summaryrefslogtreecommitdiff
path: root/meta/packages/openssl/openssl-0.9.8g/debian.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/packages/openssl/openssl-0.9.8g/debian.patch')
-rw-r--r--meta/packages/openssl/openssl-0.9.8g/debian.patch1281
1 files changed, 1281 insertions, 0 deletions
diff --git a/meta/packages/openssl/openssl-0.9.8g/debian.patch b/meta/packages/openssl/openssl-0.9.8g/debian.patch
new file mode 100644
index 0000000000..bf2e50b6ce
--- /dev/null
+++ b/meta/packages/openssl/openssl-0.9.8g/debian.patch
@@ -0,0 +1,1281 @@
+--- openssl-0.9.8g.orig/Makefile
++++ openssl-0.9.8g/Makefile
+@@ -11,11 +11,11 @@
+ SHLIB_VERSION_HISTORY=
+ SHLIB_MAJOR=0
+ SHLIB_MINOR=9.8
+-SHLIB_EXT=
+-PLATFORM=dist
+-OPTIONS= no-camellia no-gmp no-krb5 no-mdc2 no-rc5 no-rfc3779 no-seed no-shared no-tlsext no-zlib no-zlib-dynamic
+-CONFIGURE_ARGS=dist
+-SHLIB_TARGET=
++SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
++PLATFORM=debian-amd64
++OPTIONS=--prefix=/usr --openssldir=/usr/lib/ssl enable-zlib enable-tlsext no-camellia no-gmp no-idea no-krb5 no-mdc2 no-rc5 no-rfc3779 no-seed no-shared no-zlib-dynamic
++CONFIGURE_ARGS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib enable-tlsext debian-amd64
++SHLIB_TARGET=linux-shared
+
+ # HERE indicates where this Makefile lives. This can be used to indicate
+ # where sub-Makefiles are expected to be. Currently has very limited usage,
+@@ -26,10 +26,10 @@
+ # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+ # Normally it is left empty.
+ INSTALL_PREFIX=
+-INSTALLTOP=/usr/local/ssl
++INSTALLTOP=/usr
+
+ # Do not edit this manually. Use Configure --openssldir=DIR do change this!
+-OPENSSLDIR=/usr/local/ssl
++OPENSSLDIR=/usr/lib/ssl
+
+ # NO_IDEA - Define to build without the IDEA algorithm
+ # NO_RC4 - Define to build without the RC4 algorithm
+@@ -59,11 +59,11 @@
+ # equal 4.
+ # PKCS1_CHECK - pkcs1 tests.
+
+-CC= cc
+-CFLAG= -O
+-DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED -DOPENSSL_NO_TLSEXT
++CC= gcc
++CFLAG= -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall -DMD32_REG_T=int -DMD5_ASM
++DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED
+ PEX_LIBS=
+-EX_LIBS=
++EX_LIBS= -ldl -lz
+ EXE_EXT=
+ ARFLAGS=
+ AR=ar $(ARFLAGS) r
+@@ -71,7 +71,7 @@
+ PERL= /usr/bin/perl
+ TAR= tar
+ TARFLAGS= --no-recursion
+-MAKEDEPPROG=makedepend
++MAKEDEPPROG= gcc
+
+ # We let the C compiler driver to take care of .s files. This is done in
+ # order to be excused from maintaining a separate set of architecture
+@@ -86,15 +86,15 @@
+ PROCESSOR=
+
+ # CPUID module collects small commonly used assembler snippets
+-CPUID_OBJ=
+-BN_ASM= bn_asm.o
++CPUID_OBJ= x86_64cpuid.o
++BN_ASM= x86_64-gcc.o
+ DES_ENC= des_enc.o fcrypt_b.o
+ AES_ASM_OBJ= aes_core.o aes_cbc.o
+ BF_ENC= bf_enc.o
+ CAST_ENC= c_enc.o
+ RC4_ENC= rc4_enc.o
+ RC5_ENC= rc5_enc.o
+-MD5_ASM_OBJ=
++MD5_ASM_OBJ= md5-x86_64.o
+ SHA1_ASM_OBJ=
+ RMD160_ASM_OBJ=
+
+@@ -106,14 +106,14 @@
+ ZLIB_INCLUDE=
+ LIBZLIB=
+
+-DIRS= crypto ssl engines apps test tools
++DIRS= crypto ssl engines apps tools
+ SHLIBDIRS= crypto ssl
+
+ # dirs in crypto to build
+ SDIRS= \
+ objects \
+ md2 md4 md5 sha hmac ripemd \
+- des aes rc2 rc4 idea bf cast \
++ des aes rc2 rc4 bf cast \
+ bn ec rsa dsa ecdsa dh ecdh dso engine \
+ buffer bio stack lhash rand err \
+ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
+@@ -127,10 +127,11 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
++MANSECTION=SSL
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -141,8 +142,8 @@
+ SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+ SHARED_SSL=libssl$(SHLIB_EXT)
+ SHARED_LIBS=
+-SHARED_LIBS_LINK_EXTS=
+-SHARED_LDFLAGS=
++SHARED_LIBS_LINK_EXTS=.so
++SHARED_LDFLAGS=-m64 -Wl,--version-script=openssl.ld
+
+ GENERAL= Makefile
+ BASENAME= openssl
+@@ -310,7 +311,8 @@
+ echo 'Description: OpenSSL cryptography library'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+ libssl.pc: Makefile
+@@ -323,7 +325,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl'; \
++ echo 'Libs.private: -lcrypto $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+ openssl.pc: Makefile
+@@ -336,7 +339,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+
+ Makefile: Makefile.org Configure config
+@@ -480,7 +484,7 @@
+ install_sw:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib \
+- $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \
++ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+@@ -558,7 +562,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+@@ -575,7 +579,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+--- openssl-0.9.8g.orig/VMS/VMSify-conf.pl
++++ openssl-0.9.8g/VMS/VMSify-conf.pl
+@@ -1,4 +1,4 @@
+-#! /usr/bin/perl
++#!/usr/local/bin/perl
+
+ use strict;
+ use warnings;
+--- openssl-0.9.8g.orig/Netware/do_tests.pl
++++ openssl-0.9.8g/Netware/do_tests.pl
+@@ -1,4 +1,4 @@
+-# perl script to run OpenSSL tests
++#!/usr/local/bin/perl
+
+
+ my $base_path = "\\openssl";
+--- openssl-0.9.8g.orig/apps/CA.sh
++++ openssl-0.9.8g/apps/CA.sh
+@@ -91,6 +91,7 @@
+ -out ${CATOP}/$CAREQ
+ $CA -out ${CATOP}/$CACERT $CADAYS -batch \
+ -keyfile ${CATOP}/private/$CAKEY -selfsign \
++ -extensions v3_ca \
+ -infiles ${CATOP}/$CAREQ
+ RET=$?
+ fi
+--- openssl-0.9.8g.orig/apps/CA.pl.in
++++ openssl-0.9.8g/apps/CA.pl.in
+@@ -65,6 +65,7 @@
+ foreach (@ARGV) {
+ if ( /^(-\?|-h|-help)$/ ) {
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 0;
+ } elsif (/^-newcert$/) {
+ # create a certificate
+@@ -165,6 +166,7 @@
+ } else {
+ print STDERR "Unknown arg $_\n";
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 1;
+ }
+ }
+--- openssl-0.9.8g.orig/apps/speed.c
++++ openssl-0.9.8g/apps/speed.c
+@@ -577,7 +577,7 @@
+ #define MAX_BLOCK_SIZE 64
+ #endif
+ unsigned char DES_iv[8];
+- unsigned char iv[MAX_BLOCK_SIZE/8];
++ unsigned char iv[2*MAX_BLOCK_SIZE/8];
+ #ifndef OPENSSL_NO_DES
+ DES_cblock *buf_as_des_cblock = NULL;
+ static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+--- openssl-0.9.8g.orig/apps/CA.pl
++++ openssl-0.9.8g/apps/CA.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+ #
+ # CA - wrapper around ca to make it easier to use ... basically ca requires
+ # some setup stuff to be done before you can use it and this makes
+@@ -65,6 +65,7 @@
+ foreach (@ARGV) {
+ if ( /^(-\?|-h|-help)$/ ) {
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 0;
+ } elsif (/^-newcert$/) {
+ # create a certificate
+@@ -165,6 +166,7 @@
+ } else {
+ print STDERR "Unknown arg $_\n";
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
+ exit 1;
+ }
+ }
+--- openssl-0.9.8g.orig/os2/backwardify.pl
++++ openssl-0.9.8g/os2/backwardify.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl -w
++#!/usr/local/bin/perl
+ use strict;
+
+ # Use as $0
+--- openssl-0.9.8g.orig/Configure
++++ openssl-0.9.8g/Configure
+@@ -1,4 +1,4 @@
+-:
++#!/usr/local/bin/perl
+ eval 'exec perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+ ##
+@@ -118,7 +118,8 @@
+ my $x86_coff_asm="x86cpuid-cof.o:bn86-cof.o co86-cof.o:dx86-cof.o yx86-cof.o:ax86-cof.o:bx86-cof.o:mx86-cof.o:sx86-cof.o s512sse2-cof.o:cx86-cof.o:rx86-cof.o:rm86-cof.o:r586-cof.o";
+ my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o:rm86-out.o:r586-out.o";
+
+-my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o::::md5-x86_64.o:::rc4-x86_64.o::";
++#my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o::::md5-x86_64.o:::rc4-x86_64.o::";
++my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o::::md5-x86_64.o:::::";
+ my $ia64_asm=":bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o:::sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o::";
+
+ my $no_asm="::::::::::";
+@@ -308,6 +309,47 @@
+ "osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared:::.so",
+ "tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
+
++# Debian GNU/* (various architectures)
++"debian-alpha","gcc:-DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev4","gcc:-DTERMIO -O3 -Wa,--noexecstack -mcpu=ev4 -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-alpha-ev5","gcc:-DTERMIO -O3 -Wa,--noexecstack -mcpu=ev5 -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armeb","gcc:-DB_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-armel","gcc:-DL_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-kfreebsd-amd64","gcc:-m64 -DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-freebsd-alpha","gcc:-DTERMIOS -O -Wa,--noexecstack -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ia64","gcc:-DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++#"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC",
++"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-alpha","gcc:-DTERMIOS -O3 -Wa,--noexecstack -g::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wa,--noexecstack -g -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-openbsd-mips","gcc:-O2 -Wa,--noexecstack -g -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-m32r","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -mcpu=v8 -g -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,--noexecstack -Wa,-Av8plus -g -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++
+ ####
+ #### Variety of LINUX:-)
+ ####
+@@ -476,7 +518,7 @@
+ # Cygwin
+ "Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
+ "Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_coff_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+-"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
++-"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+
+ # NetWare from David Ward (dsward@novell.com) - requires MetroWerks NLM development tools
+ # netware-clib => legacy CLib c-runtime support
+@@ -1300,6 +1342,8 @@
+ $shlib_minor=$2;
+ }
+
++$shared_ldflag .= " -Wl,--version-script=openssl.ld";
++
+ open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
+ unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
+ open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
+@@ -1371,7 +1415,8 @@
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
+ {
+ my $sotmp = $1;
+- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++# s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
+ }
+ elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
+ {
+@@ -1490,7 +1535,7 @@
+ if (/^#define\s+OPENSSLDIR/)
+ { print OUT "#define OPENSSLDIR \"$openssldir\"\n"; }
+ elsif (/^#define\s+ENGINESDIR/)
+- { print OUT "#define ENGINESDIR \"$prefix/lib/engines\"\n"; }
++ { print OUT "#define ENGINESDIR \"$prefix/lib/ssl/engines\"\n"; }
+ elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
+ { printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
+ if $export_var_as_fn;
+--- openssl-0.9.8g.orig/engines/Makefile
++++ openssl-0.9.8g/engines/Makefile
+@@ -97,13 +97,13 @@
+ *DSO_DL*) sfx="sl";; \
+ *) sfx="bad";; \
+ esac; \
+- cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \
++ cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines/lib$$l.$$sfx.new; \
+ else \
+ sfx="so"; \
+ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \
+ fi; \
+- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \
+- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx ); \
++ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines/lib$$l.$$sfx.new; \
++ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines/lib$$l.$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines/lib$$l.$$sfx ); \
+ done; \
+ fi
+
+--- openssl-0.9.8g.orig/engines/openssl.ld
++++ openssl-0.9.8g/engines/openssl.ld
+@@ -0,0 +1,5 @@
++OPENSSL_0.9.8 {
++ global:
++ *;
++};
++
+--- openssl-0.9.8g.orig/tools/c_rehash
++++ openssl-0.9.8g/tools/c_rehash
+@@ -6,7 +6,7 @@
+
+ my $openssl;
+
+-my $dir = "/usr/local/ssl";
++my $dir = "/usr/lib/ssl";
+
+ if(defined $ENV{OPENSSL}) {
+ $openssl = $ENV{OPENSSL};
+@@ -59,12 +59,15 @@
+ }
+ }
+ closedir DIR;
+- FILE: foreach $fname (grep {/\.pem$/} @flist) {
++ FILE: foreach $fname (grep {/\.pem$|\.crt$/} @flist) {
+ # Check to see if certificates and/or CRLs present.
+ my ($cert, $crl) = check_file($fname);
+ if(!$cert && !$crl) {
+- print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
+- next;
++ ($cert, $crl) = check_file("$openssl x509 -in \"$fname\" -inform der -outform pem | ");
++ if(!$cert && !$crl) {
++ print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
++ next;
++ }
+ }
+ link_hash_cert($fname) if($cert);
+ link_hash_crl($fname) if($crl);
+@@ -102,6 +105,9 @@
+ my $fname = $_[0];
+ $fname =~ s/'/'\\''/g;
+ my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
++ if(!$hash || !fprint) {
++ ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname' -inform der`;
++ }
+ chomp $hash;
+ chomp $fprint;
+ $fprint =~ s/^.*=//;
+--- openssl-0.9.8g.orig/tools/c_rehash.in
++++ openssl-0.9.8g/tools/c_rehash.in
+@@ -59,12 +59,15 @@
+ }
+ }
+ closedir DIR;
+- FILE: foreach $fname (grep {/\.pem$/} @flist) {
++ FILE: foreach $fname (grep {/\.pem$|\.crt$/} @flist) {
+ # Check to see if certificates and/or CRLs present.
+ my ($cert, $crl) = check_file($fname);
+ if(!$cert && !$crl) {
+- print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
+- next;
++ ($cert, $crl) = check_file("$openssl x509 -in \"$fname\" -inform der -outform pem | ");
++ if(!$cert && !$crl) {
++ print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
++ next;
++ }
+ }
+ link_hash_cert($fname) if($cert);
+ link_hash_crl($fname) if($crl);
+@@ -102,6 +105,9 @@
+ my $fname = $_[0];
+ $fname =~ s/'/'\\''/g;
+ my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
++ if(!$hash || !fprint) {
++ ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname' -inform der`;
++ }
+ chomp $hash;
+ chomp $fprint;
+ $fprint =~ s/^.*=//;
+--- openssl-0.9.8g.orig/Makefile.shared
++++ openssl-0.9.8g/Makefile.shared
+@@ -151,9 +151,9 @@
+ SHLIB_SUFFIX=; \
+ ALLSYMSFLAGS='-Wl,--whole-archive'; \
+ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
++ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+
+-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
++DO_GNU_APP=LDFLAGS="$(CFLAGS)"
+
+ #This is rather special. It's a special target with which one can link
+ #applications without bothering with any features that have anything to
+--- openssl-0.9.8g.orig/ssl/t1_lib.c
++++ openssl-0.9.8g/ssl/t1_lib.c
+@@ -132,6 +132,10 @@
+ int extdatalen=0;
+ unsigned char *ret = p;
+
++ /* don't add extensions for SSLv3 */
++ if (s->client_version == SSL3_VERSION)
++ return p;
++
+ ret+=2;
+
+ if (ret>=limit) return NULL; /* this really never occurs, but ... */
+@@ -202,6 +206,10 @@
+ int extdatalen=0;
+ unsigned char *ret = p;
+
++ /* don't add extensions for SSLv3 */
++ if (s->version == SSL3_VERSION)
++ return p;
++
+ ret+=2;
+ if (ret>=limit) return NULL; /* this really never occurs, but ... */
+
+--- openssl-0.9.8g.orig/ms/uplink.pl
++++ openssl-0.9.8g/ms/uplink.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # For Microsoft CL this is implemented as inline assembler. So that
+ # even though this script can generate even Win32 code, we'll be
+--- openssl-0.9.8g.orig/config
++++ openssl-0.9.8g/config
+@@ -162,8 +162,8 @@
+ echo "${MACHINE}-whatever-linux1"; exit 0
+ ;;
+
+- GNU*)
+- echo "hurd-x86"; exit 0;
++ GNU:*|GNU/*:*)
++ echo "${MACHINE}-gnuish"; exit 0;
+ ;;
+
+ LynxOS:*)
+--- openssl-0.9.8g.orig/demos/tunala/configure.in
++++ openssl-0.9.8g/demos/tunala/configure.in
+@@ -1,4 +1,4 @@
+-dnl Process this file with autoconf to produce a configure script.
++#!/usr/local/bin/perl
+ AC_INIT(tunala.c)
+ AM_CONFIG_HEADER(config.h)
+ AM_INIT_AUTOMAKE(tunala, 0.0.1-dev)
+--- openssl-0.9.8g.orig/doc/Makefile
++++ openssl-0.9.8g/doc/Makefile
+@@ -0,0 +1,40 @@
++VERSION =
++
++#PODS = $(wildcard *.pod)
++#MANS = $(addsuffix .man, $(basename $(PODS)))
++
++MANS = openssl.1 ssl.3 crypto.3
++
++P2M = pod2man --center='OpenSSL Documentation' --release="OpenSSL $(VERSION)"
++
++all: manpages
++
++.PHONY: manpages
++
++manpages: openssl.1 crypto.3 ssl.3
++
++openssl.1:
++ $(P2M) --section=1 openssl.pod > openssl.1
++
++crypto.3:
++ $(P2M) --section=3 crypto.pod > crypto.3
++
++ssl.3:
++ $(P2M) --section=3 ssl.pod > ssl.3
++
++.PHONY: install
++install:
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p openssl.1 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
++ install -m 644 -p crypto.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ install -m 644 -p ssl.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
++ rm -f $(MANS)
++
++.PHONY: clean
++clean:
++ rm -f $(MANS)
++
++.PHONY: realclean
++realclean:
++ -$(MAKE) clean
+--- openssl-0.9.8g.orig/doc/apps/c_rehash.pod
++++ openssl-0.9.8g/doc/apps/c_rehash.pod
+@@ -0,0 +1,55 @@
++
++=pod
++
++=head1 NAME
++
++c_rehash - Create symbolic links to files named by the hash values
++
++=head1 SYNOPSIS
++
++B<c_rehash>
++[directory] ...
++
++=head1 DESCRIPTION
++
++c_rehash scans directories and takes a hash value of each .pem and .crt file in the directory. It then creates symbolic links for each of the files named by the hash value. This is useful as many programs require directories to be set up like this in order to find the certificates they require.
++
++If any directories are named on the command line then these directories are processed in turn. If not then and the environment variable SSL_CERT_DIR is defined then that is consulted. This variable should be a colon (:) separated list of directories, all of which will be processed. If neither of these conditions are true then /usr/lib/ssl/certs is processed.
++
++For each directory that is to be processed he user must have write permissions on the directory, if they do not then nothing will be printed for that directory.
++
++Note that this program deletes all the symbolic links that look like ones that it creates before processing a directory. Beware that if you run the program on a directory that contains symbolic links for other purposes that are named in the same format as those created by this program they will be lost.
++
++The hashes for certificate files are of the form <hash>.<n> where n is an integer. If the hash value already exists then n will be incremented, unless the file is a duplicate. Duplicates are detected using the fingerprint of the certificate. A warning will be printed if a duplicate is detected. The hashes for CRL files are of the form <hash>.r<n> and have the same behavior.
++
++The program will also warn if there are files with extension .pem which are not certificate or CRL files.
++
++The program uses the openssl program to compute the hashes and fingerprints. It expects the executable to be named openssl and be on the PATH, or in the /usr/lib/ssl/bin directory. If the OPENSSL environment variable is defined then this is used instead as the executable that provides the hashes and fingerprints. When called as $OPENSSL x509 -hash -fingerprint -noout -in $file it must output the hash of $file on the first line followed by the fingerprint on the second line, optionally prefixed with some text and an equals sign (=).
++
++=head1 OPTIONS
++
++None
++
++=head1 ENVIRONMENT
++
++=over 4
++
++=item B<OPENSSL>
++
++The name (and path) of an executable to use to generate hashes and fingerprints (see above).
++
++=item B<SSL_CERT_DIR>
++
++Colon separated list of directories to operate on. Ignored if directories are listed on the command line.
++
++=head1 SEE ALSO
++
++L<openssl(1)|openssl(1)>, L<x509(1)|x509(1)>
++
++=back
++
++=head1 BUGS
++
++No known bugs
++
++=cut
+--- openssl-0.9.8g.orig/Makefile.org
++++ openssl-0.9.8g/Makefile.org
+@@ -104,7 +104,7 @@
+ ZLIB_INCLUDE=
+ LIBZLIB=
+
+-DIRS= crypto ssl engines apps test tools
++DIRS= crypto ssl engines apps tools
+ SHLIBDIRS= crypto ssl
+
+ # dirs in crypto to build
+@@ -125,10 +125,11 @@
+
+ MAKEFILE= Makefile
+
+-MANDIR=$(OPENSSLDIR)/man
++MANDIR=/usr/share/man
+ MAN1=1
+ MAN3=3
+-MANSUFFIX=
++MANSUFFIX=ssl
++MANSECTION=SSL
+ SHELL=/bin/sh
+
+ TOP= .
+@@ -308,7 +309,8 @@
+ echo 'Description: OpenSSL cryptography library'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+ libssl.pc: Makefile
+@@ -321,7 +323,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl'; \
++ echo 'Libs.private: -lcrypto $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+ openssl.pc: Makefile
+@@ -334,7 +337,8 @@
+ echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+ echo 'Version: '$(VERSION); \
+ echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
++ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
++ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+
+ Makefile: Makefile.org Configure config
+@@ -478,7 +482,7 @@
+ install_sw:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib \
+- $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \
++ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/ssl/engines \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+@@ -556,7 +560,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+@@ -573,7 +577,7 @@
+ echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+ (cd `$(PERL) util/dirname.pl $$i`; \
+ sh -c "$$pod2man \
+- --section=$$sec --center=OpenSSL \
++ --section=$${sec}$(MANSECTION) --center=OpenSSL \
+ --release=$(VERSION) `basename $$i`") \
+ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+--- openssl-0.9.8g.orig/openssl.ld
++++ openssl-0.9.8g/openssl.ld
+@@ -0,0 +1,5 @@
++OPENSSL_0.9.8 {
++ global:
++ *;
++};
++
+--- openssl-0.9.8g.orig/crypto/md5/asm/md5-x86_64.pl
++++ openssl-0.9.8g/crypto/md5/asm/md5-x86_64.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # MD5 optimized for AMD64.
+ #
+--- openssl-0.9.8g.orig/crypto/md5/asm/md5-sparcv9.S
++++ openssl-0.9.8g/crypto/md5/asm/md5-sparcv9.S
+@@ -74,14 +74,14 @@
+ #define Dval R8
+
+ #if defined(MD5_BLOCK_DATA_ORDER)
+-# if defined(OPENSSL_SYSNAME_ULTRASPARC)
++/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/
+ # define LOAD lda
+ # define X(i) [%i1+i*4]%asi
+ # define md5_block md5_block_asm_data_order_aligned
+ # define ASI_PRIMARY_LITTLE 0x88
+-# else
++/*# else
+ # error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!"
+-# endif
++# endif*/
+ #else
+ # define LOAD ld
+ # define X(i) [%i1+i*4]
+--- openssl-0.9.8g.orig/crypto/Makefile
++++ openssl-0.9.8g/crypto/Makefile
+@@ -57,7 +57,7 @@
+ echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
+ echo '#endif' ) >buildinf.h
+
+-x86cpuid-elf.s: x86cpuid.pl perlasm/x86asm.pl
++x86cpuid-elf.S: x86cpuid.pl perlasm/x86asm.pl
+ $(PERL) x86cpuid.pl elf $(CFLAGS) $(PROCESSOR) > $@
+ x86cpuid-cof.s: x86cpuid.pl perlasm/x86asm.pl
+ $(PERL) x86cpuid.pl coff $(CFLAGS) $(PROCESSOR) > $@
+@@ -70,7 +70,7 @@
+ uplink-cof.s: ../ms/uplink.pl
+ $(PERL) ../ms/uplink.pl coff > $@
+
+-x86_64cpuid.s: x86_64cpuid.pl
++x86_64cpuid.S: x86_64cpuid.pl
+ $(PERL) x86_64cpuid.pl $@
+ ia64cpuid.s: ia64cpuid.S
+ $(CC) $(CFLAGS) -E ia64cpuid.S > $@
+--- openssl-0.9.8g.orig/crypto/sha/asm/sha1-ia64.pl
++++ openssl-0.9.8g/crypto/sha/asm/sha1-ia64.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+--- openssl-0.9.8g.orig/crypto/sha/asm/sha512-sse2.pl
++++ openssl-0.9.8g/crypto/sha/asm/sha512-sse2.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+--- openssl-0.9.8g.orig/crypto/sha/asm/sha512-ia64.pl
++++ openssl-0.9.8g/crypto/sha/asm/sha512-ia64.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+--- openssl-0.9.8g.orig/crypto/sha/sha.h
++++ openssl-0.9.8g/crypto/sha/sha.h
+@@ -59,6 +59,7 @@
+ #ifndef HEADER_SHA_H
+ #define HEADER_SHA_H
+
++#include <stddef.h>
+ #include <openssl/e_os2.h>
+ #include <stddef.h>
+
+--- openssl-0.9.8g.orig/crypto/rand/md_rand.c
++++ openssl-0.9.8g/crypto/rand/md_rand.c
+@@ -271,7 +271,10 @@
+ else
+ MD_Update(&m,&(state[st_idx]),j);
+
++/*
++ * Don't add uninitialised data.
+ MD_Update(&m,buf,j);
++*/
+ MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
+ MD_Final(&m,local_md);
+ md_c[1]++;
+@@ -465,8 +468,10 @@
+ MD_Update(&m,local_md,MD_DIGEST_LENGTH);
+ MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
+ #ifndef PURIFY
++#if 0 /* Don't add uninitialised data. */
+ MD_Update(&m,buf,j); /* purify complains */
+ #endif
++#endif
+ k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
+ if (k > 0)
+ {
+--- openssl-0.9.8g.orig/crypto/des/asm/desboth.pl
++++ openssl-0.9.8g/crypto/des/asm/desboth.pl
+@@ -16,6 +16,11 @@
+
+ &push("edi");
+
++ &call (&label("pic_point0"));
++ &set_label("pic_point0");
++ &blindpop("ebp");
++ &add ("ebp", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]");
++
+ &comment("");
+ &comment("Load the data words");
+ &mov($L,&DWP(0,"ebx","",0));
+@@ -47,15 +52,21 @@
+ &mov(&swtmp(2), (DWC(($enc)?"1":"0")));
+ &mov(&swtmp(1), "eax");
+ &mov(&swtmp(0), "ebx");
+- &call("DES_encrypt2");
++ &exch("ebx", "ebp");
++ &call("DES_encrypt2\@PLT");
++ &exch("ebx", "ebp");
+ &mov(&swtmp(2), (DWC(($enc)?"0":"1")));
+ &mov(&swtmp(1), "edi");
+ &mov(&swtmp(0), "ebx");
+- &call("DES_encrypt2");
++ &exch("ebx", "ebp");
++ &call("DES_encrypt2\@PLT");
++ &exch("ebx", "ebp");
+ &mov(&swtmp(2), (DWC(($enc)?"1":"0")));
+ &mov(&swtmp(1), "esi");
+ &mov(&swtmp(0), "ebx");
+- &call("DES_encrypt2");
++ &exch("ebx", "ebp");
++ &call("DES_encrypt2\@PLT");
++ &exch("ebx", "ebp");
+
+ &stack_pop(3);
+ &mov($L,&DWP(0,"ebx","",0));
+--- openssl-0.9.8g.orig/crypto/x86cpuid.pl
++++ openssl-0.9.8g/crypto/x86cpuid.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+
+ push(@INC,"perlasm");
+ require "x86asm.pl";
+--- openssl-0.9.8g.orig/crypto/rc4/asm/rc4-x86_64.pl
++++ openssl-0.9.8g/crypto/rc4/asm/rc4-x86_64.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+--- openssl-0.9.8g.orig/crypto/perlasm/x86unix.pl
++++ openssl-0.9.8g/crypto/perlasm/x86unix.pl
+@@ -399,6 +399,29 @@
+ $stack=4;
+ }
+
++sub main'function_begin_B_static
++ {
++ local($func,$extra)=@_;
++
++ &main'external_label($func);
++ $func=$under.$func;
++
++ local($tmp)=<<"EOF";
++.text
++EOF
++ push(@out,$tmp);
++ if ($main'cpp)
++ { push(@out,"TYPE($func,\@function)\n"); }
++ elsif ($main'coff)
++ { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
++ elsif ($main'aout and !$main'pic)
++ { }
++ else { push(@out,".type $func,\@function\n"); }
++ push(@out,".align\t$align\n");
++ push(@out,"$func:\n");
++ $stack=4;
++ }
++
+ sub main'function_end
+ {
+ local($func)=@_;
+@@ -730,7 +753,17 @@
+ {
+ $tmp=<<___;
+ .section .init
++#ifdef OPENSSL_PIC
++ pushl %ebx
++ call .pic_point0
++.pic_point0:
++ popl %ebx
++ addl \$_GLOBAL_OFFSET_TABLE_+[.-.pic_point0],%ebx
++ call $under$f\@PLT
++ popl %ebx
++#else
+ call $under$f
++#endif
+ jmp .Linitalign
+ .align $align
+ .Linitalign:
+--- openssl-0.9.8g.orig/crypto/perlasm/cbc.pl
++++ openssl-0.9.8g/crypto/perlasm/cbc.pl
+@@ -122,7 +122,11 @@
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+- &call($enc_func);
++ &call (&label("pic_point0"));
++ &set_label("pic_point0");
++ &blindpop("ebx");
++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]");
++ &call("$enc_func\@PLT");
+
+ &mov("eax", &DWP($data_off,"esp","",0));
+ &mov("ebx", &DWP($data_off+4,"esp","",0));
+@@ -187,7 +191,11 @@
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+- &call($enc_func);
++ &call (&label("pic_point1"));
++ &set_label("pic_point1");
++ &blindpop("ebx");
++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point1") . "]");
++ &call("$enc_func\@PLT");
+
+ &mov("eax", &DWP($data_off,"esp","",0));
+ &mov("ebx", &DWP($data_off+4,"esp","",0));
+@@ -220,7 +228,11 @@
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put back
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+- &call($dec_func);
++ &call (&label("pic_point2"));
++ &set_label("pic_point2");
++ &blindpop("ebx");
++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point2") . "]");
++ &call("$dec_func\@PLT");
+
+ &mov("eax", &DWP($data_off,"esp","",0)); # get return
+ &mov("ebx", &DWP($data_off+4,"esp","",0)); #
+@@ -263,7 +275,11 @@
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put back
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+- &call($dec_func);
++ &call (&label("pic_point3"));
++ &set_label("pic_point3");
++ &blindpop("ebx");
++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point3") . "]");
++ &call("$dec_func\@PLT");
+
+ &mov("eax", &DWP($data_off,"esp","",0)); # get return
+ &mov("ebx", &DWP($data_off+4,"esp","",0)); #
+--- openssl-0.9.8g.orig/crypto/perlasm/x86_64-xlate.pl
++++ openssl-0.9.8g/crypto/perlasm/x86_64-xlate.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+
+ # Ascetic x86_64 AT&T to MASM assembler translator by <appro>.
+ #
+--- openssl-0.9.8g.orig/crypto/opensslconf.h
++++ openssl-0.9.8g/crypto/opensslconf.h
+@@ -10,6 +10,9 @@
+ #ifndef OPENSSL_NO_GMP
+ # define OPENSSL_NO_GMP
+ #endif
++#ifndef OPENSSL_NO_IDEA
++# define OPENSSL_NO_IDEA
++#endif
+ #ifndef OPENSSL_NO_KRB5
+ # define OPENSSL_NO_KRB5
+ #endif
+@@ -25,11 +28,11 @@
+ #ifndef OPENSSL_NO_SEED
+ # define OPENSSL_NO_SEED
+ #endif
+-#ifndef OPENSSL_NO_TLSEXT
+-# define OPENSSL_NO_TLSEXT
+-#endif
+
+ #endif /* OPENSSL_DOING_MAKEDEPEND */
++#ifndef OPENSSL_THREADS
++# define OPENSSL_THREADS
++#endif
+ #ifndef OPENSSL_NO_DYNAMIC_ENGINE
+ # define OPENSSL_NO_DYNAMIC_ENGINE
+ #endif
+@@ -45,6 +48,9 @@
+ # if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
+ # define NO_GMP
+ # endif
++# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
++# define NO_IDEA
++# endif
+ # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+ # define NO_KRB5
+ # endif
+@@ -60,11 +66,10 @@
+ # if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
+ # define NO_SEED
+ # endif
+-# if defined(OPENSSL_NO_TLSEXT) && !defined(NO_TLSEXT)
+-# define NO_TLSEXT
+-# endif
+ #endif
+
++#define OPENSSL_CPUID_OBJ
++
+ /* crypto/opensslconf.h.in */
+
+ /* Generate 80386 code? */
+@@ -72,8 +77,8 @@
+
+ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+-#define ENGINESDIR "/usr/local/ssl/lib/engines"
+-#define OPENSSLDIR "/usr/local/ssl"
++#define ENGINESDIR "/usr/lib/ssl/engines"
++#define OPENSSLDIR "/usr/lib/ssl"
+ #endif
+ #endif
+
+@@ -104,14 +109,14 @@
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+-#define RC4_INT unsigned int
++#define RC4_INT unsigned char
+ #endif
+ #if !defined(RC4_CHUNK)
+ /*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+-#undef RC4_CHUNK
++#define RC4_CHUNK unsigned long
+ #endif
+ #endif
+
+@@ -119,7 +124,7 @@
+ /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+ #ifndef DES_LONG
+-#define DES_LONG unsigned long
++#define DES_LONG unsigned int
+ #endif
+ #endif
+
+@@ -133,9 +138,9 @@
+ /* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+-#undef SIXTY_FOUR_BIT_LONG
++#define SIXTY_FOUR_BIT_LONG
+ #undef SIXTY_FOUR_BIT
+-#define THIRTY_TWO_BIT
++#undef THIRTY_TWO_BIT
+ #undef SIXTEEN_BIT
+ #undef EIGHT_BIT
+ #endif
+@@ -149,7 +154,7 @@
+
+ #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+ #define CONFIG_HEADER_BF_LOCL_H
+-#undef BF_PTR
++#define BF_PTR2
+ #endif /* HEADER_BF_LOCL_H */
+
+ #if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+@@ -179,7 +184,7 @@
+ /* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+ #ifndef DES_UNROLL
+-#undef DES_UNROLL
++#define DES_UNROLL
+ #endif
+
+ /* These default values were supplied by
+--- openssl-0.9.8g.orig/crypto/pkcs7/pk7_mime.c
++++ openssl-0.9.8g/crypto/pkcs7/pk7_mime.c
+@@ -335,9 +335,9 @@
+
+ if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
+ strcmp(hdr->value, "application/pkcs7-signature")) {
+- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
+ ERR_add_error_data(2, "type: ", hdr->value);
++ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+ sk_BIO_pop_free(parts, BIO_vfree);
+ return NULL;
+ }
+--- openssl-0.9.8g.orig/crypto/bn/asm/ppc.pl
++++ openssl-0.9.8g/crypto/bn/asm/ppc.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # Implemented as a Perl wrapper as we want to support several different
+ # architectures with single file. We pick up the target based on the
+--- openssl-0.9.8g.orig/crypto/x86_64cpuid.pl
++++ openssl-0.9.8g/crypto/x86_64cpuid.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+
+ $output=shift;
+ $win64a=1 if ($output =~ /win64a\.[s|asm]/);
+@@ -134,5 +134,9 @@
+ .size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid
+
+ .section .init
++#ifdef OPENSSL_PIC
++ call OPENSSL_cpuid_setup\@PLT
++#else
+ call OPENSSL_cpuid_setup
++#endif
+ ___
+--- openssl-0.9.8g.orig/crypto/aes/asm/aes-586.pl
++++ openssl-0.9.8g/crypto/aes/asm/aes-586.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env perl
++#!/usr/local/bin/perl
+ #
+ # ====================================================================
+ # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+@@ -250,7 +250,7 @@
+ sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } }
+
+ &public_label("AES_Te");
+-&function_begin_B("_x86_AES_encrypt");
++&function_begin_B_static("_x86_AES_encrypt");
+ if ($vertical_spin) {
+ # I need high parts of volatile registers to be accessible...
+ &exch ($s1="edi",$key="ebx");
+@@ -539,7 +539,7 @@
+ }
+
+ &public_label("AES_Td");
+-&function_begin_B("_x86_AES_decrypt");
++&function_begin_B_static("_x86_AES_decrypt");
+ # note that caller is expected to allocate stack frame for me!
+ &mov (&DWP(12,"esp"),$key); # save key
+
+@@ -1460,15 +1460,22 @@
+ &public_label("AES_Td");
+ &public_label("AES_Te");
+ &function_begin_B("AES_set_decrypt_key");
++ &push ("ebx");
+ &mov ("eax",&wparam(0));
+ &mov ("ecx",&wparam(1));
+ &mov ("edx",&wparam(2));
+ &sub ("esp",12);
++
++ &call (&label("pic_point0"));
++ &set_label("pic_point0");
++ &blindpop("ebx");
++ &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]");
+ &mov (&DWP(0,"esp"),"eax");
+ &mov (&DWP(4,"esp"),"ecx");
+ &mov (&DWP(8,"esp"),"edx");
+- &call ("AES_set_encrypt_key");
++ &call ("AES_set_encrypt_key\@PLT");
+ &add ("esp",12);
++ &pop ("ebx");
+ &cmp ("eax",0);
+ &je (&label("proceed"));
+ &ret ();
+--- openssl-0.9.8g.orig/crypto/asn1/charmap.pl
++++ openssl-0.9.8g/crypto/asn1/charmap.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ use strict;
+
+--- openssl-0.9.8g.orig/util/mkerr.pl
++++ openssl-0.9.8g/util/mkerr.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ my $config = "crypto/err/openssl.ec";
+ my $debug = 0;
+--- openssl-0.9.8g.orig/util/clean-depend.pl
++++ openssl-0.9.8g/util/clean-depend.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ # Clean the dependency list in a makefile of standard includes...
+ # Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
+
+--- openssl-0.9.8g.orig/util/extract-names.pl
++++ openssl-0.9.8g/util/extract-names.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+
+ $/ = ""; # Eat a paragraph at once.
+ while(<STDIN>) {
+--- openssl-0.9.8g.orig/util/pod2man.pl
++++ openssl-0.9.8g/util/pod2man.pl
+@@ -1,4 +1,4 @@
+-: #!/usr/bin/perl-5.005
++#!/usr/local/bin/perl
+ eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
+ if $running_under_some_shell;
+
+--- openssl-0.9.8g.orig/util/mkstack.pl
++++ openssl-0.9.8g/util/mkstack.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+
+ # This is a utility that searches out "DECLARE_STACK_OF()"
+ # declarations in .h and .c files, and updates/creates/replaces
+--- openssl-0.9.8g.orig/util/selftest.pl
++++ openssl-0.9.8g/util/selftest.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # Run the test suite and generate a report
+ #
+--- openssl-0.9.8g.orig/util/extract-section.pl
++++ openssl-0.9.8g/util/extract-section.pl
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl
++#!/usr/local/bin/perl
+
+ while(<STDIN>) {
+ if (/=for\s+comment\s+openssl_manual_section:(\S+)/)
+--- openssl-0.9.8g.orig/util/pl/netware.pl
++++ openssl-0.9.8g/util/pl/netware.pl
+@@ -1,4 +1,4 @@
+-# Metrowerks Codewarrior for NetWare
++#!/usr/local/bin/perl
+ #
+
+ # The import files and other misc imports needed to link
+--- openssl-0.9.8g.orig/util/mkdef.pl
++++ openssl-0.9.8g/util/mkdef.pl
+@@ -1,4 +1,4 @@
+-#!/usr/local/bin/perl -w
++#!/usr/local/bin/perl
+ #
+ # generate a .def file
+ #