1994. [port] OpenSSL 0.9.8 support. [RT #15694]

2025-09-01 06:55:30 +00:00 · 2006-03-01 02:32:46 +00:00
parent 7042126e8a
commit 25c18fded0
7 changed files with 593 additions and 35 deletions
--- a/2
+++ b/2
@@ -1,3 +1,5 @@
 1994.	[port]		OpenSSL 0.9.8 support. [RT #15694]
 1993.	[bug]		Log messsage, via syslog, were missing the space
 			after the timestamp if "print-time yes" was specified.
 			[RT #15844]
--- a/config.h.in
+++ b/config.h.in
@@ -16,7 +16,7 @@
 * PERFORMANCE OF THIS SOFTWARE.
 */
-/* $Id: config.h.in,v 1.78 2006/02/02 23:07:53 marka Exp $ */
+/* $Id: config.h.in,v 1.79 2006/03/01 02:32:46 marka Exp $ */
 /*! \file */
@@ -157,9 +157,15 @@ int sigwait(const unsigned int *set, int *sig);
 /* Define if you cannot bind() before connect() for TCP sockets. */
 #undef BROKEN_TCP_BIND_BEFORE_CONNECT
 /* Define if libcrypto has DH_generate_parameters */
 #undef HAVE_DH_GENERATE_PARAMETERS
 /* Define to 1 if you have the <dlfcn.h> header file. */
 #undef HAVE_DLFCN_H
 /* Define if libcrypto has DSA_generate_parameters */
 #undef HAVE_DSA_GENERATE_PARAMETERS
 /* Define to 1 if you have the <fcntl.h> header file. */
 #undef HAVE_FCNTL_H
@@ -196,6 +202,9 @@ int sigwait(const unsigned int *set, int *sig);
 /* Define to 1 if you have the <net/if6.h> header file. */
 #undef HAVE_NET_IF6_H
 /* Define if libcrypto has RSA_generate_key */
 #undef HAVE_RSA_GENERATE_KEY
 /* Define to 1 if you have the `setlocale' function. */
 #undef HAVE_SETLOCALE
--- a/354
+++ b/354
@@ -14,7 +14,7 @@
 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 # PERFORMANCE OF THIS SOFTWARE.
 #
-# $Id: configure,v 1.390 2006/02/26 22:57:17 marka Exp $
+# $Id: configure,v 1.391 2006/03/01 02:32:46 marka Exp $
 #
 # Portions Copyright (C) 1996-2001  Nominum, Inc.
 #
@@ -29,7 +29,7 @@
 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
 # OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-# From configure.in Revision: 1.402 .
+# From configure.in Revision: 1.403 .
 # Guess values for system-dependent variables and create Makefiles.
 # Generated by GNU Autoconf 2.59.
 #
@@ -5089,6 +5089,300 @@ fi
 rm -f conftest.err conftest.$ac_objext \
      conftest$ac_exeext conftest.$ac_ext
 		echo "$as_me:$LINENO: checking for DH_generate_parameters" >&5
 echo $ECHO_N "checking for DH_generate_parameters... $ECHO_C" >&6
 if test "${ac_cv_func_DH_generate_parameters+set}" = set; then
  echo $ECHO_N "(cached) $ECHO_C" >&6
 else
  cat >conftest.$ac_ext <<_ACEOF
 /* confdefs.h.  */
 _ACEOF
 cat confdefs.h >>conftest.$ac_ext
 cat >>conftest.$ac_ext <<_ACEOF
 /* end confdefs.h.  */
 /* Define DH_generate_parameters to an innocuous variant, in case <limits.h> declares DH_generate_parameters.
   For example, HP-UX 11i <limits.h> declares gettimeofday.  */
 #define DH_generate_parameters innocuous_DH_generate_parameters
 /* System header to define __stub macros and hopefully few prototypes,
    which can conflict with char DH_generate_parameters (); below.
    Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
    <limits.h> exists even on freestanding compilers.  */
 #ifdef __STDC__
 # include <limits.h>
 #else
 # include <assert.h>
 #endif
 #undef DH_generate_parameters
 /* Override any gcc2 internal prototype to avoid an error.  */
 #ifdef __cplusplus
 extern "C"
 {
 #endif
 /* We use char because int might match the return type of a gcc2
   builtin and then its argument prototype would still apply.  */
 char DH_generate_parameters ();
 /* The GNU C library defines this for functions which it implements
    to always fail with ENOSYS.  Some functions are actually named
    something starting with __ and the normal name is an alias.  */
 #if defined (__stub_DH_generate_parameters) || defined (__stub___DH_generate_parameters)
 choke me
 #else
 char (*f) () = DH_generate_parameters;
 #endif
 #ifdef __cplusplus
 }
 #endif
 int
 main ()
 {
 return f != DH_generate_parameters;
  ;
  return 0;
 }
 _ACEOF
 rm -f conftest.$ac_objext conftest$ac_exeext
 if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
  (eval $ac_link) 2>conftest.er1
  ac_status=$?
  grep -v '^ *+' conftest.er1 >conftest.err
  rm -f conftest.er1
  cat conftest.err >&5
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); } &&
 	 { ac_try='test -z "$ac_c_werror_flag"
 			 || test ! -s conftest.err'
  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
  (eval $ac_try) 2>&5
  ac_status=$?
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); }; } &&
 	 { ac_try='test -s conftest$ac_exeext'
  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
  (eval $ac_try) 2>&5
  ac_status=$?
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); }; }; then
  ac_cv_func_DH_generate_parameters=yes
 else
  echo "$as_me: failed program was:" >&5
 sed 's/^/| /' conftest.$ac_ext >&5
 ac_cv_func_DH_generate_parameters=no
 fi
 rm -f conftest.err conftest.$ac_objext \
      conftest$ac_exeext conftest.$ac_ext
 fi
 echo "$as_me:$LINENO: result: $ac_cv_func_DH_generate_parameters" >&5
 echo "${ECHO_T}$ac_cv_func_DH_generate_parameters" >&6
 if test $ac_cv_func_DH_generate_parameters = yes; then
 cat >>confdefs.h <<\_ACEOF
 #define HAVE_DH_GENERATE_PARAMETERS 1
 _ACEOF
 fi
 		echo "$as_me:$LINENO: checking for RSA_generate_key" >&5
 echo $ECHO_N "checking for RSA_generate_key... $ECHO_C" >&6
 if test "${ac_cv_func_RSA_generate_key+set}" = set; then
  echo $ECHO_N "(cached) $ECHO_C" >&6
 else
  cat >conftest.$ac_ext <<_ACEOF
 /* confdefs.h.  */
 _ACEOF
 cat confdefs.h >>conftest.$ac_ext
 cat >>conftest.$ac_ext <<_ACEOF
 /* end confdefs.h.  */
 /* Define RSA_generate_key to an innocuous variant, in case <limits.h> declares RSA_generate_key.
   For example, HP-UX 11i <limits.h> declares gettimeofday.  */
 #define RSA_generate_key innocuous_RSA_generate_key
 /* System header to define __stub macros and hopefully few prototypes,
    which can conflict with char RSA_generate_key (); below.
    Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
    <limits.h> exists even on freestanding compilers.  */
 #ifdef __STDC__
 # include <limits.h>
 #else
 # include <assert.h>
 #endif
 #undef RSA_generate_key
 /* Override any gcc2 internal prototype to avoid an error.  */
 #ifdef __cplusplus
 extern "C"
 {
 #endif
 /* We use char because int might match the return type of a gcc2
   builtin and then its argument prototype would still apply.  */
 char RSA_generate_key ();
 /* The GNU C library defines this for functions which it implements
    to always fail with ENOSYS.  Some functions are actually named
    something starting with __ and the normal name is an alias.  */
 #if defined (__stub_RSA_generate_key) || defined (__stub___RSA_generate_key)
 choke me
 #else
 char (*f) () = RSA_generate_key;
 #endif
 #ifdef __cplusplus
 }
 #endif
 int
 main ()
 {
 return f != RSA_generate_key;
  ;
  return 0;
 }
 _ACEOF
 rm -f conftest.$ac_objext conftest$ac_exeext
 if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
  (eval $ac_link) 2>conftest.er1
  ac_status=$?
  grep -v '^ *+' conftest.er1 >conftest.err
  rm -f conftest.er1
  cat conftest.err >&5
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); } &&
 	 { ac_try='test -z "$ac_c_werror_flag"
 			 || test ! -s conftest.err'
  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
  (eval $ac_try) 2>&5
  ac_status=$?
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); }; } &&
 	 { ac_try='test -s conftest$ac_exeext'
  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
  (eval $ac_try) 2>&5
  ac_status=$?
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); }; }; then
  ac_cv_func_RSA_generate_key=yes
 else
  echo "$as_me: failed program was:" >&5
 sed 's/^/| /' conftest.$ac_ext >&5
 ac_cv_func_RSA_generate_key=no
 fi
 rm -f conftest.err conftest.$ac_objext \
      conftest$ac_exeext conftest.$ac_ext
 fi
 echo "$as_me:$LINENO: result: $ac_cv_func_RSA_generate_key" >&5
 echo "${ECHO_T}$ac_cv_func_RSA_generate_key" >&6
 if test $ac_cv_func_RSA_generate_key = yes; then
 cat >>confdefs.h <<\_ACEOF
 #define HAVE_RSA_GENERATE_KEY 1
 _ACEOF
 fi
 		echo "$as_me:$LINENO: checking for DSA_generate_parameters" >&5
 echo $ECHO_N "checking for DSA_generate_parameters... $ECHO_C" >&6
 if test "${ac_cv_func_DSA_generate_parameters+set}" = set; then
  echo $ECHO_N "(cached) $ECHO_C" >&6
 else
  cat >conftest.$ac_ext <<_ACEOF
 /* confdefs.h.  */
 _ACEOF
 cat confdefs.h >>conftest.$ac_ext
 cat >>conftest.$ac_ext <<_ACEOF
 /* end confdefs.h.  */
 /* Define DSA_generate_parameters to an innocuous variant, in case <limits.h> declares DSA_generate_parameters.
   For example, HP-UX 11i <limits.h> declares gettimeofday.  */
 #define DSA_generate_parameters innocuous_DSA_generate_parameters
 /* System header to define __stub macros and hopefully few prototypes,
    which can conflict with char DSA_generate_parameters (); below.
    Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
    <limits.h> exists even on freestanding compilers.  */
 #ifdef __STDC__
 # include <limits.h>
 #else
 # include <assert.h>
 #endif
 #undef DSA_generate_parameters
 /* Override any gcc2 internal prototype to avoid an error.  */
 #ifdef __cplusplus
 extern "C"
 {
 #endif
 /* We use char because int might match the return type of a gcc2
   builtin and then its argument prototype would still apply.  */
 char DSA_generate_parameters ();
 /* The GNU C library defines this for functions which it implements
    to always fail with ENOSYS.  Some functions are actually named
    something starting with __ and the normal name is an alias.  */
 #if defined (__stub_DSA_generate_parameters) || defined (__stub___DSA_generate_parameters)
 choke me
 #else
 char (*f) () = DSA_generate_parameters;
 #endif
 #ifdef __cplusplus
 }
 #endif
 int
 main ()
 {
 return f != DSA_generate_parameters;
  ;
  return 0;
 }
 _ACEOF
 rm -f conftest.$ac_objext conftest$ac_exeext
 if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
  (eval $ac_link) 2>conftest.er1
  ac_status=$?
  grep -v '^ *+' conftest.er1 >conftest.err
  rm -f conftest.er1
  cat conftest.err >&5
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); } &&
 	 { ac_try='test -z "$ac_c_werror_flag"
 			 || test ! -s conftest.err'
  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
  (eval $ac_try) 2>&5
  ac_status=$?
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); }; } &&
 	 { ac_try='test -s conftest$ac_exeext'
  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
  (eval $ac_try) 2>&5
  ac_status=$?
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); }; }; then
  ac_cv_func_DSA_generate_parameters=yes
 else
  echo "$as_me: failed program was:" >&5
 sed 's/^/| /' conftest.$ac_ext >&5
 ac_cv_func_DSA_generate_parameters=no
 fi
 rm -f conftest.err conftest.$ac_objext \
      conftest$ac_exeext conftest.$ac_ext
 fi
 echo "$as_me:$LINENO: result: $ac_cv_func_DSA_generate_parameters" >&5
 echo "${ECHO_T}$ac_cv_func_DSA_generate_parameters" >&6
 if test $ac_cv_func_DSA_generate_parameters = yes; then
 cat >>confdefs.h <<\_ACEOF
 #define HAVE_DSA_GENERATE_PARAMETERS 1
 _ACEOF
 fi
 #
 #	OpenSSLDie is new with CERT CS-2002-23.  If we see it we have may
 #	have a patched library otherwise check that we are greater than
@@ -8171,7 +8465,7 @@ ia64-*-hpux*)
  ;;
 *-*-irix6*)
  # Find out which ABI we are using.
-  echo '#line 8174 "configure"' > conftest.$ac_ext
+  echo '#line 8468 "configure"' > conftest.$ac_ext
  if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
  (eval $ac_compile) 2>&5
  ac_status=$?
@@ -9168,7 +9462,7 @@ fi
 # Provide some information about the compiler.
-echo "$as_me:9171:" \
+echo "$as_me:9465:" \
     "checking for Fortran 77 compiler version" >&5
 ac_compiler=`set X $ac_compile; echo $2`
 { (eval echo "$as_me:$LINENO: \"$ac_compiler --version </dev/null >&5\"") >&5
@@ -10229,11 +10523,11 @@ else
   -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \
   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:10232: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:10526: $lt_compile\"" >&5)
   (eval "$lt_compile" 2>conftest.err)
   ac_status=$?
   cat conftest.err >&5
-   echo "$as_me:10236: \$? = $ac_status" >&5
+   echo "$as_me:10530: \$? = $ac_status" >&5
   if (exit $ac_status) && test -s "$ac_outfile"; then
     # The compiler can only warn and ignore the option if not recognized
     # So say no if there are warnings
@@ -10472,11 +10766,11 @@ else
   -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \
   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:10475: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:10769: $lt_compile\"" >&5)
   (eval "$lt_compile" 2>conftest.err)
   ac_status=$?
   cat conftest.err >&5
-   echo "$as_me:10479: \$? = $ac_status" >&5
+   echo "$as_me:10773: \$? = $ac_status" >&5
   if (exit $ac_status) && test -s "$ac_outfile"; then
     # The compiler can only warn and ignore the option if not recognized
     # So say no if there are warnings
@@ -10532,11 +10826,11 @@ else
   -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \
   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:10535: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:10829: $lt_compile\"" >&5)
   (eval "$lt_compile" 2>out/conftest.err)
   ac_status=$?
   cat out/conftest.err >&5
-   echo "$as_me:10539: \$? = $ac_status" >&5
+   echo "$as_me:10833: \$? = $ac_status" >&5
   if (exit $ac_status) && test -s out/conftest2.$ac_objext
   then
     # The compiler can only warn and ignore the option if not recognized
@@ -12717,7 +13011,7 @@ else
  lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
  lt_status=$lt_dlunknown
  cat > conftest.$ac_ext <<EOF
-#line 12720 "configure"
+#line 13014 "configure"
 #include "confdefs.h"
 #if HAVE_DLFCN_H
@@ -12815,7 +13109,7 @@ else
  lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
  lt_status=$lt_dlunknown
  cat > conftest.$ac_ext <<EOF
-#line 12818 "configure"
+#line 13112 "configure"
 #include "confdefs.h"
 #if HAVE_DLFCN_H
@@ -15012,11 +15306,11 @@ else
   -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \
   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:15015: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:15309: $lt_compile\"" >&5)
   (eval "$lt_compile" 2>conftest.err)
   ac_status=$?
   cat conftest.err >&5
-   echo "$as_me:15019: \$? = $ac_status" >&5
+   echo "$as_me:15313: \$? = $ac_status" >&5
   if (exit $ac_status) && test -s "$ac_outfile"; then
     # The compiler can only warn and ignore the option if not recognized
     # So say no if there are warnings
@@ -15072,11 +15366,11 @@ else
   -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \
   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:15075: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:15369: $lt_compile\"" >&5)
   (eval "$lt_compile" 2>out/conftest.err)
   ac_status=$?
   cat out/conftest.err >&5
-   echo "$as_me:15079: \$? = $ac_status" >&5
+   echo "$as_me:15373: \$? = $ac_status" >&5
   if (exit $ac_status) && test -s out/conftest2.$ac_objext
   then
     # The compiler can only warn and ignore the option if not recognized
@@ -16433,7 +16727,7 @@ else
  lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
  lt_status=$lt_dlunknown
  cat > conftest.$ac_ext <<EOF
-#line 16436 "configure"
+#line 16730 "configure"
 #include "confdefs.h"
 #if HAVE_DLFCN_H
@@ -16531,7 +16825,7 @@ else
  lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
  lt_status=$lt_dlunknown
  cat > conftest.$ac_ext <<EOF
-#line 16534 "configure"
+#line 16828 "configure"
 #include "confdefs.h"
 #if HAVE_DLFCN_H
@@ -17368,11 +17662,11 @@ else
   -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \
   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:17371: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:17665: $lt_compile\"" >&5)
   (eval "$lt_compile" 2>conftest.err)
   ac_status=$?
   cat conftest.err >&5
-   echo "$as_me:17375: \$? = $ac_status" >&5
+   echo "$as_me:17669: \$? = $ac_status" >&5
   if (exit $ac_status) && test -s "$ac_outfile"; then
     # The compiler can only warn and ignore the option if not recognized
     # So say no if there are warnings
@@ -17428,11 +17722,11 @@ else
   -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \
   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:17431: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:17725: $lt_compile\"" >&5)
   (eval "$lt_compile" 2>out/conftest.err)
   ac_status=$?
   cat out/conftest.err >&5
-   echo "$as_me:17435: \$? = $ac_status" >&5
+   echo "$as_me:17729: \$? = $ac_status" >&5
   if (exit $ac_status) && test -s out/conftest2.$ac_objext
   then
     # The compiler can only warn and ignore the option if not recognized
@@ -19467,11 +19761,11 @@ else
   -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \
   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:19470: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:19764: $lt_compile\"" >&5)
   (eval "$lt_compile" 2>conftest.err)
   ac_status=$?
   cat conftest.err >&5
-   echo "$as_me:19474: \$? = $ac_status" >&5
+   echo "$as_me:19768: \$? = $ac_status" >&5
   if (exit $ac_status) && test -s "$ac_outfile"; then
     # The compiler can only warn and ignore the option if not recognized
     # So say no if there are warnings
@@ -19710,11 +20004,11 @@ else
   -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \
   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:19713: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:20007: $lt_compile\"" >&5)
   (eval "$lt_compile" 2>conftest.err)
   ac_status=$?
   cat conftest.err >&5
-   echo "$as_me:19717: \$? = $ac_status" >&5
+   echo "$as_me:20011: \$? = $ac_status" >&5
   if (exit $ac_status) && test -s "$ac_outfile"; then
     # The compiler can only warn and ignore the option if not recognized
     # So say no if there are warnings
@@ -19770,11 +20064,11 @@ else
   -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \
   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:19773: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:20067: $lt_compile\"" >&5)
   (eval "$lt_compile" 2>out/conftest.err)
   ac_status=$?
   cat out/conftest.err >&5
-   echo "$as_me:19777: \$? = $ac_status" >&5
+   echo "$as_me:20071: \$? = $ac_status" >&5
   if (exit $ac_status) && test -s out/conftest2.$ac_objext
   then
     # The compiler can only warn and ignore the option if not recognized
@@ -21955,7 +22249,7 @@ else
  lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
  lt_status=$lt_dlunknown
  cat > conftest.$ac_ext <<EOF
-#line 21958 "configure"
+#line 22252 "configure"
 #include "confdefs.h"
 #if HAVE_DLFCN_H
@@ -22053,7 +22347,7 @@ else
  lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
  lt_status=$lt_dlunknown
  cat > conftest.$ac_ext <<EOF
-#line 22056 "configure"
+#line 22350 "configure"
 #include "confdefs.h"
 #if HAVE_DLFCN_H
--- a/configure.in
+++ b/configure.in
@@ -18,7 +18,7 @@ AC_DIVERT_PUSH(1)dnl
 esyscmd([sed "s/^/# /" COPYRIGHT])dnl
 AC_DIVERT_POP()dnl
-AC_REVISION($Revision: 1.402 $)
+AC_REVISION($Revision: 1.403 $)
 AC_INIT(lib/dns/name.c)
 AC_PREREQ(2.59)
@@ -474,6 +474,15 @@ shared library configuration (e.g., LD_LIBRARY_PATH).)],
 		[AC_MSG_RESULT(assuming it does work on target platform)]
 		)
 		AC_CHECK_FUNC(DH_generate_parameters,
 			      AC_DEFINE(HAVE_DH_GENERATE_PARAMETERS, 1,
 					[Define if libcrypto has DH_generate_parameters]))
 		AC_CHECK_FUNC(RSA_generate_key,
 			      AC_DEFINE(HAVE_RSA_GENERATE_KEY, 1,
 					[Define if libcrypto has RSA_generate_key]))
 		AC_CHECK_FUNC(DSA_generate_parameters,
 			      AC_DEFINE(HAVE_DSA_GENERATE_PARAMETERS, 1,
 					[Define if libcrypto has DSA_generate_parameters]))
 #
 #	OpenSSLDie is new with CERT CS-2002-23.  If we see it we have may
 #	have a patched library otherwise check that we are greater than
--- a/lib/dns/openssldh_link.c
+++ b/lib/dns/openssldh_link.c
@@ -18,7 +18,7 @@
 /*
 * Principal Author: Brian Wellington
- * $Id: openssldh_link.c,v 1.4 2005/06/17 02:22:44 marka Exp $
+ * $Id: openssldh_link.c,v 1.5 2006/03/01 02:31:40 marka Exp $
 */
 #ifdef OPENSSL
@@ -138,6 +138,79 @@ openssldh_paramcompare(const dst_key_t *key1, const dst_key_t *key2) {
 	return (ISC_TRUE);
 }
 #ifndef HAVE_DH_GENERATE_PARAMETERS
 /* ====================================================================
 * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */
 static DH *
 DH_generate_parameters(int prime_len, int generator,
 		       void (*callback)(int,int,void *), void *cb_arg)
 {
        BN_GENCB cb;
        DH *dh = NULL;
 	dh = DH_new();
 	if (dh != NULL) {
 		BN_GENCB_set_old(&cb, callback, cb_arg);
 		if (DH_generate_parameters_ex(dh, prime_len, generator, &cb))
 			return (dh);
 		DH_free(dh);
 	}
        return (NULL);
 }
 #endif
 static isc_result_t
 openssldh_generate(dst_key_t *key, int generator) {
 	DH *dh = NULL;
--- a/lib/dns/openssldsa_link.c
+++ b/lib/dns/openssldsa_link.c
@@ -16,7 +16,7 @@
 * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */
-/* $Id: openssldsa_link.c,v 1.3 2005/04/29 00:22:49 marka Exp $ */
+/* $Id: openssldsa_link.c,v 1.4 2006/03/01 02:31:40 marka Exp $ */
 #ifdef OPENSSL
@@ -169,6 +169,83 @@ openssldsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
 	return (ISC_TRUE);
 }
 #ifndef HAVE_DSA_GENERATE_PARAMETERS
 /* ====================================================================
 * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */
 static DSA *
 DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len,
 			int *counter_ret, unsigned long *h_ret,
 			void (*callback)(int, int, void *),
 			void *cb_arg)
 {
        BN_GENCB cb;
        DSA *dsa;
        dsa = DSA_new();
 	if (dsa != NULL) {
 		BN_GENCB_set_old(&cb, callback, cb_arg);
 		if (DSA_generate_parameters_ex(dsa, bits, seed_in, seed_len,  
 					       counter_ret, h_ret, &cb))
 			return (dsa);
 		DSA_free(dsa);
 	}
        return (NULL);
 }
 #endif
 static isc_result_t
 openssldsa_generate(dst_key_t *key, int unused) {
 	DSA *dsa;
--- a/lib/dns/opensslrsa_link.c
+++ b/lib/dns/opensslrsa_link.c
@@ -17,7 +17,7 @@
 /*
 * Principal Author: Brian Wellington
- * $Id: opensslrsa_link.c,v 1.5 2005/11/30 03:33:49 marka Exp $
+ * $Id: opensslrsa_link.c,v 1.6 2006/03/01 02:31:40 marka Exp $
 */
 #ifdef OPENSSL
@@ -68,6 +68,12 @@
 	(rsa)->flags &= ~(RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE); \
 	(rsa)->flags &= ~RSA_FLAG_BLINDING; \
 	} while (0)
 #elif defined(RSA_FLAG_NO_BLINDING)
 #define SET_FLAGS(rsa) \
 	do { \
 		(rsa)->flags &= ~RSA_FLAG_BLINDING; \
 		(rsa)->flags |= RSA_FLAG_NO_BLINDING; \
 	} while (0)
 #else
 #define SET_FLAGS(rsa) \
 	do { \
@@ -262,6 +268,94 @@ opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
 	return (ISC_TRUE);
 }
 #ifndef HAVE_RSA_GENERATE_KEY
 /* ====================================================================
 * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */
 static RSA *
 RSA_generate_key(int bits, unsigned long e_value,
 		 void (*callback)(int,int,void *), void *cb_arg)
 {
        BN_GENCB cb;
        size_t i;
        RSA *rsa = RSA_new();
        BIGNUM *e = BN_new();
        if (rsa == NULL || e == NULL)
 		goto err;
        /* The problem is when building with 8, 16, or 32 BN_ULONG,
         * unsigned long can be larger */
        for (i = 0; i < sizeof(unsigned long) * 8; i++) {
                if ((e_value & (1UL<<i)) != 0)
                        BN_set_bit(e, i);
 	}
        BN_GENCB_set_old(&cb, callback, cb_arg);
        if (RSA_generate_key_ex(rsa, bits, e, &cb)) {
                BN_free(e);
                return (rsa);
        }
 err:
        if (e != NULL)
 		BN_free(e);
        if (rsa != NULL)
 		RSA_free(rsa);
        return (NULL);
 }
 #endif
 static isc_result_t
 opensslrsa_generate(dst_key_t *key, int exp) {
 	RSA *rsa;