From 0ab5f71614b21d814aa1c4cd650d7e7e038e7792 Mon Sep 17 00:00:00 2001
From: Felix Fietkau <nbd@openwrt.org>
Date: Fri, 29 Sep 2006 17:28:27 +0000
Subject: [PATCH] sync openssl in wr and ng, update to 0.9.8d for security
 fixes

SVN-Revision: 4873
---
 openwrt/package/openssl/Makefile              | 30 +++----
 .../patches/110-optimize-for-size.patch       | 27 +++---
 .../openssl/patches/140-makefile-dirs.patch   | 11 +++
 .../openssl/patches/150-no_engines.patch      | 83 +++++++++++++++++++
 .../openssl/patches/150-remove-fips.patch     |  0
 .../patches/160-disable_doc_tests.patch       | 74 +++++++----------
 6 files changed, 150 insertions(+), 75 deletions(-)
 create mode 100644 openwrt/package/openssl/patches/150-no_engines.patch
 delete mode 100644 openwrt/package/openssl/patches/150-remove-fips.patch

diff --git a/openwrt/package/openssl/Makefile b/openwrt/package/openssl/Makefile
index 4a938d36e5..f86d960e78 100644
--- a/openwrt/package/openssl/Makefile
+++ b/openwrt/package/openssl/Makefile
@@ -3,9 +3,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
-PKG_VERSION:=0.9.7k
-PKG_RELEASE:=3
-PKG_MD5SUM:=be6bba1d67b26eabb48cf1774925416f
+PKG_VERSION:=0.9.8d
+PKG_RELEASE:=1
+PKG_MD5SUM:=8ed1853538e1d05a1f5ada61ebf8bffa
 
 PKG_SOURCE_URL:=http://www.openssl.org/source/ \
 	ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/source/ \
@@ -17,7 +17,9 @@ PKG_CAT:=zcat
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install
 
-OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5
+OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-rmd160 no-aes192
+OPENSSL_OPTIONS:= shared no-ec no-err no-fips no-hw no-krb5 no-threads zlib-dynamic no-engines
+
 
 include $(TOPDIR)/package/rules.mk
 
@@ -27,16 +29,16 @@ $(eval $(call PKG_template,OPENSSL_UTIL,openssl-util,$(PKG_VERSION)-$(PKG_RELEAS
 .NOTPARALLEL:
 
 $(PKG_BUILD_DIR)/.configured:
-	$(SED) 's,/CFLAG=,/CFLAG= $(TARGET_SOFT_FLOAT) ,g' $(PKG_BUILD_DIR)/Configure
 	(cd $(PKG_BUILD_DIR); \
 		PATH=$(TARGET_PATH) \
-		./Configure linux-$(ARCH) \
-		  --prefix=/usr \
-		  --openssldir=/etc/ssl \
-		  -I$(STAGING_DIR)/usr/include \
-		  -L$(STAGING_DIR)/usr/lib -ldl \
-		  $(OPENSSL_NO_CIPHERS) \
-		  shared no-asm no-ec no-engine no-err no-fips no-hw no-krb5 no-threads zlib-dynamic \
+		./Configure linux-openwrt \
+			--prefix=/usr \
+			--openssldir=/etc/ssl \
+			-I$(STAGING_DIR)/usr/include \
+			-L$(STAGING_DIR)/usr/lib -ldl \
+			-DOPENSSL_SMALL_FOOTPRINT \
+			$(OPENSSL_NO_CIPHERS) \
+			$(OPENSSL_OPTIONS) \
 	)
 	touch $@
 
@@ -48,7 +50,7 @@ $(PKG_BUILD_DIR)/.built:
 		depend
 	$(MAKE) -C $(PKG_BUILD_DIR) -j1 \
 		CC="$(TARGET_CC)" \
-		CCOPTS="$(TARGET_CFLAGS) -fomit-frame-pointer" \
+		OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
 		AR="$(TARGET_CROSS)ar r" \
 		RANLIB="$(TARGET_CROSS)ranlib" \
 		all build-shared
@@ -56,7 +58,7 @@ $(PKG_BUILD_DIR)/.built:
 	-rm $(PKG_BUILD_DIR)/libssl.so.*.*.*
 	$(MAKE) -C $(PKG_BUILD_DIR) -j1 \
 		CC=$(TARGET_CC) \
-		CCOPTS="$(TARGET_CFLAGS) -fomit-frame-pointer" \
+		OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
 		do_linux-shared
 	$(MAKE) -C $(PKG_BUILD_DIR) -j1 \
 		INSTALL_PREFIX="$(PKG_INSTALL_DIR)" \
diff --git a/openwrt/package/openssl/patches/110-optimize-for-size.patch b/openwrt/package/openssl/patches/110-optimize-for-size.patch
index 13375c8248..8c78b6a01c 100644
--- a/openwrt/package/openssl/patches/110-optimize-for-size.patch
+++ b/openwrt/package/openssl/patches/110-optimize-for-size.patch
@@ -1,15 +1,12 @@
-diff -Nur openssl-0.9.7g/Configure openssl-0.9.7g-Os/Configure
---- openssl-0.9.7g/Configure	2005-04-07 18:06:01.000000000 +0200
-+++ openssl-0.9.7g-Os/Configure	2005-05-01 00:13:09.000000000 +0200
-@@ -401,8 +401,9 @@
- "debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
--"linux-mipsel",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
--"linux-mips",   "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mipsel",   "gcc:-DL_ENDIAN -DTERMIO \$(CCOPTS) -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-mips",   "gcc:-DB_ENDIAN -DTERMIO \$(CCOPTS) -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-i386",	"gcc:-DL_ENDIAN -DTERMIO \$(CCOPTS) -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-ppc",    "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc32.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- # -bpowerpc64-linux is transient option, -m64 should be the one to use...
- "linux-ppc64",  "gcc:-bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-bpowerpc64-linux:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+diff -ur openssl-0.9.8a/Configure openssl-0.9.8a-owrt/Configure
+--- openssl-0.9.8a/Configure	2005-08-02 12:59:42.000000000 +0200
++++ openssl-0.9.8a-owrt/Configure	2006-03-23 14:16:35.000000000 +0100
+@@ -353,6 +353,8 @@
+ "linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
+ "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
++# OpenWrt targets
++"linux-openwrt","gcc:-DTERMIO \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ 
+ #### *BSD [do see comment about ${BSDthreads} above!]
+ "BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/openwrt/package/openssl/patches/140-makefile-dirs.patch b/openwrt/package/openssl/patches/140-makefile-dirs.patch
index e69de29bb2..89022e0c6c 100644
--- a/openwrt/package/openssl/patches/140-makefile-dirs.patch
+++ b/openwrt/package/openssl/patches/140-makefile-dirs.patch
@@ -0,0 +1,11 @@
+--- openssl-0.9.8a/Makefile.org	2006-02-21 20:57:45.000000000 -0800
++++ openssl-0.9.8a-new/Makefile.org	2006-02-21 21:37:11.000000000 -0800
+@@ -100,7 +100,7 @@
+ KRB5_INCLUDES=
+ LIBKRB5=
+ 
+-DIRS=   crypto ssl engines apps test tools
++DIRS=   crypto ssl apps
+ SHLIBDIRS= crypto ssl
+ 
+ # dirs in crypto to build
diff --git a/openwrt/package/openssl/patches/150-no_engines.patch b/openwrt/package/openssl/patches/150-no_engines.patch
new file mode 100644
index 0000000000..b928fbcc61
--- /dev/null
+++ b/openwrt/package/openssl/patches/150-no_engines.patch
@@ -0,0 +1,83 @@
+diff -udrNP openssl-0.9.8-stable-SNAP-20050703.orig/util/libeay.num openssl-0.9.8-stable-SNAP-20050703/util/libeay.num
+--- openssl-0.9.8-stable-SNAP-20050703.orig/util/libeay.num	2005-07-04 00:27:14.653639088 +0200
++++ openssl-0.9.8-stable-SNAP-20050703/util/libeay.num	2005-07-04 22:50:07.986576664 +0200
+@@ -2071,7 +2071,6 @@
+ UI_add_error_string                     2633	EXIST::FUNCTION:
+ KRB5_CHECKSUM_free                      2634	EXIST::FUNCTION:
+ OCSP_REQUEST_get_ext                    2635	EXIST::FUNCTION:
+-ENGINE_load_ubsec                       2636	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ ENGINE_register_all_digests             2637	EXIST::FUNCTION:ENGINE
+ PKEY_USAGE_PERIOD_it                    2638	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKEY_USAGE_PERIOD_it                    2638	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+@@ -2545,7 +2544,6 @@
+ AES_set_encrypt_key                     3024	EXIST::FUNCTION:AES
+ OCSP_resp_count                         3025	EXIST::FUNCTION:
+ KRB5_CHECKSUM_new                       3026	EXIST::FUNCTION:
+-ENGINE_load_cswift                      3027	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ OCSP_onereq_get0_id                     3028	EXIST::FUNCTION:
+ ENGINE_set_default_ciphers              3029	EXIST::FUNCTION:ENGINE
+ NOTICEREF_it                            3030	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+@@ -2576,7 +2574,6 @@
+ i2d_EXTENDED_KEY_USAGE                  3052	EXIST::FUNCTION:
+ i2d_OCSP_SIGNATURE                      3053	EXIST::FUNCTION:
+ asn1_enc_save                           3054	EXIST::FUNCTION:
+-ENGINE_load_nuron                       3055	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ _ossl_old_des_pcbc_encrypt              3056	EXIST::FUNCTION:DES
+ PKCS12_MAC_DATA_it                      3057	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ PKCS12_MAC_DATA_it                      3057	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+@@ -2600,7 +2597,6 @@
+ i2d_KRB5_CHECKSUM                       3072	EXIST::FUNCTION:
+ ENGINE_set_table_flags                  3073	EXIST::FUNCTION:ENGINE
+ AES_options                             3074	EXIST::FUNCTION:AES
+-ENGINE_load_chil                        3075	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ OCSP_id_cmp                             3076	EXIST::FUNCTION:
+ OCSP_BASICRESP_new                      3077	EXIST::FUNCTION:
+ OCSP_REQUEST_get_ext_by_NID             3078	EXIST::FUNCTION:
+@@ -2667,7 +2663,6 @@
+ OCSP_CRLID_it                           3127	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ i2d_KRB5_AUTHENTBODY                    3128	EXIST::FUNCTION:
+ OCSP_REQUEST_get_ext_count              3129	EXIST::FUNCTION:
+-ENGINE_load_atalla                      3130	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ X509_NAME_it                            3131	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ X509_NAME_it                            3131	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ USERNOTICE_it                           3132	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+@@ -2762,8 +2757,6 @@
+ DES_read_password                       3207	EXIST::FUNCTION:DES
+ UI_UTIL_read_pw                         3208	EXIST::FUNCTION:
+ UI_UTIL_read_pw_string                  3209	EXIST::FUNCTION:
+-ENGINE_load_aep                         3210	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+-ENGINE_load_sureware                    3211	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ OPENSSL_add_all_algorithms_noconf       3212	EXIST:!VMS:FUNCTION:
+ OPENSSL_add_all_algo_noconf             3212	EXIST:VMS:FUNCTION:
+ OPENSSL_add_all_algorithms_conf         3213	EXIST:!VMS:FUNCTION:
+@@ -2772,7 +2765,6 @@
+ AES_ofb128_encrypt                      3215	EXIST::FUNCTION:AES
+ AES_ctr128_encrypt                      3216	EXIST::FUNCTION:AES
+ AES_cfb128_encrypt                      3217	EXIST::FUNCTION:AES
+-ENGINE_load_4758cca                     3218	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ _ossl_096_des_random_seed               3219	EXIST::FUNCTION:DES
+ EVP_aes_256_ofb                         3220	EXIST::FUNCTION:AES
+ EVP_aes_192_ofb                         3221	EXIST::FUNCTION:AES
+@@ -3107,7 +3099,6 @@
+ STORE_method_set_modify_function        3530	EXIST:!VMS:FUNCTION:
+ STORE_meth_set_modify_fn                3530	EXIST:VMS:FUNCTION:
+ STORE_parse_attrs_next                  3531	EXIST::FUNCTION:
+-ENGINE_load_padlock                     3532	EXIST::FUNCTION:ENGINE
+ EC_GROUP_set_curve_name                 3533	EXIST::FUNCTION:EC
+ X509_CERT_PAIR_it                       3534	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ X509_CERT_PAIR_it                       3534	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+diff -udrNP openssl-0.9.8-stable-SNAP-20050703.orig/Configure openssl-0.9.8-stable-SNAP-20050703/Configure
+--- openssl-0.9.8-stable-SNAP-20050703.orig/Configure	2005-07-04 00:27:11.169168808 +0200
++++ openssl-0.9.8-stable-SNAP-20050703/Configure	2005-07-05 00:02:12.590136992 +0200
+@@ -1623,6 +1624,11 @@
+ 	close(OUT);
+   }
+   
++# ugly hack to disable engines
++if($target eq "mingwx") {
++	system("sed -e s/^LIB/XLIB/g -i engines/Makefile");
++}
++  
+ print <<EOF;
+ 
+ Configured for $target.
diff --git a/openwrt/package/openssl/patches/150-remove-fips.patch b/openwrt/package/openssl/patches/150-remove-fips.patch
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/openwrt/package/openssl/patches/160-disable_doc_tests.patch b/openwrt/package/openssl/patches/160-disable_doc_tests.patch
index fc9e6efc59..27e2033475 100644
--- a/openwrt/package/openssl/patches/160-disable_doc_tests.patch
+++ b/openwrt/package/openssl/patches/160-disable_doc_tests.patch
@@ -1,25 +1,25 @@
-diff -Nur openssl-0.9.7k.orig/Makefile openssl-0.9.7k/Makefile
---- openssl-0.9.7k.orig/Makefile	2006-09-05 10:40:05.000000000 +0200
-+++ openssl-0.9.7k/Makefile	2006-09-06 18:09:28.000000000 +0200
-@@ -196,7 +196,7 @@
- # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
- SHLIB_MARK=
- 
--DIRS=   crypto fips-1.0 ssl $(SHLIB_MARK) apps test tools
-+DIRS=   crypto fips-1.0 ssl $(SHLIB_MARK) apps tools
+diff -urN openssl-0.9.8a/Makefile openssl-0.9.8a.new/Makefile
+--- openssl-0.9.8a/Makefile	2005-10-11 12:21:48.000000000 +0200
++++ openssl-0.9.8a.new/Makefile	2006-03-29 15:23:28.107586680 +0200
+@@ -102,7 +102,7 @@
+ KRB5_INCLUDES=
+ LIBKRB5=
+ 
+-DIRS=   crypto ssl engines apps test tools
++DIRS=   crypto ssl engines apps tools
  SHLIBDIRS= crypto ssl
  
  # dirs in crypto to build
-@@ -211,7 +211,7 @@
+@@ -119,7 +119,7 @@
  
  # tests to perform.  "alltests" is a special word indicating that all tests
  # should be performed.
 -TESTS = alltests
-+TESTS =
++TESTS = 
  
  MAKEFILE= Makefile
  
-@@ -223,7 +223,7 @@
+@@ -131,7 +131,7 @@
  
  TOP=    .
  ONEDIRS=out tmp
@@ -28,48 +28,30 @@ diff -Nur openssl-0.9.7k.orig/Makefile openssl-0.9.7k/Makefile
  WDIRS=  windows
  LIBS=   libcrypto.a libssl.a
  SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
-@@ -781,7 +781,7 @@
+@@ -204,7 +204,7 @@
+ 	@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
+ 
+ sub_all: build_all
+-build_all: build_libs build_apps build_tests build_tools
++build_all: build_libs build_apps build_tools
+ 
+ build_libs: build_crypto build_ssl build_engines
+ 
+@@ -454,7 +454,7 @@
  dist_pem_h:
- 	(cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
+ 	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
  
 -install: all install_docs install_sw
 +install: all install_sw
  
  install_sw:
  	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
-diff -Nur openssl-0.9.7k.orig/Makefile.org openssl-0.9.7k/Makefile.org
---- openssl-0.9.7k.orig/Makefile.org	2006-04-24 15:32:57.000000000 +0200
-+++ openssl-0.9.7k/Makefile.org	2006-09-06 18:10:05.000000000 +0200
-@@ -194,7 +194,7 @@
- # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
- SHLIB_MARK=
- 
--DIRS=   crypto fips-1.0 ssl $(SHLIB_MARK) apps test tools
-+DIRS=   crypto ssl apps
- SHLIBDIRS= crypto ssl
- 
- # dirs in crypto to build
-@@ -209,7 +209,7 @@
- 
- # tests to perform.  "alltests" is a special word indicating that all tests
- # should be performed.
--TESTS = alltests
-+TESTS =
- 
- MAKEFILE= Makefile
- 
-@@ -221,7 +221,7 @@
- 
- TOP=    .
- ONEDIRS=out tmp
--EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep VMS
-+EDIRS=  times bugs util include certs ms shlib mt demos perl sf dep VMS
- WDIRS=  windows
- LIBS=   libcrypto.a libssl.a
- SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
-@@ -779,7 +779,7 @@
+diff -urN openssl-0.9.8b/Makefile.org openssl-0.9.8b.new/Makefile.org
+--- openssl-0.9.8b/Makefile.org	2006-09-01 19:34:51.000000000 +0200
++++ openssl-0.9.8b.new/Makefile.org	2006-09-01 19:36:38.000000000 +0200
+@@ -473,7 +473,7 @@
  dist_pem_h:
- 	(cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
+ 	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
  
 -install: all install_docs install_sw
 +install: all install_sw
-- 
2.30.2