args.main_thread = pthread_self();
-	
-	fprintf(stdout, "Performing %d signatures in each of %d threads "
-		"(%d, %d).\n", ITERATION_COUNT, thread_count,
-		digest_len, correct_siglen);
-	fflush(NULL);
-
-	/* Start up all of the threads. */
-	for (i = 0; i < thread_count; i++) {
-		args = malloc(sizeof(struct thread_args));
-		args->rsa = RSAPrivateKey_dup(master_args.rsa);
-		args->digest_type = master_args.digest_type;
-		args->digest_len = master_args.digest_len;
-		args->digest = xmemdup(master_args.digest, args->digest_len);
-		args->signature_len = master_args.signature_len;
-		args->signature = xmemdup(master_args.signature,
-					  args->signature_len);
-		args->main_thread = pthread_self();
-		ret = pthread_create(&threads[i], NULL, thread_main, args);
-		while ((ret != 0) && (errno == EAGAIN)) {
-			ret = pthread_create(&threads[i], NULL,
-					     thread_main, &args);
-			fprintf(stderr, "Thread limit hit at %d.\n", i);
-		}
-		if (ret != 0) {
-			fprintf(stderr, "Unable to create thread %d: %s.\n",
-				i, strerror(errno));
-			threads[i] = -1;
-		} else {
-			if (sync) {
-				ret = pthread_join(threads[i], NULL);
-				assert(ret == 0);
-			}
-			if (print) {
-				fprintf(stderr, "%d\n", i);
-			}
-		}
-	}
-
-	/* Wait for all threads to complete.  So long as we can find an
-	 * unjoined thread, keep joining threads. */
-	do {
-		again = 0;
-		for (i = 0; i < thread_count; i++) {
-			/* If we have an unterminated thread, join it. */
-			if (threads[i] != -1) {
-				again = 1;
-				if (print) {
-					fprintf(stderr, "Joining thread %d.\n",
-						i);
-				}
-				pthread_join(threads[i], NULL);
-				threads[i] = -1;
-				break;
-			}
-		}
-	} while (again == 1);
-
-	fprintf(stderr, "%ld failures\n", failure_count);
-
-	return (failure_count != 0);
-}

opensslconf-new.h

@@ -13,8 +13,21 @@
 #include "opensslconf-i386.h"
 #elif defined(__ia64__)
 #include "opensslconf-ia64.h"
+#elif defined(__mips64) && defined(__MIPSEL__)
+#include "opensslconf-mips64el.h"
+#elif defined(__mips64)
+#include "opensslconf-mips64.h"
+#elif defined(__mips) && defined(__MIPSEL__)
+#include "opensslconf-mipsel.h"
+#elif defined(__mips)
+#include "opensslconf-mips.h"
 #elif defined(__powerpc64__)
+#include <endian.h>
+#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
 #include "opensslconf-ppc64.h"
+#else
+#include "opensslconf-ppc64le.h"
+#endif
 #elif defined(__powerpc__)
 #include "opensslconf-ppc.h"
 #elif defined(__s390x__)

renew-dummy-cert

@@ -0,0 +1,39 @@
+#!/bin/bash
+
+if [ $# -eq 0 ]; then
+	echo $"Usage: `basename $0` filename" 1>&2
+	exit 1
+fi
+
+PEM=$1
+REQ=`/bin/mktemp /tmp/openssl.XXXXXX`
+KEY=`/bin/mktemp /tmp/openssl.XXXXXX`
+CRT=`/bin/mktemp /tmp/openssl.XXXXXX`
+NEW=${PEM}_
+
+trap "rm -f $REQ $KEY $CRT $NEW" SIGINT
+
+if [ ! -f $PEM ]; then
+	echo "$PEM: file not found" 1>&2
+	exit 1
+fi
+
+umask 077
+
+OWNER=`ls -l $PEM | awk '{ printf "%s.%s", $3, $4; }'`
+
+openssl rsa -inform pem -in $PEM -out $KEY
+openssl x509 -x509toreq -in $PEM -signkey $KEY -out $REQ
+openssl x509 -req -in $REQ -signkey $KEY -days 365 \
+	-extfile /etc/pki/tls/openssl.cnf -extensions v3_ca -out $CRT
+
+(cat $KEY ; echo "" ; cat $CRT) > $NEW
+
+chown $OWNER $NEW
+
+mv -f $NEW $PEM
+
+rm -f $REQ $KEY $CRT
+
+exit 0
+

sources

@@ -1 +1 @@
-f1d0d73327d74b302f503763bddf1cf8  openssl-1.0.0-usa.tar.bz2
+SHA512 (openssl-1.1.1h-hobbled.tar.xz) = 75e1d3f34f93462b97db92aa6538fd4f2f091ad717438e51d147508738be720d7d0bf4a9b1fda3a1943a4c13aae2a39da3add05f7da833b3c6de40a97bc97908

tests/simple-rsapss-test/Makefile

@@ -0,0 +1,63 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/openssl/Sanity/simple-rsapss-test
+#   Description: Test if RSA-PSS signature scheme is supported
+#   Author: Hubert Kario <hkario@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+export TEST=/CoreOS/openssl/Sanity/simple-rsapss-test
+export TESTVERSION=1.0
+
+BUILT_FILES=
+
+FILES=$(METADATA) runtest.sh Makefile PURPOSE
+
+.PHONY: all install download clean
+
+run: $(FILES) build
+	./runtest.sh
+
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+
+clean:
+	rm -f *~ $(BUILT_FILES)
+
+
+-include /usr/share/rhts/lib/rhts-make.include
+
+$(METADATA): Makefile
+	@echo "Owner:           Hubert Kario <hkario@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     Test if RSA-PSS signature scheme is supported" >> $(METADATA)
+	@echo "Type:            Sanity" >> $(METADATA)
+	@echo "TestTime:        1m" >> $(METADATA)
+	@echo "RunFor:          openssl" >> $(METADATA)
+	@echo "Requires:        openssl man man-db" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+
+	rhts-lint $(METADATA)

tests/simple-rsapss-test/PURPOSE

@@ -0,0 +1,3 @@
+PURPOSE of /CoreOS/openssl/Sanity/simple-rsapss-test
+Description: Test if RSA-PSS signature scheme is supported
+Author: Hubert Kario <hkario@redhat.com>

tests/simple-rsapss-test/runtest.sh

@@ -0,0 +1,74 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/openssl/Sanity/simple-rsapss-test
+#   Description: Test if RSA-PSS signature scheme is supported
+#   Author: Hubert Kario <hkario@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="openssl"
+
+PUB_KEY="rsa_pubkey.pem"
+PRIV_KEY="rsa_key.pem"
+FILE="text.txt"
+SIG="text.sig"
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm $PACKAGE
+        rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
+        rlRun "pushd $TmpDir"
+        rlRun "openssl genrsa -out $PRIV_KEY 2048" 0 "Generate RSA key"
+        rlRun "openssl rsa -in $PRIV_KEY -out $PUB_KEY -pubout" 0 "Split the public key from private key"
+        rlRun "echo 'sign me!' > $FILE" 0 "Create file for signing"
+        rlAssertExists $FILE
+        rlAssertExists $PRIV_KEY
+        rlAssertExists $PUB_KEY
+    rlPhaseEnd
+
+    rlPhaseStartTest "Test RSA-PSS padding mode"
+        set -o pipefail
+        rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -out $SIG -sign $PRIV_KEY $FILE" 0 "Sign the file"
+        rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -prverify $PRIV_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using the private key file"
+        rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -verify $PUB_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using public key file"
+        rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -prverify $PRIV_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using the private key file without specifying salt length"
+        rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -verify $PUB_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using public key file without specifying salt length"
+        set +o pipefail
+        rlRun "sed -i 's/sign/Sign/' $FILE" 0 "Modify signed file"
+        rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -verify $PUB_KEY -signature $SIG $FILE | grep 'Verification Failure'" 0 "Verify that the signature is no longer valid"
+    rlPhaseEnd
+
+    rlPhaseStartTest "Documentation check"
+        [ -e "$(rpm -ql openssl | grep dgst)"] && rlRun "man dgst | col -b | grep -- -sigopt" 0 "Check if -sigopt option is described in man page"
+        rlRun "openssl dgst -help 2>&1 | grep -- -sigopt" 0 "Check if -sigopt option is present in help message"
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+        rlRun "popd"
+        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd

tests/tests.yml

@@ -0,0 +1,15 @@
+---
+# This first play always runs on the local staging system
+- hosts: localhost
+  roles:
+  - role: standard-test-beakerlib
+    tags:
+    - classic
+    - container
+    tests:
+    - simple-rsapss-test
+    required_packages:
+    - findutils         # beakerlib needs find command
+    - man               # needed by simple-rsapss-test
+    - man-db            # needed by simple-rsapss-test
+    - openssl           # needed by simple-rsapss-test

tests/tests_python.yml

@@ -0,0 +1,18 @@
+---
+- hosts: localhost
+  roles:
+  - role: standard-test-basic
+    tags:
+    - classic
+    repositories:
+    - repo: "https://src.fedoraproject.org/tests/python.git"
+      dest: "python"
+    tests:
+    - python_selftest:
+        dir: python/selftest
+        run: X="test_ssl test_asyncio test_hashlib test_ftplib test_httplib test_imaplib test_logging test_nntplib test_poplib test_urllib2_localnet test_urllib test_xmlrpc" ./parallel.sh
+    required_packages:
+    - gcc  # for extension building in venv and selftest
+    - python3-tkinter  # for selftest
+    - python3-test  # for selftest
+    - python3-rpm-macros  # for dynamic python version