--- openssl097-0.9.7g.orig/apps/CA.pl
+++ openssl097-0.9.7g/apps/CA.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/local/bin/perl
 #
 # CA - wrapper around ca to make it easier to use ... basically ca requires
 #      some setup stuff to be done before you can use it and this makes
@@ -63,6 +63,7 @@
 foreach (@ARGV) {
 	if ( /^(-\?|-h|-help)$/ ) {
 	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
+	    print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
 	    exit 0;
 	} elsif (/^-newcert$/) {
 	    # create a certificate
@@ -158,6 +159,7 @@
 	} else {
 	    print STDERR "Unknown arg $_\n";
 	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
+	    print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
 	    exit 1;
 	}
 }
--- openssl097-0.9.7g.orig/apps/CA.pl.in
+++ openssl097-0.9.7g/apps/CA.pl.in
@@ -63,6 +63,7 @@
 foreach (@ARGV) {
 	if ( /^(-\?|-h|-help)$/ ) {
 	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
+	    print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
 	    exit 0;
 	} elsif (/^-newcert$/) {
 	    # create a certificate
@@ -158,6 +159,7 @@
 	} else {
 	    print STDERR "Unknown arg $_\n";
 	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
+	    print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
 	    exit 1;
 	}
 }
--- openssl097-0.9.7g.orig/apps/progs.h
+++ openssl097-0.9.7g/apps/progs.h
@@ -35,11 +35,9 @@
 extern int spkac_main(int argc,char *argv[]);
 extern int smime_main(int argc,char *argv[]);
 extern int rand_main(int argc,char *argv[]);
-extern int prime_main(int argc,char *argv[]);
-#ifndef OPENSSL_NO_ENGINE
 extern int engine_main(int argc,char *argv[]);
-#endif
 extern int ocsp_main(int argc,char *argv[]);
+extern int prime_main(int argc,char *argv[]);
 
 #define FUNC_TYPE_GENERAL	1
 #define FUNC_TYPE_MD		2
@@ -95,9 +93,7 @@
 #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
 	{FUNC_TYPE_GENERAL,"s_client",s_client_main},
 #endif
-#ifndef OPENSSL_NO_SPEED
 	{FUNC_TYPE_GENERAL,"speed",speed_main},
-#endif
 #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
 	{FUNC_TYPE_GENERAL,"s_time",s_time_main},
 #endif
@@ -116,11 +112,9 @@
 	{FUNC_TYPE_GENERAL,"spkac",spkac_main},
 	{FUNC_TYPE_GENERAL,"smime",smime_main},
 	{FUNC_TYPE_GENERAL,"rand",rand_main},
-	{FUNC_TYPE_GENERAL,"prime",prime_main},
-#ifndef OPENSSL_NO_ENGINE
 	{FUNC_TYPE_GENERAL,"engine",engine_main},
-#endif
 	{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
+	{FUNC_TYPE_GENERAL,"prime",prime_main},
 #ifndef OPENSSL_NO_MD2
 	{FUNC_TYPE_MD,"md2",dgst_main},
 #endif
--- openssl097-0.9.7g.orig/config
+++ openssl097-0.9.7g/config
@@ -163,8 +163,8 @@
 	echo "${MACHINE}-whatever-linux1"; exit 0
 	;;
 
-    GNU*)
-	echo "hurd-x86"; exit 0;
+    GNU:*|GNU/*:*)
+	echo "${MACHINE}-gnuish"; exit 0;
 	;;
 
     LynxOS:*)
--- openssl097-0.9.7g.orig/Configure
+++ openssl097-0.9.7g/Configure
@@ -1,4 +1,4 @@
-:
+#!/usr/local/bin/perl
 eval 'exec perl -S $0 ${1+"$@"}'
     if $running_under_some_shell;
 ##
@@ -390,6 +390,42 @@
 # assembler versions -- currently defunct:
 ##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}",
 
+# Debian GNU/* (various architectures)
+"debian-alpha","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+#"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+#"debian-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-ia64","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+#"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC",
+"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -mcpu=i486 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -mcpu=i586 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -mcpu=i686 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-mips",   "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-mipsel",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-netbsd-i386",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-netbsd-m68k",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-netbsd-sparc",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-openbsd-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-openbsd-i386",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-openbsd-mips","gcc:-O2 -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
+"debian-sh3",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-sh4",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-sh3eb",   "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-sh4eb",   "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v8 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,-Av8plus -fomit-frame-pointer -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
 # bn86-elf.o file file since it is hand tweaked assembler.
 "linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -1316,7 +1352,8 @@
 	elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
 		{
 		my $sotmp = $1;
-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
+#		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
+		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
 		}
 	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
 		{
--- openssl097-0.9.7g.orig/crypto/asn1/charmap.pl
+++ openssl097-0.9.7g/crypto/asn1/charmap.pl
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl -w
+#!/usr/local/bin/perl
 
 use strict;
 
--- openssl097-0.9.7g.orig/crypto/bn/asm/ppc.pl
+++ openssl097-0.9.7g/crypto/bn/asm/ppc.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/local/bin/perl
 #
 # Implemented as a Perl wrapper as we want to support several different
 # architectures with single file. We pick up the target based on the
--- openssl097-0.9.7g.orig/crypto/md5/asm/md5-sparcv9.S
+++ openssl097-0.9.7g/crypto/md5/asm/md5-sparcv9.S
@@ -74,14 +74,14 @@
 #define Dval	R8
 
 #if defined(MD5_BLOCK_DATA_ORDER)
-# if defined(OPENSSL_SYSNAME_ULTRASPARC)
+/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/
 #  define	LOAD			lda
 #  define	X(i)			[%i1+i*4]%asi
 #  define	md5_block		md5_block_asm_data_order_aligned
 #  define	ASI_PRIMARY_LITTLE	0x88
-# else
+/*# else
 #  error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!"
-# endif
+# endif*/
 #else
 # define	LOAD			ld
 # define	X(i)			[%i1+i*4]
--- openssl097-0.9.7g.orig/crypto/opensslconf.h
+++ openssl097-0.9.7g/crypto/opensslconf.h
@@ -4,17 +4,38 @@
 /* OpenSSL was configured with the following options: */
 #ifndef OPENSSL_DOING_MAKEDEPEND
 
+#ifndef OPENSSL_NO_IDEA
+# define OPENSSL_NO_IDEA
+#endif
+#ifndef OPENSSL_NO_MDC2
+# define OPENSSL_NO_MDC2
+#endif
+#ifndef OPENSSL_NO_RC5
+# define OPENSSL_NO_RC5
+#endif
 #ifndef OPENSSL_NO_KRB5
 # define OPENSSL_NO_KRB5
 #endif
 
 #endif /* OPENSSL_DOING_MAKEDEPEND */
+#ifndef OPENSSL_THREADS
+# define OPENSSL_THREADS
+#endif
 
 /* The OPENSSL_NO_* macros are also defined as NO_* if the application
    asks for it.  This is a transient feature that is provided for those
    who haven't had the time to do the appropriate changes in their
    applications.  */
 #ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
+#  define NO_IDEA
+# endif
+# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
+#  define NO_MDC2
+# endif
+# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
+#  define NO_RC5
+# endif
 # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
 #  define NO_KRB5
 # endif
@@ -27,7 +48,7 @@
 
 #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
 #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define OPENSSLDIR "/usr/local/ssl"
+#define OPENSSLDIR "/usr/lib/ssl"
 #endif
 #endif
 
@@ -79,7 +100,7 @@
 
 #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
 #define CONFIG_HEADER_BN_H
-#undef BN_LLONG
+#define BN_LLONG
 
 /* Should we define BN_DIV2W here? */
 
@@ -98,7 +119,7 @@
 #define CONFIG_HEADER_RC4_LOCL_H
 /* if this is defined data[i] is used instead of *data, this is a %20
  * speedup on x86 */
-#undef RC4_INDEX
+#define RC4_INDEX
 #endif
 
 #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
@@ -112,14 +133,14 @@
 /* the following is tweaked from a config script, that is why it is a
  * protected undef/define */
 #ifndef DES_PTR
-#undef DES_PTR
+#define DES_PTR
 #endif
 
 /* This helps C compiler generate the correct code for multiple functional
  * units.  It reduces register dependancies at the expense of 2 more
  * registers */
 #ifndef DES_RISC1
-#undef DES_RISC1
+#define DES_RISC1
 #endif
 
 #ifndef DES_RISC2
@@ -133,7 +154,7 @@
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
  * Very mucy CPU dependant */
 #ifndef DES_UNROLL
-#undef DES_UNROLL
+#define DES_UNROLL
 #endif
 
 /* These default values were supplied by
--- openssl097-0.9.7g.orig/crypto/pkcs7/pk7_mime.c
+++ openssl097-0.9.7g/crypto/pkcs7/pk7_mime.c
@@ -277,9 +277,9 @@
 
 		if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
 			strcmp(hdr->value, "application/pkcs7-signature")) {
-			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
 			PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
 			ERR_add_error_data(2, "type: ", hdr->value);
+			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
 			sk_BIO_pop_free(parts, BIO_vfree);
 			return NULL;
 		}
--- openssl097-0.9.7g.orig/crypto/rc4/asm/rc4-amd64.pl
+++ openssl097-0.9.7g/crypto/rc4/asm/rc4-amd64.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/local/bin/perl
 #
 # ====================================================================
 # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
--- openssl097-0.9.7g.orig/crypto/rc4/rc4_enc.c
+++ openssl097-0.9.7g/crypto/rc4/rc4_enc.c
@@ -77,10 +77,6 @@
         x=key->x;     
         y=key->y;     
         d=key->data; 
-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-	/* see crypto/rc4/asm/rc4-ia64.S for further details... */
-	d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
-#endif
 
 #if defined(RC4_CHUNK)
 	/*
--- openssl097-0.9.7g.orig/crypto/rc4/rc4.h
+++ openssl097-0.9.7g/crypto/rc4/rc4.h
@@ -73,10 +73,6 @@
 	{
 	RC4_INT x,y;
 	RC4_INT data[256];
-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-	/* see crypto/rc4/asm/rc4-ia64.S for further details... */
-	RC4_INT pad[512-256-2];
-#endif
 	} RC4_KEY;
 
  
--- openssl097-0.9.7g.orig/crypto/rc4/rc4_skey.c
+++ openssl097-0.9.7g/crypto/rc4/rc4_skey.c
@@ -94,10 +94,6 @@
         unsigned int i;
         
         d= &(key->data[0]);
-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-	/* see crypto/rc4/asm/rc4-ia64.S for further details... */
-	d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
-#endif
 
 	for (i=0; i<256; i++)
 		d[i]=i;
--- openssl097-0.9.7g.orig/crypto/sha/asm/sha1-ia64.pl
+++ openssl097-0.9.7g/crypto/sha/asm/sha1-ia64.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/local/bin/perl
 #
 # ====================================================================
 # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
--- openssl097-0.9.7g.orig/demos/tunala/configure.in
+++ openssl097-0.9.7g/demos/tunala/configure.in
@@ -1,4 +1,4 @@
-dnl Process this file with autoconf to produce a configure script.
+#!/usr/local/bin/perl
 AC_INIT(tunala.c)
 AM_CONFIG_HEADER(config.h)
 AM_INIT_AUTOMAKE(tunala, 0.0.1-dev)
--- openssl097-0.9.7g.orig/doc/apps/CA.pl.pod
+++ openssl097-0.9.7g/doc/apps/CA.pl.pod
@@ -47,7 +47,7 @@
 creates a new certificate request. The private key and request are
 written to the file "newreq.pem".
 
-=item B<-newreq-nowdes>
+=item B<-newreq-nodes>
 
 is like B<-newreq> except that the private key will not be encrypted.
 
--- openssl097-0.9.7g.orig/doc/Makefile
+++ openssl097-0.9.7g/doc/Makefile
@@ -0,0 +1,40 @@
+VERSION =
+
+#PODS = $(wildcard *.pod)
+#MANS = $(addsuffix .man, $(basename $(PODS)))
+
+MANS = openssl.1 ssl.3 crypto.3
+
+P2M = pod2man --center='OpenSSL Documentation' --release="OpenSSL $(VERSION)"
+
+all: manpages
+
+.PHONY: manpages 
+
+manpages: openssl.1 crypto.3 ssl.3
+
+openssl.1:
+	$(P2M) --section=1 openssl.pod > openssl.1
+
+crypto.3:
+	$(P2M) --section=3 crypto.pod > crypto.3
+
+ssl.3:
+	$(P2M) --section=3 ssl.pod > ssl.3
+
+.PHONY: install
+install:
+	mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
+	mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
+	install -m 644 -p openssl.1 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
+	install -m 644 -p crypto.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
+	install -m 644 -p ssl.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
+	rm -f $(MANS)
+
+.PHONY: clean
+clean:
+	rm -f $(MANS)
+
+.PHONY: realclean
+realclean:
+	-$(MAKE) clean
--- openssl097-0.9.7g.orig/Makefile
+++ openssl097-0.9.7g/Makefile
@@ -11,11 +11,11 @@
 SHLIB_VERSION_HISTORY=
 SHLIB_MAJOR=0
 SHLIB_MINOR=9.7
-SHLIB_EXT=
-PLATFORM=dist
-OPTIONS= no-krb5
-CONFIGURE_ARGS=dist
-SHLIB_TARGET=
+SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+PLATFORM=debian-i386
+OPTIONS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug no-krb5
+CONFIGURE_ARGS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug debian-i386
+SHLIB_TARGET=linux-shared
 
 # HERE indicates where this Makefile lives.  This can be used to indicate
 # where sub-Makefiles are expected to be.  Currently has very limited usage,
@@ -26,10 +26,10 @@
 # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
 # Normally it is left empty.
 INSTALL_PREFIX=
-INSTALLTOP=/usr/local/ssl
+INSTALLTOP=/usr
 
 # Do not edit this manually. Use Configure --openssldir=DIR do change this!
-OPENSSLDIR=/usr/local/ssl
+OPENSSLDIR=/usr/lib/ssl
 
 # NO_IDEA - Define to build without the IDEA algorithm
 # NO_RC4  - Define to build without the RC4 algorithm
@@ -59,12 +59,13 @@
 # equal 4.
 # PKCS1_CHECK - pkcs1 tests.
 
-CC= cc
+#TOP=$(shell pwd)
+CC= gcc
 #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-CFLAG= -DOPENSSL_NO_KRB5 -O
-DEPFLAG= 
+CFLAG= -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DL_ENDIAN -DTERMIO -O3  -Wall -g
+DEPFLAG= -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 
 PEX_LIBS= 
-EX_LIBS= 
+EX_LIBS= -ldl
 EXE_EXT= 
 ARFLAGS= 
 AR=ar $(ARFLAGS) r
@@ -72,7 +73,7 @@
 PERL= /usr/bin/perl
 TAR= tar
 TARFLAGS= --no-recursion
-MAKEDEPPROG=makedepend
+MAKEDEPPROG= gcc
 
 # We let the C compiler driver to take care of .s files. This is done in
 # order to be excused from maintaining a separate set of architecture
@@ -177,13 +178,13 @@
 # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
 SHLIB_MARK=
 
-DIRS=   crypto fips ssl $(SHLIB_MARK) sigs apps test tools
+DIRS=   crypto fips ssl $(SHLIB_MARK) sigs apps doc tools
 SHLIBDIRS= crypto ssl
 
 # dirs in crypto to build
 SDIRS=  objects \
-	md2 md4 md5 sha mdc2 hmac ripemd \
-	des rc2 rc4 rc5 idea bf cast \
+	md2 md4 md5 sha hmac ripemd \
+	des rc2 rc4 bf cast \
 	bn ec rsa dsa dh dso engine aes \
 	buffer bio stack lhash rand err \
 	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
@@ -196,10 +197,10 @@
 
 MAKEFILE= Makefile
 
-MANDIR=$(OPENSSLDIR)/man
+MANDIR=/usr/share/man
 MAN1=1
 MAN3=3
-MANSUFFIX=
+MANSUFFIX=ssl
 SHELL=/bin/sh
 
 TOP=    .
@@ -211,7 +212,7 @@
 SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
 SHARED_SSL=libssl$(SHLIB_EXT)
 SHARED_LIBS=
-SHARED_LIBS_LINK_EXTS=
+SHARED_LIBS_LINK_EXTS=.so
 SHARED_LDFLAGS=
 
 GENERAL=        Makefile
@@ -826,7 +827,7 @@
 	do \
 		if [ -f "$$i" ]; then \
 		(       echo installing $$i; \
-			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
+			cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
 			if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
 				: ; \
 			else \
--- openssl097-0.9.7g.orig/Makefile.org
+++ openssl097-0.9.7g/Makefile.org
@@ -57,6 +57,7 @@
 # equal 4.
 # PKCS1_CHECK - pkcs1 tests.
 
+#TOP=$(shell pwd)
 CC= gcc
 #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
 CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
@@ -175,7 +176,7 @@
 # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
 SHLIB_MARK=
 
-DIRS=   crypto fips ssl $(SHLIB_MARK) sigs apps test tools
+DIRS=   crypto fips ssl $(SHLIB_MARK) sigs apps doc tools
 SHLIBDIRS= crypto ssl
 
 # dirs in crypto to build
@@ -194,10 +195,10 @@
 
 MAKEFILE= Makefile
 
-MANDIR=$(OPENSSLDIR)/man
+MANDIR=/usr/share/man
 MAN1=1
 MAN3=3
-MANSUFFIX=
+MANSUFFIX=ssl
 SHELL=/bin/sh
 
 TOP=    .
@@ -824,7 +825,7 @@
 	do \
 		if [ -f "$$i" ]; then \
 		(       echo installing $$i; \
-			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
+			cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
 			if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
 				: ; \
 			else \
--- openssl097-0.9.7g.orig/os2/backwardify.pl
+++ openssl097-0.9.7g/os2/backwardify.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl -w
+#!/usr/local/bin/perl
 use strict;
 
 # Use as $0
--- openssl097-0.9.7g.orig/ssl/s23_srvr.c
+++ openssl097-0.9.7g/ssl/s23_srvr.c
@@ -528,9 +528,7 @@
 			}
 
 		s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-		if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
-			use_sslv2_strong ||
-			(s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
+		if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
 			s->s2->ssl2_rollback=0;
 		else
 			/* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
--- openssl097-0.9.7g.orig/ssl/ssl_algs.c
+++ openssl097-0.9.7g/ssl/ssl_algs.c
@@ -109,3 +109,8 @@
 	return(1);
 	}
 
+#undef SSLeay_add_ssl_algorithms
+int SSLeay_add_ssl_algorithms(void)
+    {
+         return SSL_library_init();
+    }
--- openssl097-0.9.7g.orig/tools/c_rehash
+++ openssl097-0.9.7g/tools/c_rehash
@@ -6,7 +6,7 @@
 
 my $openssl;
 
-my $dir = "/usr/local/ssl";
+my $dir = "/usr/lib/ssl";
 
 if(defined $ENV{OPENSSL}) {
 	$openssl = $ENV{OPENSSL};
--- openssl097-0.9.7g.orig/tools/c_rehash.in
+++ openssl097-0.9.7g/tools/c_rehash.in
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl
+#!/usr/bin/perl
 
 
 # Perl c_rehash script, scan all files in a directory
--- openssl097-0.9.7g.orig/util/clean-depend.pl
+++ openssl097-0.9.7g/util/clean-depend.pl
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl -w
+#!/usr/local/bin/perl
 # Clean the dependency list in a makefile of standard includes...
 # Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
 
--- openssl097-0.9.7g.orig/util/extract-names.pl
+++ openssl097-0.9.7g/util/extract-names.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/local/bin/perl
 
 $/ = "";			# Eat a paragraph at once.
 while(<STDIN>) {
--- openssl097-0.9.7g.orig/util/mkdef.pl
+++ openssl097-0.9.7g/util/mkdef.pl
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl -w
+#!/usr/local/bin/perl
 #
 # generate a .def file
 #
--- openssl097-0.9.7g.orig/util/mkerr.pl
+++ openssl097-0.9.7g/util/mkerr.pl
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl -w
+#!/usr/local/bin/perl
 
 my $config = "crypto/err/openssl.ec";
 my $debug = 0;
--- openssl097-0.9.7g.orig/util/mkstack.pl
+++ openssl097-0.9.7g/util/mkstack.pl
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl -w
+#!/usr/local/bin/perl
 
 # This is a utility that searches out "DECLARE_STACK_OF()"
 # declarations in .h and .c files, and updates/creates/replaces
--- openssl097-0.9.7g.orig/util/pod2man.pl
+++ openssl097-0.9.7g/util/pod2man.pl
@@ -1,4 +1,4 @@
-: #!/usr/bin/perl-5.005
+#!/usr/local/bin/perl
     eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
 	if $running_under_some_shell;
 
--- openssl097-0.9.7g.orig/util/selftest.pl
+++ openssl097-0.9.7g/util/selftest.pl
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl -w
+#!/usr/local/bin/perl
 #
 # Run the test suite and generate a report
 #
--- openssl097-0.9.7g.orig/VMS/VMSify-conf.pl
+++ openssl097-0.9.7g/VMS/VMSify-conf.pl
@@ -1,4 +1,4 @@
-#! /usr/bin/perl
+#!/usr/local/bin/perl
 
 use strict;
 use warnings;
--- openssl097-0.9.7g.orig/debian/po/sv.po
+++ openssl097-0.9.7g/debian/po/sv.po
@@ -0,0 +1,61 @@
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
+# Developers do not need to manually edit POT or PO files.
+# , fuzzy
+# 
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: openssl 0.9.7g-2\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: 2005-09-28 19:22-0700\n"
+"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
+"Language-Team: Swedish <sv@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=iso-8859-1\n"
+"Content-Transfer-Encoding: 8bit"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr "Vilka tj�nster ska startas om f�r att f� dom att anv�nda de nya biblioteken?"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+"S�kerhetsh�len fixades i denna versionen. Tj�nster kommer inte att anv�nda denna version f�rr�n de har startats om. Notera: startar du om sshd kommer inte fixen aktiveras f�r redan etablerade anslutningar."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+"F�ljande �r en lista p� uppt�cka tj�nster som beh�ver startas om. V�nligen unders�k listan och du tror den �r felaktig. Namnen p� tj�nsterna m�ste vara identiska som skriptnamnen i /etc/init.d och m�ste separeras med mellanslag. Om du rensar listan kommer inga tj�nster att startas om."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
+"Om andra tj�nster b�rjar att f� underliga problem efter denna uppgradering kanske de m�ste startas om ocks�.  Vi rekommenderar att du startar om din maskin f�r att inte f� SSL-relaterade problem."
+
--- openssl097-0.9.7g.orig/debian/po/templates.pot
+++ openssl097-0.9.7g/debian/po/templates.pot
@@ -0,0 +1,59 @@
+#
+#    Translators, if you are not familiar with the PO format, gettext
+#    documentation is worth reading, especially sections dedicated to
+#    this format, e.g. by running:
+#         info -n '(gettext)PO Files'
+#         info -n '(gettext)Header Entry'
+#
+#    Some information specific to po-debconf are available at
+#            /usr/share/doc/po-debconf/README-trans
+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+#    Developers do not need to manually edit POT or PO files.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
--- openssl097-0.9.7g.orig/debian/po/ca.po
+++ openssl097-0.9.7g/debian/po/ca.po
@@ -0,0 +1,59 @@
+# openssl (debconf) translation to Catalan.
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# Aleix Badia i Bosch <abadia@ica.es>, 2004
+msgid ""
+msgstr ""
+"Project-Id-Version: openssl_0.9.7d-1_templates\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: 2004-04-08 19:46GMT\n"
+"Last-Translator: Aleix Badia i Bosch <abadia@ica.es>\n"
+"Language-Team: Catalan <debian-l10n-catalan@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr ""
+"Quina serveis s'han de reiniciar perquè utilitzin les noves biblioteques?"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+"Aquesta versió resol els errors de seguretat. Els serveis no utilitzaran les "
+"correccions fins que no s'hagin reiniciat. Nota: reiniciant l'sshd no "
+"s'afectarà cap connexió existent."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+"És una llista de serveis que s'ha detectat que s'haurien de reiniciar, "
+"corregiu-la si és incorrecta. El nom dels serveis hauria de ser idèntic als "
+"noms de les seqüències del directori /etc/init.d i haurien d'estar separats "
+"per espais. Si suprimiu la llista no es reiniciarà cap servei."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
+"Si després de l'actualització d'altres serveis fallen de forma inexplicable, "
+"probablement també sigui necessari reiniciar-los. Us recomanem que per "
+"evitar els problemes relacionats amb l'SSL reinicieu l'ordinador."
--- openssl097-0.9.7g.orig/debian/po/da.po
+++ openssl097-0.9.7g/debian/po/da.po
@@ -0,0 +1,70 @@
+# translation of openssl_0.9.7d-1_templates.po to Danish
+#
+#    Translators, if you are not familiar with the PO format, gettext
+#    documentation is worth reading, especially sections dedicated to
+#    this format, e.g. by running:
+#         info -n '(gettext)PO Files'
+#         info -n '(gettext)Header Entry'
+#    Some information specific to po-debconf are available at
+#            /usr/share/doc/po-debconf/README-trans
+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans#
+#    Developers do not need to manually edit POT or PO files.
+# Claus Hindsgaul <claus_h@image.dk>, 2004.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: openssl_0.9.7d-1_templates\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: 2004-04-02 16:08+0200\n"
+"Last-Translator: Claus Hindsgaul <claus_h@image.dk>\n"
+"Language-Team: Danish <dansk@klid.dk>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.3.1\n"
+"Plural-Forms:  nplurals=2; plural=(n != 1);\n"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr "Hvilke services skal genstartes, s� de benytter de nye biblioteker?"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+"Der lukket nogle sikkerhedshuller i denne version af openssl. Disse huller "
+"bliver ikke lukket i dine services f�r de er blevet genstartet. Bem�rk at "
+"det ikke vil p�virke eksisterende forbindelser at genstarte ssh."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+"Herunder ser du en liste over fundne services, som b�r genstartes. Ret "
+"listen, hvis du mener at den ikke er korrekt. Servicenavnene skal v�re "
+"identiske med skriptnavnene i /etc/init.d, og skal adskilles med mellemrum. "
+"Hvis du sletter listen, vil ingen services blive genstartet."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
+"Hvis andre services begynder at fejle p� mystisk vis efter denne "
+"opgradering, kan det v�re n�dvendigt ogs� at genstarte disse. Vi anbefaler "
+"dig kraftigt at genstarte din maskine for at undg� SSL-relaterede problemer."
--- openssl097-0.9.7g.orig/debian/po/cs.po
+++ openssl097-0.9.7g/debian/po/cs.po
@@ -0,0 +1,68 @@
+#
+#    Translators, if you are not familiar with the PO format, gettext
+#    documentation is worth reading, especially sections dedicated to
+#    this format, e.g. by running:
+#         info -n '(gettext)PO Files'
+#         info -n '(gettext)Header Entry'
+#
+#    Some information specific to po-debconf are available at
+#            /usr/share/doc/po-debconf/README-trans
+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+#    Developers do not need to manually edit POT or PO files.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: openssl\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: 2004-09-26 17:40+0200\n"
+"Last-Translator: Miroslav Kure <kurem@debian.cz>\n"
+"Language-Team: Czech <provoz@debian.cz>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-2\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr "Kter� slu�by se maj� restartovat, aby za�aly vyu��vat nov� knihovny?"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+"V t�to verzi bal�ku byly opraveny bezbe�nostn� chyby. Tyto opravy se v "
+"programech projev� a� po jejich restartu. Pozn�mka: restart sshd by nem�l "
+"ovlivnit st�vaj�c� spojen�."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+"N�sleduje seznam rozpoznan�ch slu�eb, kter� je t�eba restartovat. Pokud se "
+"v�m zd�, �e je tento seznam chybn�, m��ete jej opravit. N�zvy slu�eb mus� "
+"b�t shodn� s n�zvy skript� v adres��i /etc/init.d a mus� b�t odd�leny "
+"mezerami. Pokud seznam vyma�ete, nebude restartov�na ��dn� slu�ba."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
+"Jestli�e po t�to aktualizaci za�nou selh�vat n�kter� slu�by, mo�n� bude "
+"nutn� je takt� restartovat. Abyste se vyhnuli probl�m�m spojen�ch se SSL, "
+"doporu�ujeme restartovat cel� po��ta�."
--- openssl097-0.9.7g.orig/debian/po/pt_BR.po
+++ openssl097-0.9.7g/debian/po/pt_BR.po
@@ -0,0 +1,69 @@
+#
+#    Translators, if you are not familiar with the PO format, gettext
+#    documentation is worth reading, especially sections dedicated to
+#    this format, e.g. by running:
+#         info -n '(gettext)PO Files'
+#         info -n '(gettext)Header Entry'
+#
+#    Some information specific to po-debconf are available at
+#            /usr/share/doc/po-debconf/README-trans
+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+#    Developers do not need to manually edit POT or PO files.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: openssl\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: 2004-04-04 15:21-0300\n"
+"Last-Translator: Andr� Lu�s Lopes <andrelop@debian.org>\n"
+"Language-Team: Debian-BR Project <debian-l10n-portuguese@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr "Quais servi�os devem ser reiniciados para utilizar novas bibliotecas ?"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+"Falhas de seguran�a foram corrigidas nesta vers�o. Alguns servi�os podem n�o "
+"utilizar estas corre��es at� que sejam reiniciados. Note : reiniciar o sshd "
+"n�o afetar� nenhuma conex�o j� estabelecida."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+"A seguir ser� exibida uma lista de servi�os que foram detectados e que "
+"precisam ser reiniciados. Por favor, corrija a lista caso voc� tenha certeza "
+"que ela esteja incorreta. Os nomes dos servi�os devem ser id�nticos aos "
+"nomes dos scripts sob o diret�rio /etc/init.d e devem estar separados por "
+"espa�os. Caso voc� esvazie a lista, nenhum servi�o ser� reiniciado."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
+"Caso outros servi�os comecem a falhar misteriosamente ap�s esta atualiza��o, "
+"pode ser necess�rio reinici�-los tamb�m. Recomendados fortemente que voc� "
+"reinicie sua m�quina para evitar problemas relacionados a SSL."
--- openssl097-0.9.7g.orig/debian/po/es.po
+++ openssl097-0.9.7g/debian/po/es.po
@@ -0,0 +1,85 @@
+# openssl translation to spanish
+# Copyright (C) 2004 Software in the Public Interest
+# This file is distributed under the same license as the openssl package.
+#
+# Changes:
+# - Initial translation
+#       Lucas Wall <kthulhu@kadath.com.ar>, 2004
+#
+#
+#  Traductores, si no conoce el formato PO, merece la pena leer la 
+#  documentaci�n de gettext, especialmente las secciones dedicadas a este
+#  formato, por ejemplo ejecutando:
+#         info -n '(gettext)PO Files'
+#         info -n '(gettext)Header Entry'
+#
+# Equipo de traducci�n al espa�ol, por favor lean antes de traducir
+# los siguientes documentos:
+# 
+# - El proyecto de traducci�n de Debian al espa�ol
+#   http://www.debian.org/intl/spanish/coordinacion
+#   especialmente las notas de traducci�n en
+#   http://www.debian.org/intl/spanish/notas
+#
+# - La gu�a de traducci�n de po's de debconf:
+#   /usr/share/doc/po-debconf/README-trans
+#   o http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: openssl 0.9.7d-3\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: 2004-06-12 15:23-0300\n"
+"Last-Translator: Lucas Wall <kthulhu@kadath.com.ar>\n"
+"Language-Team: Debian Spanish <debian-l10n-spanish@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-15\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr ""
+"�Qu� servicios desea reiniciar para que utilicen las nuevas bibliotecas?"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+"En esta versi�n se han solucionado problemas de seguridad. Los servicios "
+"afectados no gozar�n de los arreglos hasta que no se hayan reiniciado. Nota: "
+"reiniciar el servicio �sshd� no afectar� ninguna de las conexiones "
+"existentes."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+"Una lista de los servicios que deben ser reiniciados se presenta a "
+"continuaci�n. Si cree que no es correcta haga los ajustes necesarios. Los "
+"nombres de los servicios deben ser iguales a los nombres de los ficheros en "
+"�/etc/init.d� y debe estar separados por espacios. Ning�n servicio ser� "
+"reiniciado si deja la lista en blanco."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
+"Si, tras esta actualizaci�n, otros servicios comienzan a fallar en forma "
+"misteriosa puede ser necesario reiniciarlos tambi�n. Para evitar problemas "
+"relacionados con �SSL� se le recomienda reiniciar su sistema."
--- openssl097-0.9.7g.orig/debian/po/fr.po
+++ openssl097-0.9.7g/debian/po/fr.po
@@ -0,0 +1,69 @@
+#
+#    Translators, if you are not familiar with the PO format, gettext
+#    documentation is worth reading, especially sections dedicated to
+#    this format, e.g. by running:
+#         info -n '(gettext)PO Files'
+#         info -n '(gettext)Header Entry'
+#    Some information specific to po-debconf are available at
+#            /usr/share/doc/po-debconf/README-trans
+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans#
+#    Developers do not need to manually edit POT or PO files.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: openssl_0.9.7c-5\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: 2003-10-22 21:37+0200\n"
+"Last-Translator: Michel Grentzinger <mic.grentz@online.fr>\n"
+"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-15\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr "Services � red�marrer afin d'utiliser les nouvelles biblioth�ques"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+"Des failles de s�curit� on �t� corrig�es dans cette version. Les services ne "
+"devraient pas utiliser ces correctifs tant qu'ils n'auront pas �t� "
+"red�marr�s. Note�: le red�marrage de sshd n'affectera aucune connexion "
+"existante."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+"La liste suivante recense tous les services devant �tre red�marr�s. Veuillez "
+"corriger la liste si vous pensez qu'elle contient des erreurs. Les noms des "
+"services doivent �tre identiques aux noms des scripts pr�sents dans /etc/"
+"init.d et doivent �tre s�par�s par des espaces. Si vous effacez la liste, "
+"aucun service ne sera red�marr�."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
+"Si d'autres services ne fonctionnent plus correctement apr�s cette mise � "
+"jour, il est sans doute n�cessaire de les red�marrer de la m�me fa�on. Il "
+"est fortement recommand� de red�marrer votre machine pour �viter les "
+"probl�mes li�s � SSL."
--- openssl097-0.9.7g.orig/debian/po/nl.po
+++ openssl097-0.9.7g/debian/po/nl.po
@@ -0,0 +1,71 @@
+#    Translators, if you are not familiar with the PO format, gettext

+#    documentation is worth reading, especially sections dedicated to

+#    this format, e.g. by running:

+#         info -n '(gettext)PO Files'

+#         info -n '(gettext)Header Entry'

+# 

+#    Some information specific to po-debconf are available at

+#            /usr/share/doc/po-debconf/README-trans

+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans

+# 

+#    Developers do not need to manually edit POT or PO files.

+# 

+msgid ""
+msgstr ""
+"Project-Id-Version: openssl 0.9.7d-5\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: 2004-08-01 18:31+0100\n"
+"Last-Translator: Luk Claes <luk.claes@ugent.be>\n"
+"Language-Team: Debian l10n Dutch <debian-l10n-dutch@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=iso-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr ""
+"Welke diensten moeten herstart worden om ze de nieuwe bibliotheken te laten "
+"gebruiken?"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+"Er zijn veiligheidslekken gedicht in deze release. Diensten gebruiken deze "
+"versie misschien niet totdat ze herstart zijn. Merk op: sshd herstarten zou "
+"geen effect mogen hebben op bestaande verbindingen."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+"Hierna volgt een lijst van gedetecteerde diensten die herstart moeten "
+"worden. Verbeter de lijst, als u denkt dat ze incorrect is. De namen moeten "
+"overeenkomen met de script-namen in /etc/init.d en moeten gescheiden worden "
+"door spaties. Als u de lijst ledigt, dan zullen er geen diensten worden "
+"herstart."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
+"Als er andere diensten mysterieus beginnen te falen na deze opwaardering, "
+"kan het nodig zijn om ze ook te herstarten. Er wordt u ten zeerste "
+"aanbevolen uw machine te herstarten om SSL-gerelateerde problemen te "
+"vermijden."
--- openssl097-0.9.7g.orig/debian/po/ja.po
+++ openssl097-0.9.7g/debian/po/ja.po
@@ -0,0 +1,69 @@
+#
+#    Translators, if you are not familiar with the PO format, gettext
+#    documentation is worth reading, especially sections dedicated to
+#    this format, e.g. by running:
+#         info -n '(gettext)PO Files'
+#         info -n '(gettext)Header Entry'
+#
+#    Some information specific to po-debconf are available at
+#            /usr/share/doc/po-debconf/README-trans
+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+#    Developers do not need to manually edit POT or PO files.
+#
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: openssl 0.9.7d-1\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: 2004-03-24 23:41+0900\n"
+"Last-Translator: Hideki Yamane <henrich@samba.gr.jp>\n"
+"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=EUC-JP\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr "�ɤΥ����ӥ��򿷤����饤�֥���Ȥ�����˺Ƶ�ư���ޤ���?"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+"����Υ�꡼���ǥ������ƥ��ۡ��뤬��������ޤ������ƥ����ӥ��ϺƵ�ư��Ԥ�"
+"�ޤǤ��ν������줿�饤�֥������Ѥ��ޤ�������: sshd �κƵ�ư�ϸ�������³��"
+"�ϲ���ƶ����ޤ���"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+"�ʲ����Ƶ�ư��ɬ�פ���Ƚ�Ǥ��줿�����ӥ��Υꥹ�ȤǤ����ְ�äƤ���Ȼפä���"
+"�������Ƥ��������������ӥ�̾�� /etc/init.d �ˤ��륹����ץȤ�̾����ؤ�������"
+"�Ƕ��ڤ�ɬ�פ�����ޤ����ꥹ�Ȥ����ξ��ϡ������ӥ��κƵ�ư��ɬ�פ���ޤ�"
+"��"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
+"¾�Υ����ӥ��������ǤΥ��åץ��졼�ɤθ�˲��Τ����顼�򵯤����Ϥ᤿��硢��"
+"����Ƶ�ư����ɬ�פ�����ޤ���SSL ��Ϣ�Υȥ�֥���򤱤뤿��˥ޥ����Ƶ�"
+"ư����Τ򶯤������ᤷ�ޤ���"
--- openssl097-0.9.7g.orig/debian/po/POTFILES.in
+++ openssl097-0.9.7g/debian/po/POTFILES.in
@@ -0,0 +1 @@
+[type: gettext/rfc822deb] libssl0.9.7.templates
--- openssl097-0.9.7g.orig/debian/po/vi.po
+++ openssl097-0.9.7g/debian/po/vi.po
@@ -0,0 +1,61 @@
+# Vietnamese translation for openssl.
+# Copyright © 2005 Free Software Foundation, Inc.
+# Clytie Siddall <clytie@riverland.net.au>, 2005.
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: openssl 0.9.7g-1\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
+"PO-Revision-Date: 2005-07-03 12:49+0930\n"
+"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n"
+"Language-Team: Vietnamese <gnomevi-list@lists.sourceforge.net>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0\n"
+"X-Generator: LocFactoryEditor 1.2.2\n"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid "Which services should be restarted to make them use the new libraries?"
+msgstr "Để dùng những thư viên mới, cần phải khởi chạy lại dịch vụ nào?"
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Security holes were fixed with this release. Services may not use these "
+"fixes until they are restarted. Note: restarting sshd should not affect any "
+"existing connections."
+msgstr ""
+"Phiên bản phát hành này đã sửa một số lỗ hổng bảo mật rồi. Dịch vụ sẽ dùng "
+"mã đã sửa chỉ sau khi khởi chạy lại thôi. Ghi chú: khởi chạy lại sshd nên "
+"không làm ảnh hưởng đến sự kết nối hiện thời nào."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"Following is a list of detected services that need to be restarted. Please "
+"correct the list, if you think it is incorrect. The services names must be "
+"identical to the script names in /etc/init.d and must be separated by "
+"spaces. If you clear the list, no services will be restarted."
+msgstr ""
+"Theo đây có một danh sách dịch vụ đã phát hiện mà cần phải khởi chạy lại. "
+"Bạn hãy sửa danh sách nếu chưa đúng. Tên dịch vụ phải là cùng một tên với "
+"tên tập lệnh trong «/etc/init.d», những tên định giới bằng dấu cách. Nếu bạn "
+"xóa hết danh sách thì sẽ không khởi chạy lại dịch vụ nào."
+
+#. Type: string
+#. Description
+#: ../libssl0.9.7.templates:3
+msgid ""
+"If other services begin to fail mysteriously after this upgrade, it may be "
+"necessary to restart them too.  We strongly recommend you to reboot your "
+"machine to avoid the SSL related trouble."
+msgstr ""
+"Nếu dịch vụ khác mới bị lỗi một cách lạ sau việc nâng cấp này, có lẽ bạn "
+"cũng cần phải khởi chạy lại chúng. Khuyến khích nặng bạn khởi động máy này "
+"để tránh lỗi liên quan đến SSL."
--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.docs
+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.docs
@@ -0,0 +1 @@
+demos
--- openssl097-0.9.7g.orig/debian/control
+++ openssl097-0.9.7g/debian/control
@@ -0,0 +1,27 @@
+Source: openssl097
+Build-Depends: debhelper (>= 4.2.0), binutils (>= 2.14.90.0.7), zlib1g-dev
+Section: utils
+Priority: optional
+Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
+Uploaders: Christoph Martin <christoph.martin@uni-mainz.de>, Kurt Roeckx <kurt@roeckx.be>
+Standards-Version: 3.6.1
+
+Package: libssl0.9.7
+Section: oldlibs
+Priority: important
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Conflicts: ssleay (<< 0.9.2b), libssl, openssl (<< 0.9.6-2), libssl096-dev (<< 0.9.6-2)
+Description: SSL shared libraries
+ libssl and libcrypto shared libraries needed by programs like
+ apache-ssl, telnet-ssl and openssh.
+ .
+ It is part of the OpenSSL implementation of SSL.
+
+Package: libssl0.9.7-dbg
+Section: libdevel
+Priority: extra
+Architecture: any
+Depends: libssl0.9.7 (= ${Source-Version})
+Description: Symbol tables for libssl and libcrypt
+ This package is part of the OpenSSL implementation of SSL.
--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.prerm
+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.prerm
@@ -0,0 +1,3 @@
+#!/bin/sh -e
+
+#DEBHELPER#
--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.postinst
+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.postinst
@@ -0,0 +1,3 @@
+#!/bin/sh -e
+
+#DEBHELPER#
--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.files
+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.files
@@ -0,0 +1,9 @@
+usr/lib/libssl.so
+usr/lib/libcrypto.so
+usr/lib/libssl.a
+usr/lib/libcrypto.a
+usr/lib/libssl_pic.a
+usr/lib/libcrypto_pic.a
+usr/lib/pkgconfig/openssl.pc
+usr/include
+usr/share/man/man3
--- openssl097-0.9.7g.orig/debian/libssl0.9.7.templates
+++ openssl097-0.9.7g/debian/libssl0.9.7.templates
@@ -0,0 +1,15 @@
+Template: libssl0.9.7/restart-services
+Type: string
+_Description: Which services should be restarted to make them use the new libraries?
+ Security holes were fixed with this release. Services may not use these
+ fixes until they are restarted. Note: restarting sshd should not affect any
+ existing connections.
+ .
+ Following is a list of detected services that need to be restarted. Please
+ correct the list, if you think it is incorrect. The services names must be
+ identical to the script names in /etc/init.d and must be separated by
+ spaces. If you clear the list, no services will be restarted.
+ .
+ If other services begin to fail mysteriously after this upgrade, it may be
+ necessary to restart them too.  We strongly recommend you to reboot your
+ machine to avoid the SSL related trouble.
--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.dirs
+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.dirs
@@ -0,0 +1,3 @@
+usr/lib
+usr/share/doc/libssl0.9.7-dev
+usr/share/man
--- openssl097-0.9.7g.orig/debian/README.optimization
+++ openssl097-0.9.7g/debian/README.optimization
@@ -0,0 +1,32 @@
+openssl ships optimized libraries for some cpus. The loading of these
+libraries depends on the ability of the dynamic linker to automaticly
+search additional directories depending on the cpu. If you want to
+find out which are these directories for your computer, run the
+following command:
+
+LD_LIBRARY_PATH=/usr/lib strace true 2>&1 | fgrep "open(\"/usr/lib"
+
+On a Pentium III this gives:
+
+open("/usr/lib/i686/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
+open("/usr/lib/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
+open("/usr/lib/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
+open("/usr/lib/libc.so.6", O_RDONLY)    = -1 ENOENT (No such file or directory)
+
+Following is a list of cpus, library paths and possible optimizations:
+
+486		/usr/lib/i486	-march=i486 -mcpu=i486 +asm
+Pentium 	/usr/lib/i586	-march=i586 -mcpu=i586 +asm
+Pentium MMX	/usr/lib/i586	-march=i586 -mcpu=i586 +asm
+Pentium II	/usr/lib/i686	-march=i686 -mcpu=i686 +asm
+Pentium III	/usr/lib/i686	-march=i686 -mcpu=i686 +asm
+AMD-K6		/usr/lib/i586	-march=i586 -mcpu=i586 +asm
+AMD-K7		/usr/lib/i686	-march=i686 -mcpu=i686 +asm
+
+Sparc v8	/usr/lib/v8	-mcpu=v8              +asm
+Sparc v9	/usr/lib/v9	-mcpu=v9 -Wa,-Av8plus +asm
+
+Alpha EV4	/usr/lib/ev4	-mcpu=ev4
+Alpha EV5	/usr/lib/ev5	-mcpu=ev5
+
++asm means that the handcrafted 586 assembler routines can be used. 
--- openssl097-0.9.7g.orig/debian/libssl0.9.7.dirs
+++ openssl097-0.9.7g/debian/libssl0.9.7.dirs
@@ -0,0 +1,2 @@
+usr/lib
+usr/share/doc/libssl0.9.7
--- openssl097-0.9.7g.orig/debian/libssl0.9.7.files
+++ openssl097-0.9.7g/debian/libssl0.9.7.files
@@ -0,0 +1,3 @@
+usr/lib/*.so.*.*.*
+usr/lib/*/*.so.*.*.*
+usr/lib/i686/cmov/*.so.*.*.*
--- openssl097-0.9.7g.orig/debian/changelog
+++ openssl097-0.9.7g/debian/changelog
@@ -0,0 +1,689 @@
+openssl097 (0.9.7g-5) unstable; urgency=medium
+
+  * Add the shlibs for libcrypto again, removed by accident.
+  * Change priority of -dbg package to extra.
+  * Remove the libssl0.9.7-dev package.
+  * Add security patch for CAN-2005-2969, setting urgency to medium.
+
+ -- Kurt Roeckx <kurt@roeckx.be>  Wed, 12 Oct 2005 21:07:19 +0200
+
+openssl097 (0.9.7g-4) unstable; urgency=low
+
+  * Reintroduce openssl 0.9.7 source package to provide the old
+    library version. This should make packages linked against
+    the old version installable again. (Closes: #332892)
+  * Drop the openssl and libcrypto0.9.7-udeb package.
+  * Rename libssl-dev to libssl0.9.7-dev.
+  * Add myself to the Uploaders field.
+
+ -- Kurt Roeckx <kurt@roeckx.be>  Mon, 10 Oct 2005 18:38:30 +0200
+
+openssl (0.9.7g-3) unstable; urgency=low
+
+  * change Configure line for debian-freebsd-i386 to debian-kfreebsd-i386
+    (closes: #327692)
+  * include -dbg version. That implies compiling with -g and without
+    -fomit-frame-pointer (closes: #293823, #153811)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 23 Sep 2005 13:51:57 +0200
+
+openssl (0.9.7g-2) unstable; urgency=low
+
+  * really include nl translation
+  * remove special ia64 code from rc4 code to make the abi compatible to
+    older 0.9.7 versions (closes: #310489, #309274)
+  * fix compile flag for debian-ppc64 (closes: #318750)
+  * small fix in libssl0.9.7.postinst (closes: #239956)
+  * fix pk7_mime.c to prevent garbled messages because of to early memory
+    free (closes: #310184)
+  * include vietnamese debconf translation (closes: #316689)
+  * make optimized i386 libraries have non executable stack (closes:
+    #321721)
+  * remove leftover files from ssleay
+  * move from dh_installmanpages to dh_installman
+  * change Maintainer to pkg-openssl-devel@lists.alioth.debian.org
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  7 Sep 2005 15:32:54 +0200
+
+openssl (0.9.7g-1) unstable; urgency=low
+
+  * New upstream release
+    * Added support for proxy certificates according to RFC 3820.
+      Because they may be a security thread to unaware applications,
+      they must be explicitely allowed in run-time.  See
+      docs/HOWTO/proxy_certificates.txt for further information.
+    * Prompt for pass phrases when appropriate for PKCS12 input format.
+    * Back-port of selected performance improvements from development
+      branch, as well as improved support for PowerPC platforms.
+    * Add lots of checks for memory allocation failure, error codes to indicate
+      failure and freeing up memory if a failure occurs.
+    * Perform some character comparisons of different types in X509_NAME_cmp:
+      this is needed for some certificates that reencode DNs into UTF8Strings
+      (in violation of RFC3280) and can't or wont issue name rollover
+      certificates.
+  * corrected watchfile
+  * added upstream source url (closes: #292904)
+  * fix typo in CA.pl.1 (closes: #290271)
+  * change debian-powerpc64 to debian-ppc64 and adapt the configure
+    options to be the same like upstream (closes: #289841)
+  * include -signcert option in CA.pl usage
+  * compile with zlib-dynamic to use system zlib (closes: #289872)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon,  9 May 2005 23:32:03 +0200
+
+openssl (0.9.7e-3) unstable; urgency=high
+
+  * really fix der_chop. The fix from -1 was not really included (closes:
+    #281212) 
+  * still fixes security problem CAN-2004-0975 etc.
+    - tempfile raise condition in der_chop
+    - Avoid a race condition when CRLs are checked in a multi threaded 
+      environment.
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 16 Dec 2004 18:41:29 +0100
+
+openssl (0.9.7e-2) unstable; urgency=high
+
+  * fix perl path in der_chop and c_rehash (closes: #281212)
+  * still fixes security problem CAN-2004-0975 etc.
+    - tempfile raise condition in der_chop
+    - Avoid a race condition when CRLs are checked in a multi threaded 
+      environment.
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sun, 14 Nov 2004 20:16:21 +0100
+
+openssl (0.9.7e-1) unstable; urgency=high
+
+  * SECURITY UPDATE: fix insecure temporary file handling
+  * apps/der_chop: 
+    - replaced $$-style creation of temporary files with
+      File::Temp::tempfile()
+    - removed unused temporary file name in do_certificate()
+  * References:
+    CAN-2004-0975 (closes: #278260)
+  * fix ASN1_STRING_to_UTF8 with UTF8 (closes: #260357)
+  * New upstream release with security fixes
+    - Avoid a race condition when CRLs are checked in a multi threaded 
+      environment.
+    - Various fixes to s3_pkt.c so alerts are sent properly.
+    - Reduce the chances of duplicate issuer name and serial numbers (in
+      violation of RFC3280) using the OpenSSL certificate creation
+      utilities. 
+  * depends openssl on perl-base instead of perl (closes: #280225)
+  * support powerpc64 in Configure (closes: #275224)
+  * include cs translation (closes: #273517)
+  * include nl translation (closes: #272479)
+  * Fix default dir of c_rehash (closes: #253126)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 12 Nov 2004 14:11:15 +0100
+
+openssl (0.9.7d-5) unstable; urgency=low
+
+  * Make S/MIME encrypt work again (backport from CVS) (closes: #241407,
+    #241386)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 26 Jul 2004 17:22:42 +0200
+
+openssl (0.9.7d-4) unstable; urgency=low
+
+  * add Catalan translation (closes: #248749)
+  * add Spanish translation (closes: #254561)
+  * include NMU fixes: see below
+  * decrease optimisation level for debian-arm to work around gcc bug
+    (closes: #253848) (thanks to Steve Langasek and Thom May)
+  * Add libcrypto0.9.7-udeb. (closes: #250010) (thanks to Bastian Blank)
+  * Add watchfile
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 14 Jul 2004 14:31:02 +0200
+
+openssl (0.9.7d-3) unstable; urgency=low
+
+  * rename -pic.a libraries to _pic.a (closes: #250016)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 24 May 2004 17:02:29 +0200
+
+openssl (0.9.7d-2) unstable; urgency=low
+
+  * include PIC libs (libcrypto-pic.a and libssl-pic.a) to libssl-dev
+    (closes: #246928, #243999)
+  * add racoon to restart list (closes: #242652)
+  * add Brazilian, Japanese and Danish translations (closes: #242087,
+    #241830, #241705)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 11 May 2004 10:13:49 +0200
+
+openssl (0.9.7d-1) unstable; urgency=high
+
+  * new upstream
+  * fixes security holes (http://www.openssl.org/news/secadv_20040317.txt)
+    (closes: #238661)
+  * includes support for debian-amd64 (closes: #235551, #232310)
+  * fix typo in pem.pod (closes: #219873)
+  * fix typo in libssl0.9.7.templates (closes: #224690)
+  * openssl suggests ca-certificates (closes: #217180)
+  * change debconf template to gettext format (closes: #219013)
+  * include french debconf template (closes: #219014)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 18 Mar 2004 16:18:43 +0100
+
+openssl (0.9.7c-5) unstable; urgency=low
+
+  * include openssl.pc into libssl-dev (closes: #212545)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 16 Oct 2003 16:31:32 +0200
+
+openssl (0.9.7c-4) unstable; urgency=low
+
+  * change question to restart services to debconf (closes: #214840)
+  * stop using dh_undocumented (closes: #214831)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 10 Oct 2003 15:40:48 +0200
+
+openssl (0.9.7c-3) unstable; urgency=low
+
+  * fix POSIX conformance for head in libssl0.9.7.postinst (closes:
+    #214700) 
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  8 Oct 2003 14:02:38 +0200
+
+openssl (0.9.7c-2) unstable; urgency=low
+
+  * add filerc macro to libssl0.9.7.postinst (closes: #213906)
+  * restart spamassassins spamd on upgrade (closes: #214106)
+  * restart more services on upgrade
+  * fix EVP_BytesToKey manpage (closes: #213715)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue,  7 Oct 2003 15:01:32 +0200
+
+openssl (0.9.7c-1) unstable; urgency=high
+
+  * upstream security fix (closes: #213451)
+   - Fix various bugs revealed by running the NISCC test suite:
+     Stop out of bounds reads in the ASN1 code when presented with
+     invalid tags (CAN-2003-0543 and CAN-2003-0544).
+     Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545).
+     If verify callback ignores invalid public key errors don't try to check
+     certificate signature with the NULL public key.
+   - In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
+     if the server requested one: as stated in TLS 1.0 and SSL 3.0
+     specifications.
+  * more minor upstream bugfixes
+  * fix formatting in c_issuer (closes: #190026)
+  * fix Debian-FreeBSD support (closes: #200381)
+  * restart some services in postinst to make them use the new libraries
+  * remove duplicated openssl.1, crypto.3 and ssl.3 (closes: #198594)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  1 Oct 2003 08:54:27 +0200
+
+openssl (0.9.7b-2) unstable; urgency=high
+
+  * fix permission of /etc/ssl/private to 700 again
+  * change section of libssl-dev to libdevel
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 23 Apr 2003 11:13:24 +0200
+
+openssl (0.9.7b-1) unstable; urgency=high
+
+  * upstream security fix
+   - Countermeasure against the Klima-Pokorny-Rosa extension of
+     Bleichbacher's attack on PKCS #1 v1.5 padding: treat
+     a protocol version number mismatch like a decryption error
+     in ssl3_get_client_key_exchange (ssl/s3_srvr.c). (CAN-2003-0131)
+    (closes: #189087)
+   - Turn on RSA blinding by default in the default implementation
+     to avoid a timing attack. Applications that don't want it can call
+     RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
+     They would be ill-advised to do so in most cases. (CAN-2003-0147)
+   - Change RSA blinding code so that it works when the PRNG is not
+     seeded (in this case, the secret RSA exponent is abused as
+     an unpredictable seed -- if it is not unpredictable, there
+     is no point in blinding anyway).  Make RSA blinding thread-safe
+     by remembering the creator's thread ID in rsa->blinding and
+     having all other threads use local one-time blinding factors
+     (this requires more computation than sharing rsa->blinding, but
+     avoids excessive locking; and if an RSA object is not shared
+     between threads, blinding will still be very fast).
+    for more details see the CHANGES file
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 16 Apr 2003 10:32:57 +0200
+
+openssl (0.9.7a-1) unstable; urgency=high
+
+  * upstream Security fix
+    - In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
+      via timing by performing a MAC computation even if incorrrect
+      block cipher padding has been found.  This is a countermeasure
+      against active attacks where the attacker has to distinguish
+      between bad padding and a MAC verification error. (CAN-2003-0078)
+    for more details see the CHANGES file
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 21 Feb 2003 22:39:40 +0100
+
+openssl (0.9.7-4) unstable; urgency=low
+
+  * use DH_COMPAT=3 to build
+  * move i686 to i686/cmov to fix problems on Via C3. For that to work we
+    have to depend on the newest libc6 on i386 (closes: #177891)
+  * fix bug in ui_util.c (closes: #177615)
+  * fix typo in md5.h (closes: #178112)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 24 Jan 2003 10:22:56 +0100
+
+openssl (0.9.7-3) unstable; urgency=low
+
+  * enable build of ultrasparc code on non ultrasparc machines (closes:
+    #177024) 
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 17 Jan 2003 08:22:13 +0100
+
+openssl (0.9.7-2) unstable; urgency=low
+
+  * include changes between 0.9.6g-9 and -10 
+    * fix problem in build-process on i386 with libc6 version number
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 13 Jan 2003 14:26:56 +0100
+
+openssl (0.9.7-1) unstable; urgency=low
+
+  * new upstream
+    * includes engine support
+    * a lot of bugfixes and enhancements, see the CHANGES file
+    * include AES encryption
+    * makes preview of certificate configurable (closes: #176059)
+    * fix x509 manpage (closes: #168070)
+    * fix declaration of ERR_load_PEM_string in pem.h (closes: #141360)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 11 Jan 2003 09:12:16 +0100
+
+openssl (0.9.6g-10) unstable; urgency=low
+
+  * fix problem in build-process on i386 with libc6 version number
+    (closes: #167096)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon,  4 Nov 2002 12:27:21 +0100
+
+openssl (0.9.6g-9) unstable; urgency=low
+
+  * fix typo in i386 libc6 depend (sigh) (closes: #163848)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue,  8 Oct 2002 23:29:20 +0200
+
+openssl (0.9.6g-8) unstable; urgency=low
+
+  * fix libc6 depends. Only needed for i386 (closes: #163701)
+  * remove SHLIB section for bsds from Configure (closes: #163585)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue,  8 Oct 2002 10:57:35 +0200
+
+openssl (0.9.6g-7) unstable; urgency=low
+
+  * enable i686 optimisation and depend on fixed glibc (closes: #163500)
+  * remove transition package ssleay
+  * include optimisation vor sparcv8 (closes: #139996)
+  * improve optimisation vor sparcv9
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sun,  6 Oct 2002 14:07:12 +0200
+
+openssl (0.9.6g-6) unstable; urgency=low
+
+  * temporarily disable i686 optimisation (See bug in glibc #161788)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 21 Sep 2002 18:56:49 +0200
+
+openssl (0.9.6g-5) unstable; urgency=low
+
+  * i486 can use i586 assembler
+  * include set -xe in the for loops in the rules files to make it abort
+    on error (closes: #161768)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 21 Sep 2002 16:23:11 +0200
+
+openssl (0.9.6g-4) unstable; urgency=low
+
+  * fix optimization for alpha and sparc
+  * add optimization for i486
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 20 Sep 2002 22:36:19 +0200
+
+openssl (0.9.6g-3) unstable; urgency=low
+
+  * add optimized libraries for i586, i686, ev4, ev5 and v9 (closes: #139783)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 19 Sep 2002 18:33:04 +0200
+
+openssl (0.9.6g-2) unstable; urgency=low
+
+  * fix manpage names (closes: #156717, #156718, #156719, #156721)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 15 Aug 2002 11:26:37 +0200
+
+openssl (0.9.6g-1) unstable; urgency=low
+
+  * new upstream version
+  * Use proper error handling instead of 'assertions' in buffer
+    overflow checks added in 0.9.6e.  This prevents DoS (the
+    assertions could call abort()). (closes: #155985, #156495)
+  * Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
+    and get fix the header length calculation.
+  * include support for new sh* architectures (closes: #155117)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 14 Aug 2002 13:59:22 +0200
+
+openssl (0.9.6e-1) unstable; urgency=high
+
+  * fixes remote exploits (see DSA-136-1)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 30 Jul 2002 18:32:28 +0200
+
+openssl (0.9.6d-1) unstable; urgency=low
+
+  * new upstream (minor) version
+  * includes Configure lines for debian-*bsd-* (closes: #130413)
+  * fix wrong prototype for BN_pseudo_rand_range in BN_rand(3ssl) (closes:
+    #144586) 
+  * fix typos in package description (closes: #141469)
+  * fix typo in SSL_CTX_set_cert_store manpage (closes: #135297)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon,  3 Jun 2002 19:42:10 +0200
+
+openssl (0.9.6c-2) unstable; urgency=low
+
+  * moved from non-US to main
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 19 Mar 2002 14:48:39 +0100
+
+openssl (0.9.6c-1) unstable; urgency=low
+
+  * new upstream version with a lot of bugfixes
+  * remove directory /usr/include/openssl from openssl package (closes:
+    bug #121226)  
+  * remove selfdepends from libssl0.9.6
+  * link openssl binary shared again
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat,  5 Jan 2002 19:04:31 +0100
+
+openssl (0.9.6b-4) unstable; urgency=low
+
+  * build with -D_REENTRANT for threads support on all architectures
+    (closes: #112329, #119239)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 24 Nov 2001 12:17:51 +0100
+
+openssl (0.9.6b-3) unstable; urgency=low
+
+  * disable idea, mdc2 and rc5 because they are not free (closes: #65368) 
+  * ready to be moved from nonus to main
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 21 Nov 2001 17:51:41 +0100
+
+openssl (0.9.6b-2) unstable; urgency=high
+
+  * fix definition of crypt in des.h (closes: #107533)
+  * fix descriptions (closes: #109503)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 17 Sep 2001 15:38:27 +0200
+
+openssl (0.9.6b-1) unstable; urgency=medium
+
+  * new upstream fixes some security issues (closes: #105835, #100146) 
+  * added support for s390 (closes: #105681)
+  * added support for sh (closes: #100003)
+  * change priority of libssl096 to standard as ssh depends on it (closes:
+    #105440) 
+  * don't optimize for i486 to support i386. (closes: #104127, #82194)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 20 Jul 2001 15:52:42 +0200
+
+openssl (0.9.6a-3) unstable; urgency=medium
+
+  * add perl-base to builddeps
+  * include static libraries in libssl-dev (closes: #93688)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 14 May 2001 20:16:06 +0200
+
+openssl (0.9.6a-2) unstable; urgency=medium
+
+  * change Architecture of ssleay from any to all (closes: #92913)
+  * depend libssl-dev on the exact same version of libssl0.9.6 (closes:
+    #88939) 
+  * remove lib{crypto,ssl}.a from openssl (closes: #93666)
+  * rebuild with newer gcc to fix atexit problem (closes: #94036)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  2 May 2001 12:28:39 +0200
+
+openssl (0.9.6a-1) unstable; urgency=medium
+
+  * new upstream, fixes some security bugs (closes: #90584)
+  * fix typo in s_server manpage (closes: #89756)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 10 Apr 2001 12:13:11 +0200
+
+openssl (0.9.6-2) unstable; urgency=low
+
+  * policy: reorganisation of package names: libssl096 -> libssl0.9.6,
+    libssl096-dev -> libssl-dev (closes: #83426)
+  * libssl0.9.6 drops replaces libssl09 (Closes: #83425)
+  * install upstream CHANGES files (Closes: #83430)
+  * added support for hppa and ia64 (Closes: #88790)
+  * move man3 manpages to libssl-dev (Closes: #87546)
+  * fix formating problem in rand_add(1) (Closes: #87547)
+  * remove manpage duplicates (Closes: #87545, #74986)
+  * make package descriptions clearer (Closes: #83518, #83444)
+  * increase default emailAddress_max from 40 to 60 (Closes: #67238)
+  * removed RSAREF warning (Closes: #84122)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu,  8 Mar 2001 14:24:00 +0100
+
+openssl (0.9.6-1) unstable; urgency=low
+
+  * New upstream version (Thanks to Enrique Zanardi <ezanard@debian.org>)
+    (closes: #72388)
+  * Add support for debian-hurd (closes: #76032)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 13 Nov 2000 22:30:46 +0100
+
+openssl (0.9.5a-5) unstable; urgency=low
+
+  * move manpages in standard directories with section ssl (closes:
+    #72152, #69809)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu,  5 Oct 2000 19:56:20 +0200
+
+openssl (0.9.5a-4) unstable; urgency=low
+
+  * include edg_rand_bytes patch from and for apache-ssl 
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 23 Sep 2000 16:48:06 +0200
+
+openssl (0.9.5a-3) unstable; urgency=low
+
+  * fix call to dh_makeshlibs to create correct shlibs file and make
+    dependend programs link correctly (closes: Bug#61658)
+  * include a note in README.debian concerning the location of the
+    subcommand manpages (closes: Bug#69809)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 16 Sep 2000 19:10:50 +0200
+
+openssl (0.9.5a-2) unstable; urgency=low
+
+  * try to fix the sharedlib problem. change soname of library 
+  (closes: Bug#4622, #66102, #66538, #66123) 
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 12 Jul 2000 03:26:30 +0200
+
+openssl (0.9.5a-1) unstable; urgency=low
+
+  * new upstream version (major changes see file NEWS) (closes: Bug#63976,
+    #65239, #65358)
+  * new library package libssl095a because of probably changed library
+    interface (closes: Bug#46222)
+  * added architecture mips and mipsel (closes: Bug#62437, #60366)
+  * provide shlibs.local file in build to help build if libraries are not
+    yet installed (closes: Bug#63984)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sun, 11 Jun 2000 15:17:35 +0200
+
+openssl (0.9.4-5) frozen unstable; urgency=medium
+
+  * cleanup of move of doc directories to /usr/share/doc (closes:
+    Bug#56430) 
+  * lintian issues (closes: Bug#49358)
+  * move demos from openssl to libssl09-dev (closes: Bug#59201)
+  * move to debhelpers
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 11 Mar 2000 10:38:04 +0100
+
+openssl (0.9.4-4) unstable; urgency=medium
+
+  * Added 'debian-arm' in 'Configure'. (closes: Bug#54251, #54766)
+  * Fixed Configure for 'debian-m68k' (closes: Bug#53636)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 15 Jan 2000 13:16:18 +0100
+
+openssl (0.9.4-3) unstable; urgency=low
+
+  * define symbol SSLeay_add_ssl_algorithms for backward compatibility
+    (closes: Bug#46882)
+  * remove manpages from /usr/doc/openssl (closes: Bug#46791)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 14 Oct 1999 16:51:08 +0200
+
+openssl (0.9.4-2) unstable; urgency=low
+
+  * include some more docu in pod format (Bug #43933)
+  * removed -mv8 from sparc flags (Bug #44769)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 14 Sep 1999 22:04:06 +0200
+
+openssl (0.9.4-1) unstable; urgency=low
+
+  * new upstream version (Closes: #42926)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 28 Aug 1999 17:04:23 +0200
+
+openssl (0.9.3a-1) unstable; urgency=low
+
+  * new upstream version (Bug #38345, #38627)
+  * sparc is big-endian (Bug #39973)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  7 Jul 1999 16:03:37 +0200
+
+openssl (0.9.2b-3) unstable; urgency=low
+
+  * correct move conffiles to /etc/ssl (Bug #38570)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 31 May 1999 21:08:07 +0200
+
+openssl (0.9.2b-2) unstable; urgency=low
+
+  * added convenience package ssleay to help upgrade to openssl (Bug
+    #37185, #37623, #36326)
+  * added some missing dependencies from libssl09 (Bug #36681, #35867,
+    #36326) 
+  * move lib*.so to libssl09-dev (Bug #36761)
+  * corrected version numbers of library files
+  * introduce link from /usr/lib/ssl to /etc/ssl (Bug #36710)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sun, 23 May 1999 14:57:48 +0200
+
+openssl (0.9.2b-1) unstable; urgency=medium
+
+  * First openssl version
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 31 Mar 1999 15:54:26 +0200
+
+ssleay (0.9.0b-2) unstable; urgency=low
+
+  * Include message about the (not)usage of RSAREF (#24409)
+  * Move configfiles from /usr/lib/ssl to /etc/ssl (#26406)
+  * Change definitions for sparc (#26487)
+  * Added missing dependency (#28591)
+  * Make debian/libtool executable (#29708)
+  * /etc/ssl/lib/ssleay.cnf is now a confile (#32624)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sun, 21 Mar 1999 19:41:04 +0100
+
+ssleay (0.9.0b-1) unstable; urgency=low
+
+  * new upstream version (Bug #21227, #25971)
+  * build shared libraries with -fPIC (Bug #20027)
+  * support sparc architecture (Bug #28467)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 13 Oct 1998 10:20:13 +0200
+
+ssleay (0.8.1-7) frozen unstable; urgency=high
+
+  * security fix patch to 0.8.1b (bug #24022)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon,  6 Jul 1998 15:42:15 +0200
+
+ssleay (0.8.1-6) frozen unstable; urgency=low
+
+  * second try to fix bug #15235 (copyright was still missing)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 22 Jun 1998 08:56:27 +0200
+
+ssleay (0.8.1-5) frozen unstable; urgency=high
+
+  * changed /dev/random to /dev/urandom (Bug #23169, #17817)
+  * copyright contains now the full licence (Bug #15235)
+  * fixed bug #19410 (md5sums-lists-nonexisting-file)
+  * added demos to /usr/doc (Bug #17372)
+  * fixed type in package description (Bug #18969)
+  * fixed bug in adding documentation (Bug #21463)
+  * added patch for support of debian-powerpc (Bug #21579)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 18 Jun 1998 23:09:13 +0200
+
+ssleay (0.8.1-4) unstable; urgency=low
+
+  * purged dependency from libc5
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 11 Nov 1997 15:31:50 +0100
+
+ssleay (0.8.1-3) unstable; urgency=low
+
+  * changed packagename libssl to libssl08 to get better dependancies
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri,  7 Nov 1997 14:23:17 +0100
+
+ssleay (0.8.1-2) unstable; urgency=low
+
+  * linked shared libraries against libc6
+  * use /dev/random for randomseed
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  5 Nov 1997 11:21:40 +0100
+
+ssleay (0.8.1-1) unstable; urgency=low
+
+  * new upstream version
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 16 Oct 1997 16:15:43 +0200
+
+ssleay (0.6.6-2) unstable; urgency=low
+
+  * cleanup in diffs
+  * removed INSTALL from docs (bug #13205)
+  * split libssl and libssl-dev (but #13735)
+
+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 15 Oct 1997 17:38:38 +0200
+
+ssleay (0.6.6-1) unstable; urgency=low
+
+  * New upstream version
+  * added shared libraries for libcrypto and libssl
+
+ -- Christoph Martin <martin@uni-mainz.de>  Thu, 26 Jun 1997 19:26:14 +0200
+
+ssleay (0.6.4-2) unstable; urgency=low
+
+  * changed doc filenames from .doc to .txt to be able to read them
+    over with webbrowser
+
+ -- Christoph Martin <martin@uni-mainz.de>  Tue, 25 Feb 1997 14:02:53 +0100
+
+ssleay (0.6.4-1) unstable; urgency=low
+
+  * Initial Release.
+
+ -- Christoph Martin <martin@uni-mainz.de>  Fri, 22 Nov 1996 21:29:51 +0100
--- openssl097-0.9.7g.orig/debian/rules
+++ openssl097-0.9.7g/debian/rules
@@ -0,0 +1,173 @@
+#!/usr/bin/make -f
+# Sample debian.rules file - for GNU Hello (1.3).
+# Copyright 1994,1995 by Ian Jackson.
+# I hereby give you perpetual unlimited permission to copy,
+# modify and relicense this file, provided that you do not remove
+# my name from the file itself.  (I assert my moral right of
+# paternity under the Copyright, Designs and Patents Act 1988.)
+# This file may have to be extensively modified
+#
+# Modified to be a prototype for debmake by Christoph Lameter <clameter@debian.org>
+SHELL=/bin/bash
+export DH_COMPAT=3
+
+package=openssl
+
+# For generating the manpages
+export VERSION=$(shell dpkg-parsechangelog | grep '^Version:' | sed -e 's/^.*://' -e 's/-.*//')
+
+# The binary architeture
+DEB_HOST_ARCH = $(shell dpkg-architecture -qDEB_HOST_ARCH)
+
+CONFARGS  = --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug
+OPT_alpha = ev4 ev5
+OPT_i386  = i486 i586 i686/cmov
+OPT_sparc = v8 v9
+ARCHOPTS  = OPT_$(DEB_HOST_ARCH)
+OPTS      = $($(ARCHOPTS))
+WANTED_LIBC_VERSION = 2.3.1-10
+
+build:
+	dh_testdir
+	perl util/perlpath.pl /usr/bin
+#	perl util/ssldir.pl /usr/lib/ssl
+#	chmod +x debian/libtool
+	./Configure no-shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
+	make -f Makefile DIRS="crypto ssl" all
+	mv libcrypto.a libcrypto.static
+	mv libssl.a libssl.static
+	make -f Makefile DIRS="crypto ssl" clean
+	test -z "$(OPTS)" || for opt in $(OPTS); \
+	do \
+		set -xe; \
+		./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)-$$opt; \
+		make -f Makefile DIRS="crypto ssl" all; \
+		mkdir -p $$opt; \
+		mv libcrypto.so* libssl.so* $$opt/; \
+		make -f Makefile DIRS="crypto ssl" clean; \
+	done
+	./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
+	#make -f Makefile depend
+	ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/
+#	make -f Makefile linux-shared
+	make -f Makefile all
+#	strip apps/openssl
+#	make -f Makefile clean DIRS="crypto ssl"
+#	./Configure --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 debian-$(DEB_HOST_ARCH)
+#	make -f Makefile all DIRS="crypto ssl"
+	touch build
+
+clean:
+	dh_testdir
+	dh_testroot
+	-rm -f build
+	-perl util/perlpath.pl /usr/bin
+	-./Configure $(CONFARGS) debian-$(DEB_HOST_ARCH)
+	-make -f Makefile  clean clean-shared
+	#-make -f Makefile  dclean
+	-perl util/perlpath.pl /usr/local/bin/perl
+#	perl util/ssldir.pl /usr/local/ssl
+	-rm -f test/.rnd test/testkey.pem test/testreq.pem test/certCA.srl
+	-rm -f util/mk1mf.bak Makefile.bak `find . -name Makefile.save` 
+	-rm -f crypto/pem/ctx_size
+	-rm -f `find . -name "*~"`
+	-rm -f `find . -name "*.orig" -o -name "*.rej"`
+	-rm -f certs/*.0 certs/*.1
+#	-rm -rf debian/tmp debian/files* core `find debian/* -type d`
+	-rm -rf core $(OPTS)
+	-rm doc/*.pod
+	-rm -f libcrypto.* libssl.*
+	dh_clean
+
+binary-indep:	build
+	dh_testdir
+	dh_testroot
+# There are no architecture-independent files to be uploaded
+# generated by this package.  If there were any they would be
+# made here.
+
+binary-arch:	build
+	dh_testdir
+	dh_testroot
+	dh_clean
+#	-rm -rf debian/tmp `find debian/* -type d`
+#	install -d debian/tmp debian/libssl0.9.7 debian/libssl0.9.7-dev
+#	cd debian/tmp && install -d `cat ../dirs`
+#	cd debian/libssl09 && install -d `cat ../libssl09.dirs`
+#	cd debian/libssl09-dev && install -d `cat ../libssl09-dev.dirs`
+	dh_installdirs
+#openssl install
+	make -f Makefile  install INSTALL_PREFIX=`pwd`/debian/tmp
+	rm debian/tmp/usr/share/man/man1/openssl.1
+	rm debian/tmp/usr/share/man/man3/crypto.3
+	rm debian/tmp/usr/share/man/man3/ssl.3
+#	rm debian/tmp/usr/lib/libcrypto.a
+#	rm debian/tmp/usr/lib/libssl.a
+	mv debian/tmp/usr/lib/libcrypto.a debian/tmp/usr/lib/libcrypto_pic.a
+	mv debian/tmp/usr/lib/libssl.a debian/tmp/usr/lib/libssl_pic.a
+	cp -pf libcrypto.static debian/tmp/usr/lib/libcrypto.a
+	cp -pf libssl.static debian/tmp/usr/lib/libssl.a
+#	mv debian/tmp/usr/lib/ssl/bin debian/tmp/usr/bin/ssl
+#	(cd debian/tmp/usr/lib/ssl; ln -s /usr/bin/ssl bin)
+#	mv debian/tmp/usr/lib/ssl/include debian/tmp/usr/include/ssl
+#	(cd debian/tmp/usr/lib/ssl; ln -s /usr/include/ssl include)
+#	chmod -x debian/tmp/usr/lib/*.so.*
+#	mv debian/tmp/usr/lib/*.a debian/libssl09-dev/usr/lib/
+#	mv debian/tmp/usr/lib/*.so debian/libssl09-dev/usr/lib/
+#	mv debian/tmp/usr/lib/*.so.*.*.* debian/libssl09/usr/lib/
+#	mv debian/tmp/usr/lib/*.la debian/libssl09-dev/usr/lib/
+#	mv debian/tmp/usr/include debian/libssl09-dev/usr/
+	mkdir -p debian/tmp/etc/ssl
+	mv debian/tmp/usr/lib/ssl/{certs,openssl.cnf,private} debian/tmp/etc/ssl/
+	ln -s /etc/ssl/{certs,openssl.cnf,private} debian/tmp/usr/lib/ssl/
+	cp -auv lib*.so* debian/tmp/usr/lib/
+#	cp -auv lib*.a debian/tmp/usr/lib/
+	for opt in $(OPTS); do set -xe; mkdir -p debian/tmp/usr/lib/$$opt; cp -auv $$opt/lib*.so* debian/tmp/usr/lib/$$opt/; done
+	install debian/copyright debian/libssl0.9.7/usr/share/doc/libssl0.9.7/
+	install debian/changelog debian/libssl0.9.7/usr/share/doc/libssl0.9.7/changelog.Debian
+#	install debian/copyright debian/libssl0.9.7-dev/usr/share/doc/libssl0.9.7-dev/
+#	install debian/changelog debian/libssl0.9.7-dev/usr/share/doc/libssl0.9.7-dev/changelog.Debian
+#	debstd -u CHANGES* LICENSE README NEWS
+	dh_installdocs CHANGES.SSLeay LICENSE README NEWS debian/README.optimization
+	dh_installexamples
+	dh_installchangelogs CHANGES
+#	dh_installmenu
+#	dh_installcron
+	dh_installdebconf
+#	dh_undocumented c_rehash.1
+	dh_movefiles
+#	rmdir debian/tmp/usr/lib/ssl/lib
+#	rmdir debian/tmp/usr/include/openssl
+#	rmdir debian/tmp/usr/include
+#	for opt in $(OPTS); do set -xe; rm -fr debian/tmp/usr/lib/$$opt; done
+	dh_compress
+	dh_fixperms -X etc/ssl/private
+	dh_strip --dbg-package=libssl0.9.7
+	dh_perl -d
+#	dh_suidregister
+	dh_shlibdeps -l`pwd` -Xlibssl.so
+	# Hack, to depend on version of libc6 which supports the i686 directory
+	if [ "${DEB_HOST_ARCH}" == "i386" ]; \
+	then \
+	  SHLIB=`cat debian/libssl0.9.7.substvars`; \
+	  LIBC_VERSION=`echo $$SHLIB | sed s'/.*libc6 (>= \(.*\))/\1/'`; \
+	  if dpkg --compare-versions ${WANTED_LIBC_VERSION} gt $$LIBC_VERSION; \
+	  then \
+	    echo $$SHLIB | sed s'/libc6 (>= \(.*\))/libc6 (>= ${WANTED_LIBC_VERSION})/' > debian/libssl0.9.7.substvars; \
+	  fi \
+	fi
+	dh_gencontrol
+	dh_makeshlibs -m 0.9.7
+	dh_installdeb
+	dh_md5sums
+	dh_builddeb
+	echo -en "\a"
+
+# Below here is fairly generic really
+
+binary:		binary-indep binary-arch
+
+source diff:
+	@echo >&2 'source and diff are obsolete - use dpkg-source -b'; false
+
+.PHONY: binary binary-arch binary-indep clean
--- openssl097-0.9.7g.orig/debian/libssl0.9.7.postinst
+++ openssl097-0.9.7g/debian/libssl0.9.7.postinst
@@ -0,0 +1,139 @@
+#!/bin/sh -e
+
+. /usr/share/debconf/confmodule
+
+package_name()
+{
+    echo $(basename $0 .postinst)
+}
+
+# element() is a helper function for file-rc:
+element() {
+    local element list IFS
+
+    element="$1"
+
+    [ "$2" = "in" ] && shift
+    list="$2"
+    [ "$list" = "-" ] && return 1
+    [ "$list" = "*" ] && return 0
+
+    IFS=","
+    set -- $list
+    case $element in
+	"$1"|"$2"|"$3"|"$4"|"$5"|"$6"|"$7"|"$8"|"$9")
+	    return 0
+    esac
+    return 1
+}
+
+# filerc (runlevel, service) returns /etc/init.d/service, if service is
+# running in $runlevel:
+filerc() {
+    local runlevel basename
+    runlevel=$1
+    basename=$2
+    while read LINE
+    do
+	case $LINE in
+	    \#*|"") continue
+	esac
+
+	set -- $LINE
+	SORT_NO="$1"; STOP="$2"; START="$3"; CMD="$4"
+	[ "$CMD" = "/etc/init.d/$basename" ] || continue
+
+	if element "$runlevel" in "$START" || element "S" in "$START"
+	then
+	    echo "/etc/init.d/$basename"
+	    return 0
+	fi
+    done < /etc/runlevel.conf
+    echo ""
+}
+
+if [ "$1" = "configure" ]
+then
+    if [ ! -z "$2" ]; then
+	if dpkg --compare-versions "$2" lt 0.9.7d-1; then
+	    echo -n "Checking for services that may need to be restarted..."
+
+	    check="sendmail ssh"
+	    check="$check apache2-common ssh-nonfree exim4"
+	    check="$check apache-ssl libapache-mod-ssl openvpn spamassassin"
+	    check="$check courier-imap-ssl courier-mta-ssl courier-pop-ssl"
+	    check="$check postfix-tls cyrus21-imapd cyrus21-pop3d"
+	    check="$check postgresql racoon"
+	    # Only get the ones that are installed, and configured
+	    check=$(dpkg -s $check 2> /dev/null | sed '/^$/{N;/^\n$/D;}' | awk 'BEGIN{RS="\n\n";FS="\n"}{if ( $2 ~ /Status: .* installed$/ ) { print $1 } }' | cut -f 2 -d ' ')
+	    # apache2 ships its init script in apache2-common, but the
+	    # script is apache2
+	    check=$(echo $check | sed 's/apache2-common/apache2/g')
+	    # For mod-ssl apache has to be restarted
+	    check=$(echo $check | sed 's/libapache-mod-ssl/apache/g')
+	    rl=$(runlevel | awk '{print $2}')
+	    for service in $check; do
+		if [ -f /usr/share/file-rc/rc -o -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then
+		    idl=$(filerc $rl $service)
+		else
+		    idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
+		fi
+		if [ -n "$idl" ] && [ -x $idl ]; then
+		    services="$service $services"
+		fi
+	    done
+	    echo "done."
+	    if [ -n "$services" ]; then
+		db_version 2.0
+
+		db_reset libssl0.9.7/restart-services
+		db_set libssl0.9.7/restart-services "$services"
+		db_input critical libssl0.9.7/restart-services || true
+		db_go || true
+		db_get libssl0.9.7/restart-services
+		# Arghhh, close all the stupid debconf pipes
+		db_stop
+		
+		if [ "x$RET" != "x" ]
+		then
+		    services=$RET
+		    answer=yes
+		else
+		    answer=no
+		fi
+		echo
+		if [ "$answer" = yes ] && [ "$services" != "" ]; then
+		    echo "Restarting services possibly affected by the upgrade:"
+		    failed=""
+		    for service in $services; do
+			idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
+			echo -n "  $service: stopping..."
+			$idl stop > /dev/null 2>&1 || true
+			sleep 1
+			echo -n "starting..."
+			if $idl start > /dev/null 2>&1; then
+			    echo "done."
+			else
+			    echo "FAILED! ($?)"
+			    failed="$service $failed"
+			fi
+		    done
+		    echo
+		    if [ -n "$failed" ]; then
+			# Ruh roh, George
+			echo "The following services failed to start: $failed"
+			echo
+			echo "You will need to start these manually by running \`/etc/init.d/<service> start'"
+			echo "If the service still fails to start, you may need to file a bug on"
+			echo "$(package_name) or the service involved."
+		    else
+			echo "Services restarted successfully."
+		    fi
+		    echo
+		fi
+	    fi
+	fi # end upgrading and $2 lt 0.9.7c-1
+    fi # Upgrading
+fi
+
+#DEBHELPER#
--- openssl097-0.9.7g.orig/debian/watch
+++ openssl097-0.9.7g/debian/watch
@@ -0,0 +1,2 @@
+version=2
+ftp://ftp.openssl.org/source/openssl-(\d+\.\d+\.\d+[a-z]?)\.tar\.gz debian uupdate
--- openssl097-0.9.7g.orig/debian/libssl0.9.7.preinst
+++ openssl097-0.9.7g/debian/libssl0.9.7.preinst
@@ -0,0 +1,3 @@
+#!/bin/sh -e
+
+#DEBHELPER#
--- openssl097-0.9.7g.orig/debian/libssl0.9.7.prerm
+++ openssl097-0.9.7g/debian/libssl0.9.7.prerm
@@ -0,0 +1,3 @@
+#!/bin/sh -e
+
+#DEBHELPER#
--- openssl097-0.9.7g.orig/debian/copyright
+++ openssl097-0.9.7g/debian/copyright
@@ -0,0 +1,135 @@
+This package was debianized by Christoph Martin martin@uni-mainz.de on
+Fri, 22 Nov 1996 21:29:51 +0100.
+
+Copyright (c) 1998-2004 The OpenSSL Project
+Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
+
+The upstream sources were obtained from http://www.openssl.org/
+
+
+  LICENSE ISSUES
+  ==============
+
+  The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
+  the OpenSSL License and the original SSLeay license apply to the toolkit.
+  See below for the actual license texts. Actually both licenses are BSD-style
+  Open Source licenses. In case of any license issues related to OpenSSL
+  please contact openssl-core@openssl.org.
+
+  OpenSSL License
+  ---------------
+
+/* ====================================================================
+ * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+ Original SSLeay License
+ -----------------------
+
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
--- openssl097-0.9.7g.orig/debian/shlibs.local
+++ openssl097-0.9.7g/debian/shlibs.local
@@ -0,0 +1,2 @@
+libcrypto 0.9.7 libssl0.9.7
+libssl 0.9.7 libssl0.9.7
--- openssl097-0.9.7g.orig/debian/README.debian
+++ openssl097-0.9.7g/debian/README.debian
@@ -0,0 +1,52 @@
+openssl for DEBIAN
+----------------------
+
+openssl replaces ssleay.
+
+The application links to openssl like req, ca, verify and s_client
+have been removed.
+
+Instead of `<application>` please call now `openssl <application>`
+
+eg: 
+instead of `req` please call `openssl req`
+
+NOTE: The libssl library version for debian-i386 is optimized for
+486-processors and better. It will not run on 386-processors.
+
+----
+Self-signed certs and webservers:
+
+If you get with a selfsigned certificate and a webserver:
+ > "The certificate is not approved for the attempted operation."
+
+Bodo_Moeller@public.uni-hamburg.de (Bodo Moeller) writes:
+>Probably you are using a CA certificate for your server; if you use
+>"openssl req" to generate a new key and self-signed certificate with
+>the default openssl.cnf, the certificate you get includes certain
+>X.509v3 extensions that make it unfit for use as a server certificate.
+>This was not so with earlier versions of the software because back
+>then there was far less X.509v3 support.
+>
+>To look at the certificate some HTTPS server presents to its cliens,
+>use "openssl s_client -port 443 -host your.server", store the output
+>(at least the part from "-----BEGIN CERTIFICATE-----" up to "-----END
+>CERTIFICATE-----", including these separators) in a file and use
+>"openssl x509 -in the_file_you_just_stored -text" to look at it in
+>readable form.  If it has in the "X509v3 extensions section" any of
+>the following entries, it is not usable as a server certificate:
+>
+>            X509v3 Basic Constraints:
+>                CA:TRUE
+>
+>            X509v3 Key Usage:
+>                Certificate Sign, CRL Sign
+>
+>To quickly create a new server key and certificate that works with
+>Netscape, you can just copy the original openssl.cnf file and comment
+>out the "x509_extensions" entry in the "[ req ]" section.
+>The, use "openssl req ..." as before to create a new certificate and
+>key.
+
+
+Christoph Martin <martin@uni-mainz.de>, Wed, 31 Mar 1999 16:00:51 +0200